i have a problem with AES encryption the key i have is based 64 string , the data encrypted wrong

Question

I've array of objects , each object may have these

:[ "id", "start_long", "start_lat", "start_date", "type", "second_user_id", "end_long", "end_lat",
"end_date", "feedback"]

when i try to decode a based64String, I get nil, I've tried to use CryptoSwift, RNCryptor

I want to pass 64based string the key ass method key

key : tK5UTui+DPh8lIlBxya5XVsmeDCoUl6vHhdIESMB6sQ=

enter image description here

Kasım Özdemir · Answer 1 · 2020-03-19T08:25:45.687

AES Encryption / Decryption using base64 key, salt and iv (Initialization Vector).

1) Import CommonCrypto. This is Apple’s open source cryptography library.

import CommonCrypto

2) Create key with salt.

extension Data {
  func createKey(salt: Data) -> Data {
    let length = kCCKeySizeAES256
    var status = Int32(0)
    var derivedBytes = [UInt8](repeating: 0, count: length)
    self.withUnsafeBytes { (passwordBytes: UnsafePointer<Int8>!) in
        salt.withUnsafeBytes { (saltBytes: UnsafePointer<UInt8>!) in
            status = CCKeyDerivationPBKDF(CCPBKDFAlgorithm(kCCPBKDF2),                  // algorithm
                                          passwordBytes,                                // password
                                          self.count,                               // password length
                                          saltBytes,                                    // salt
                                          salt.count,                                   // salt length
                                          CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA1),   // prf
                                          10000,                                        // rounds
                                          &derivedBytes,                                // derived key
                derivedBytes.count)                                       // derived key length
        }
    }
    if(status != kCCSuccess){
        return Data.init(count: 0)
    }
    return Data(bytes: UnsafePointer<UInt8>(derivedBytes), count: length)
  }
}

3) Encryption / Decryption extension

extension String {

func aesEncrypt(key:String, salt:String, iv:String) -> String? {
    if let keyData = key.data(using: String.Encoding.utf8)?.createKey(salt: Data.init(base64Encoded: salt, options: .ignoreUnknownCharacters)!),
        let data = self.data(using: String.Encoding.utf8),
        let ivData = Data.init(base64Encoded: iv, options: .ignoreUnknownCharacters),
        let cryptData    = NSMutableData(length: Int((data.count)) + kCCKeySizeAES256) {

        let operation: CCOperation = UInt32(kCCEncrypt)
        let algoritm:  CCAlgorithm = UInt32(kCCAlgorithmAES128)
        let options:   CCOptions   = UInt32(kCCOptionPKCS7Padding)

        var numBytesEncrypted :size_t = 0
        var cryptStatus: CCCryptorStatus = CCCryptorStatus(kCCSuccess)
        ivData.withUnsafeBytes { (ivBytes: UnsafePointer<UInt8>!) -> () in
             cryptStatus = CCCrypt(operation,
                                      algoritm,
                                      options,
                                      (keyData as NSData).bytes, keyData.count,
                                      ivBytes,
                                      (data as NSData).bytes, data.count,
                                      cryptData.mutableBytes, cryptData.length,
                                      &numBytesEncrypted)


        }
        if UInt32(cryptStatus) == UInt32(kCCSuccess) {
            cryptData.length = Int(numBytesEncrypted)
            let base64cryptString = cryptData.base64EncodedString(options: .lineLength64Characters)
            return base64cryptString

        }
        else {
            return nil
        }
    }
    return nil
}

func aesDecrypt(key:String, salt:String, iv:String) -> String? {
    if let keyData = key.data(using: String.Encoding.utf8)?.createKey(salt: Data.init(base64Encoded: salt, options: .ignoreUnknownCharacters)!),
        let data = NSData(base64Encoded: self, options: .ignoreUnknownCharacters),
        let ivData = Data.init(base64Encoded: iv, options: .ignoreUnknownCharacters),
        let cryptData    = NSMutableData(length: Int((data.length)) + kCCKeySizeAES256) {

        let operation: CCOperation = UInt32(kCCDecrypt)
        let algoritm:  CCAlgorithm = UInt32(kCCAlgorithmAES128)
        let options:   CCOptions   = UInt32(kCCOptionPKCS7Padding)

        var numBytesEncrypted :size_t = 0
        var cryptStatus: CCCryptorStatus = CCCryptorStatus(kCCSuccess)
        ivData.withUnsafeBytes { (ivBytes: UnsafePointer<UInt8>!) -> () in
             cryptStatus = CCCrypt(operation,
                                   algoritm,
                                   options,
                                   (keyData as NSData).bytes, keyData.count,
                                   ivBytes,
                                   data.bytes, data.length,
                                   cryptData.mutableBytes, cryptData.length,
                                   &numBytesEncrypted)


        }

        if UInt32(cryptStatus) == UInt32(kCCSuccess) {
            cryptData.length = Int(numBytesEncrypted)
            let unencryptedMessage = String(data: cryptData as Data, encoding:String.Encoding.utf8)
            return unencryptedMessage
        }
        else {
            return nil
        }
    }
    return nil
}

4) Dictionary to json string

extension Dictionary {
   func toJsonString() -> String {
     do {
           let jsonData = try JSONSerialization.data(withJSONObject: self, options: [])

           let jsonString = String(data: jsonData, encoding: .utf8)

        return jsonString ?? ""
       } catch {
           print(error.localizedDescription)
        return ""
       }
  }
}

5) Sample

let param: [String: AnyObject] = [
        "test": "aes Encrypt_Decrypt"
    ] as [String: AnyObject]

    let jsonString = param.toJsonString()
    print("Json String : " + jsonString)

    let key = "tK5UTui+DPh8lIlBxya5XVsmeDCoUl6vHhdIESMB6sQ="
    let salt = "QWlGNHNhMTJTQWZ2bGhpV3U=" // base64 decode => AiF4sa12SAfvlhiWu
    let iv = "bVQzNFNhRkQ1Njc4UUFaWA==" // base64 decode => mT34SaFD5678QAZX

    let encrypt = (jsonString.aesEncrypt(key: key, salt: salt, iv: iv))

    print("Encrypt String : " + (encrypt ?? ""))

    print("Decrypt String : " + (encrypt?.aesDecrypt(key: key, salt: salt, iv: iv) ?? ""))

6) Output

Json String : {"test":"aes Encrypt_Decrypt"}
Encrypt String : PdT9Gxy6nz5/b4n7/wbj+6svYD06DokH7PbSWi+Pfmw=
Decrypt String : {"test":"aes Encrypt_Decrypt"}

secret keys of the specified algorithm is already hmac. This line CCPseudoRandomAlgorithm(kCCPRFHmacAlgSHA1) — Kasım Özdemir, Mar 20 '20 at 16:27
In cryptography, an HMAC is a specific type of message authentication code involving a cryptographic hash function and a secret cryptographic key. HMAC is not an encryption algorithm. You should use it together like this algorithm — Kasım Özdemir, Mar 20 '20 at 18:29

score 0 · Answer 2 · answered Mar 19 '20 at 04:17

I have used CryptoSwift in my project for AES Encryption Decryption,

i) Firstly I imported CryptoSwift Library

ii) Created Extension of String

iii) Added methods for Encryption and Decryption

import CryptoSwift

extension String {
    func aesEncrypt() -> String? {
        do {
             let encrypted = try AES(key: Array(AES_KEY.utf8), blockMode:CBC(iv: Array(AES_IV.utf8)), padding: .pkcs5).encrypt([UInt8](self.data(using: .utf8)!))
             return Data(encrypted).base64EncodedString()
        } catch {
           return nil
        }
    }
    func aesDecrypt() -> String? {
        guard let data = Data(base64Encoded: self) else { return "" }
        do {
        let decrypted = try AES(key: Array(AES_KEY.utf8), blockMode:CBC(iv: Array(AES_IV.utf8)), padding: .pkcs5).decrypt([UInt8](data))
            return String(bytes: decrypted, encoding: .utf8) ?? self
        } catch {
            return nil
        }
    }
}

iv) I have created Extension of Dictionary to convert my parameters([String : Any]) to JsonString

extension Dictionary {

    func convertToJson() -> String{

           var Json : String!
           let dictionary = self
           if let theJSONData = try? JSONSerialization.data(
               withJSONObject: dictionary,
               options: []) {
               let theJSONText = String(data: theJSONData,encoding: .utf8)
               Json = theJSONText
           }
           return Json

       }
}

Usage:

//MARK:- AES Encryption-Decryption Code

//Convert parameters to JSON String
let jsonString = parameters.convertToJson()
print("Json String : \(jsonString)")

//Encrypted Json String
let encriptionData = jsonString.aesEncrypt()
print("Encription String : \(encriptionData ?? "empty")")

//Decrypt your encrypted Data - This optional if you want to cross verify that your encryption data are correct
let decriptionData = encriptionData?.aesDecrypt()
print("DecriptionData String : \(decriptionData ?? "empty")")

//Pass the encrypted String inside one key to your API Request parameters. In my case it is "data" key
let param:[String:Any] = ["data":encriptionData ?? ""]
print("Encripted param String : \(param)")

Hope it helps!

how can i HMAC encrypted data ? – haggag Mar 20 '20 at 16:31 — haggag, Mar 20 '20 at 16:31

i have a problem with AES encryption the key i have is based 64 string , the data encrypted wrong

2 Answers2

Linked