I am trying to encrypt an NSString in Objective C on the iPhone. At least I wan't to get a string like "TmsbDaNG64lI8wC6NLhXOGvfu2IjLGuEwc0CzoSHnrs=" when I encode "us=foo;pw=bar;pwAlg=false;" by using this key: "testtest".
My problem for now is, that CCCrypt always returns "4300 - Parameter error" and I have no more idea why.
This is my code (the result of 5 hours google and try'n'error):
NSString *token = @"us=foo;pw=bar;pwAlg=false;";
NSString *key = @"testtest";
const void *vplainText;
size_t plainTextBufferSize;
plainTextBufferSize = [token length];
vplainText = (const void *) [token UTF8String];
CCCryptorStatus ccStatus;
uint8_t *bufferPtr = NULL;
size_t bufferPtrSize = 0;
size_t *movedBytes;
bufferPtrSize = (plainTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1);
bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
memset((void *)bufferPtr, 0x0, bufferPtrSize);
// memset((void *) iv, 0x0, (size_t) sizeof(iv));
NSString *initVec = @"init Vec";
const void *vkey = (const void *) [key UTF8String];
const void *vinitVec = (const void *) [initVec UTF8String];
ccStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmDES,
kCCOptionECBMode,
vkey, //"123456789012345678901234", //key
kCCKeySizeDES,
NULL,// vinitVec, //"init Vec", //iv,
vplainText, //"Your Name", //plainText,
plainTextBufferSize,
(void *)bufferPtr,
bufferPtrSize,
movedBytes);
NSString *result;
NSData *myData = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes];
result = [myData base64Encoding];
DES encryption in ECB mode uses an 8 byte block size, and encodes each blocks individually. The problem is that your input string doesn't divide into 8 bytes equally and the cryptor doesn't know what to do with the final non 8 byte block.
The fix is to allow the cryptor to pad the final block by adding kCCOptionPKCS7Padding to the options to CCCrypt. eg (snippet from an NSData encryption category):
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmDES,
kCCOptionPKCS7Padding | kCCOptionECBMode,
keyPtr,
kCCKeySizeDES,
NULL,
[self bytes],
dataLength,
buffer,
bufferSize
&numBytesEncrypted);
Take a look at this post for more details regarding padding algorithms. Hope this helps.