i have a problem:
I encrypt data, and encode it in base64..after, i send it to my page php and it decode and decrypt data. OK!
Now, if i encrypt and encode data in php and send it to my application, my app decode data and decrypt data, but the result is half of length of string. Look this:
PLAINTEXT: xLxE9sY8vkBTGDpvz0DkLkejLSjuVhBq
CHIPER FROM SERVER: jp6gtdy/tf8mnQoeZCQjPuauq089eJvmns0DP4kvDzw=
DECRYPT CHIPER SERVER IN MY APP: xLxE9sY8vkBTGDpv <— IT’S HALF!!!!
But if i encrypt the plaintext in my app, the result is different:
CHIPER FROM APP: jp6gtdy/tf8mnQoeZCQjPuauq089eJvmns0DP4kvDzzjd4QC2afnXreH/VpUo/Mw
CHIPER FROM SERVER: jp6gtdy/tf8mnQoeZCQjPuauq089eJvmns0DP4kvDzw=
and decrypt is ok:
DECRYPT CHIPER APP: xLxE9sY8vkBTGDpvz0DkLkejLSjuVhBq
Now, i have used a online tool with the 2 chyper text..and the result is the same!! the plaintext!!! TRY!!! (http://www.tools4noobs.com/online_tools/decrypt/) !?!?!?!
My function in my app is this:
+ (NSData*)decryptData:(NSData*)data key:(NSData*)key iv:(NSData*)iv;
{
NSData* result = nil;
// setup key
unsigned char cKey[FBENCRYPT_KEY_SIZE];
bzero(cKey, sizeof(cKey));
[key getBytes:cKey length:FBENCRYPT_KEY_SIZE];
// setup iv
char cIv[FBENCRYPT_BLOCK_SIZE];
bzero(cIv, FBENCRYPT_BLOCK_SIZE);
if (iv) {
[iv getBytes:cIv length:FBENCRYPT_BLOCK_SIZE];
}
// setup output buffer
size_t bufferSize = [data length] + FBENCRYPT_BLOCK_SIZE;
void *buffer = malloc(bufferSize);
// do decrypt
size_t decryptedSize = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
FBENCRYPT_ALGORITHM,
kCCOptionPKCS7Padding,
cKey,
FBENCRYPT_KEY_SIZE,
cIv,
[data bytes],
[data length],
buffer,
bufferSize,
&decryptedSize);
if (cryptStatus == kCCSuccess) {
result = [NSData dataWithBytesNoCopy:buffer length:decryptedSize];
} else {
free(buffer);
NSLog(@"[ERROR] failed to decrypt| CCCryptoStatus: %d", cryptStatus);
}
return result;
}
This function first decode and after decrypt:
+ (NSString*)decryptBase64String:(NSString*)encryptedBase64String keyString:(NSString*)keyString
{
NSData* encryptedData = [NSData dataFromBase64String:encryptedBase64String];
NSData* data = [self decryptData:encryptedData
key:[keyString dataUsingEncoding:NSUTF8StringEncoding]
iv:nil];
if (data) {
return [[[NSString alloc] initWithData:data
encoding:NSUTF8StringEncoding] autorelease];
} else {
return nil;
}
}
Decode function:
+ (NSData *)dataFromBase64String:(NSString *)aString
{
NSData *data = [aString dataUsingEncoding:NSASCIIStringEncoding];
size_t outputLength;
void *outputBuffer = NewBase64Decode([data bytes], [data length], &outputLength);
NSData *result = [NSData dataWithBytes:outputBuffer length:outputLength];
free(outputBuffer);
return result;
}
void *NewBase64Decode(
const char *inputBuffer,
size_t length,
size_t *outputLength)
{
if (length == -1)
{
length = strlen(inputBuffer);
}
size_t outputBufferSize =
((length+BASE64_UNIT_SIZE-1) / BASE64_UNIT_SIZE) * BINARY_UNIT_SIZE;
unsigned char *outputBuffer = (unsigned char *)malloc(outputBufferSize);
size_t i = 0;
size_t j = 0;
while (i < length)
{
//
// Accumulate 4 valid characters (ignore everything else)
//
unsigned char accumulated[BASE64_UNIT_SIZE];
size_t accumulateIndex = 0;
while (i < length)
{
unsigned char decode = base64DecodeLookup[inputBuffer[i++]];
if (decode != xx)
{
accumulated[accumulateIndex] = decode;
accumulateIndex++;
if (accumulateIndex == BASE64_UNIT_SIZE)
{
break;
}
}
}
//
// Store the 6 bits from each of the 4 characters as 3 bytes
//
// (Uses improved bounds checking suggested by Alexandre Colucci)
//
if(accumulateIndex >= 2)
outputBuffer[j] = (accumulated[0] << 2) | (accumulated[1] >> 4);
if(accumulateIndex >= 3)
outputBuffer[j + 1] = (accumulated[1] << 4) | (accumulated[2] >> 2);
if(accumulateIndex >= 4)
outputBuffer[j + 2] = (accumulated[2] << 6) | accumulated[3];
j += accumulateIndex - 1;
}
if (outputLength)
{
*outputLength = j;
}
return outputBuffer;
}
The string is 32 bytes in length, this is two blocks in size. The Base64 is also 32 bytes in length so no padding was added, there is no space for padding so it is not PKCS7 padded, remove the kCCOptionPKCS7Padding option.