ㄷㅣㅆㅣ's Amusement

[iOS/Objective-C] AES/CBC/NoPadding using CCCRypt 본문

Programming/iOS

[iOS/Objective-C] AES/CBC/NoPadding using CCCRypt

ㄷㅣㅆㅣ 2015. 12. 16. 14:30

[iOS/Objective-C] AES/CBC/NoPadding using CCCRypt

반응형

Here is the simplest way to encrypt/decrypt using CCCRypt on iOS

오늘은... iOS에서 CCCRypt를 이용하여 encrypt/decrypt하는 간단한 방법에 대해서 포스팅해볼까 합니다.


I had to decrypt json string which is encrypted AES128/CBC-mode/NoPadding. but in iOS, there's no "NoPadding" option, you will hesitate which option you use. 

우선... 이 프로젝트를 시작한 계기는.. 서버에서 AES128로 CBC모드에 NoPadding으로 암호화된 json string을 내려주기 때문에 이것을 맞춰주려고 한거였는데, 이노무 CBC/NoPadding이 문제였음.


To tell the truth, you can just use CCCRypt.

결론부터 말하면, 그냥 쓰면 됨;;;


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
- (NSData *)AES128DecryptWithData:(NSData *)data {
    size_t bufferSize = data.length + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);
    
    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, // choose encrypt or decrypt
                                          kCCAlgorithmAES128, // AES
                                          kCCOptionPKCS7Padding | kCCModeCBC, // padding option. but it is not matter, and CBC is default seated so you can skip.  
                                          CRYPTO_KEY.bytes, CRYPTO_KEY.length, // KEY
                                          CRYPTO_IV.bytes /* initialization vector (optional) */,
                                          data.bytes, data.length, /* input */
                                          buffer, bufferSize, /* output */
                                          &numBytesEncrypted);
    if (cryptStatus == kCCSuccess) {
        //the returned NSData takes ownership of the buffer and will free it on deallocation
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
    }
    
    free(buffer); //free the buffer;
    return nil;
}
 
cs





How about encrypt?

자.. 그럼 encrypt할때에는??


it is totally same with decryption. but you have to add the AES padding (make total byte array size to multiple of 16)

decrypt할때랑 완전히 똑같이 하면 된다. 다만 크기가 16의 배수가 되도록 만들어 줘야 함.


so I added space (ascii 32, 0x20) (because server send the space added byte array to me too.)  

나는 여기에 space를 더했음. (왜냐면 서버에서도 그렇게 내려오니까)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
- (NSData *)AES128EncryptWithData:(NSData *)data {
    int dataLength = (int)data.length;
    int diff = kCCKeySizeAES128 - (dataLength % kCCKeySizeAES128);
    int newSize = 0;
    if(diff > 0) {
        newSize = dataLength + diff;
    }
    
    // padding for AES128 size using space (ascii 32)
    char dataPtr[newSize];
    memcpy(dataPtr, data.bytes, data.length);
    for(int i = 0; i < diff; i++) {
        dataPtr[i + dataLength] = 0x20;
    }
    
    size_t bufferSize = newSize + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);
 
    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
                                          kCCAlgorithmAES128,
                                          kCCOptionPKCS7Padding | kCCModeCBC,
                                          CRYPTO_KEY.bytes, CRYPTO_KEY.length,
                                          CRYPTO_IV.bytes,
                                          dataPtr,
                                          sizeof(dataPtr),
                                          buffer,
                                          bufferSize,
                                          &numBytesEncrypted);
    
    if(cryptStatus == kCCSuccess) {
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
    }
    
    return nil;
}
 
cs


반응형
Comments