I’m using CommonCrypto for encryption in Objective-C (AES256) and I’d like to provide an IV (initialization vector) for a more secure encryption. I’m currently doing this:
const void* iv = malloc(kCCBlockSizeAES128);
// EDIT:
//if (!iv) {
// iv = NULL;
//}
and then I create the cryptor object:
CCCryptorRef cryptor;
CCCryptorStatus cryptStatus = CCCryptorCreate(operation, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
iv,
&cryptor);
The problem is that encryption this way seems to fail (sad face…). I mean: it encrypts with no apparent problem, but it decrypts data different than the original. I though this would work because when you malloc() memory, it is not written all to zeros, it is random. I also tried writing random values myself but my C background is failing really hard. If there is a function (like bzero) that writes random bytes please tell me.
I also tried doing something like this:
char* iv = malloc(kCCBlockSizeAES128);
int i;
srand((unsigned int)time(NULL));
for (i = 0; i < kCCBlockSizeAES128; i++) {
iv[i] = (char)rand()%256;
}
Ohh, by the way, I realise this must be a very nooby question 🙂
In the end all I want is something like const void* iv = malloc(kCCBlockSizeAES128) that after some operations I am sure it’s data is completely random. Any ideas on that?
PS: I only provided the crypto/Objective-C background so you know what I need this for. I think that won’t influence a thing. kCCBlockSizeAES128 = 16 (90% sure 🙂
EDIT:
Allright! After some deugging I’m happy to announce that the problem I was having with the encryption & decryption was due to a bug in another part of my program I have now solved. So all I need to figure now is how to fill the iv with random bytes. Some options:
- Use malloc(), which returns junk, not random bytes -> potentially insecure (?)
- Use arc4random_buf(), which is exactly what I want except it only works 10.7+ and my mac is 10.6.6 (plus I want to support 10.6)
- Something else I haven’t considered…? <– help here!
EDIT 2:
Allright! After filling the iv with some test data (all zeros, all ones, etc) and some more deugging I’m NOT happy to announce that ccrypto doesn’t seem to be working in some conditions. I’ll explain how:
Whenever I feed the crypto a zeroed iv or NULL (same thing for crypto) it works. For example, this works well when encrypting and decrypting:
uint8_t iv[kCCBlockSizeAES128];
int i;
for (i = 0; i < kCCBlockSizeAES128; i++) {
iv[i] = 0x0; // I know this is the same as doing: memset((void *)iv, 0x0, (size_t)sizeof(iv));
}
CCCryptorRef cryptor;
CCCryptorStatus cryptStatus = CCCryptorCreate(operation, kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
(const void *)keyPtr, kCCKeySizeAES256,
iv,
&cryptor);
BUT when I feed him a iv in which at least ONE of it’s bytes is NOT zero, encryption/decryption do not provide errors but decrypting doesn’t yield the original data. For example, this…
uint8_t iv[kCCBlockSizeAES128];
int i;
for (i = 0; i < kCCBlockSizeAES128; i++) {
iv[i] = 0x1;
}
or for completely random data…
uint8_t iv[kCCBlockSizeAES128];
int i;
for (i = 0; i < kCCBlockSizeAES128; i++) {
iv[i] = arc4random() % 256;
}
…won’t work.
I do not understand this logic one single bit… Any ideas?
You can use
arc4random_bufto fill the buffer with random data:Also, the memory block returned by
malloc(as with any uninitialised memory) is filled with garbage. You should not assume that it will be filled with anything, especially not cryptographically useful random numbers.