Home/ Questions/Q 8997705
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T23:55:31+00:00

I am doing file encryption and Decryption using the following code, – (NSData *)

  • 0

I am doing file encryption and Decryption using the following code,

- (NSData *) AESEncrypt:(NSString *)key withData:(NSData *)fileData {

    // 'key' should be 32 bytes for AES256, will be null-padded otherwise
    char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)

    // fetch key data
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];

    NSUInteger dataLength = [fileData length];

    //See the doc: For block ciphers, the output size will always be less than or
    //equal to the input size plus the size of one block.
    //That's why we need to add the size of one block here
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);

    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,keyPtr, kCCKeySizeAES256,
                                          NULL /* initialization vector (optional) */,
                                          [fileData bytes], dataLength, /* input */
                                          buffer, bufferSize, /* output */
                                          &numBytesEncrypted);
    if (cryptStatus == kCCSuccess) {
        //the returned NSData takes ownership of the buffer and will free it on deallocation
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
    }

    free(buffer); //free the buffer;
    return nil;
}

and decryption using 

- (NSData *) AESDecrypt:(NSString *)key withData:(NSData *)fileData {

    // 'key' should be 32 bytes for AES256, will be null-padded otherwise
    char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)

    // fetch key data
    //[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];

    NSUInteger dataLength = [fileData length];

    //See the doc: For block ciphers, the output size will always be less than or
    //equal to the input size plus the size of one block.
    //That's why we need to add the size of one block here
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);

    size_t numBytesDecrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,keyPtr, kCCKeySizeAES256,                          NULL /* initialization vector (optional) */,
                                          [fileData bytes], dataLength, /* input */
                                          buffer, bufferSize, /* output */
                                          &numBytesDecrypted);

    if (cryptStatus == kCCSuccess) {
        //the returned NSData takes ownership of the buffer and will free it on deallocation
        return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
    }

    free(buffer); //free the buffer;
    return nil;
}

Which works fine. But looks like it is using AES256 , but I want to change it to AES128 so I changed the first line from char keyPtr[kCCKeySizeAES256+1]; to char keyPtr[kCCKeySizeAES128+1]; .

Fi I change so, only encryption is working. Decryption is not working fine. Can anybody tell me why ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    One problem is that you confuse a key with a string of characters. A key is not a string, it is binary data. You fill with zero’s, but the key may contain zero’s as well, so any terminator is out of place.

    If you want to create a key from a password, choose a character-encoding, convert your password to that encoding and feed the result together with a salt and iteration count in a function like PBKDF2.

    • 0