How to Encrypt Using Aes Gcm on iOS

How to encrypt using AES GCM on iOS?

There is some GCM crypt functions in the CommonCryptorSPI.h, they are not public yet.
But you can use them if you add them to the bridging header.

#include <CommonCrypto/CommonCryptor.h>
CCCryptorStatus CCCryptorGCM(
CCOperation     op,             /* kCCEncrypt, kCCDecrypt */
CCAlgorithm     alg,
const void      *key,           /* raw key material */
size_t          keyLength,  
const void      *iv,
size_t          ivLen,
const void      *aData,
size_t          aDataLen,
const void      *dataIn,
size_t          dataInLength,
void            *dataOut,
const void      *tag,
size_t          *tagLength);

Or you can try the SwCrypt library.

iOS CryptoKit AES-GCM is it possible to use a nonce with fewer than 12 bytes?

I figured out a solution that worked for me.

I used the excellent CryptoSwift library (7.8k stars on GitHub at time of writing):

let gcm = GCM(iv: withUnsafeBytes(of: cryptoCounter.bigEndian, Array.init), mode: .detached)
let aes = try! AES(key: [UInt8](sharedKey), blockMode: gcm, padding: .noPadding)
let encrypted = try! aes.encrypt([UInt8](serialized))

Decryption AES/GCM/PKCS5Padding iOS Swift

I was able to decrypt the input using "CryptoSwift" framework, was wondering if we can solve the same using the apple iOS CommonCrypto framework.

Any leads with using "CommonCrypto" would be greatly appreciated

 class func decryptCode123(_ cipher:String)-> String{
        
        let key = "SOMEKEY"
        
        var keyBytes: [UInt8] = []
        var codeBytes: [UInt8] = []
        var code = ""

        if let keyData = NSData(base64Encoded:key, options: .ignoreUnknownCharacters) {
            keyBytes = [UInt8](keyData as Data)
        }
        if let codeData = NSData(base64Encoded: cipher, options: .ignoreUnknownCharacters) {
            codeBytes = [UInt8](codeData as Data)
        }

        debugPrint(codeBytes)

        let codeBytescount = [UInt8](codeBytes).count

        let iv = Array([UInt8](codeBytes)[0 ..< 32])
        let cipher = Array([UInt8](codeBytes)[iv.count ..< codeBytescount])
        do{
            let gcm = GCM(iv: iv, mode: .combined)
            let derKey = createKey(password:Data(key.utf8), salt: Data(iv))!
            
            keyBytes = [UInt8](derKey)
            
            let aes = try AES(key: keyBytes, blockMode: gcm, padding: .pkcs5)
            
            print("aes created")
            let decrypted = try aes.decrypt(cipher)
            print("decrypted completed")
            if let decryptedString = String(bytes: decrypted, encoding: .utf8) {
                code = decryptedString
            }
            
            debugPrint(code)

        }catch let error as AES.Error {
            debugPrint(error.localizedDescription)
            return code
        } catch {
            return code
        }
        return code
    }

Is it possible to use AES128 with GCM mode on iOS?

Thanks to owlstead suggest I take a look deeper into RNCryptor and found a solution.

First of all after lots of googling it's seems that Zaph were right and iOS doesn't provide GCM but use it in iOS. ref there: iOS Security feb 2014

Second, RNCryptor doesn't use GCM but use AES256 in CBC mode (Cipher Block Chaining), which is fine, and then authenticate with HMAC+SHA1. This fits my requirements.

To encrypt with a key and to skip the password derivation part, RNCryptor provide this function:

NSData *encryptedData = [RNEncryptor encryptData:yourData
                                        withSettings:kRNCryptorAES256Settings
                                       encryptionKey:encryptionKey
                                             HMACKey:HMACKey
                                               error:&error];

and then decrypt with this 

NSData *decryptedData = [RNDecryptor decryptData:encryptedData withEncryptionKey:encryptionKey HMACKey:HMACKey error:&decryptionError];

RNCryptor also provide random generation methods for keys.

Note: take care when using AES256, the key schedule can be weak: Schneier article but no drama and there are other point of view on AES256 that are pros: Colin Percival article


Related Topics

How to Use Phcachingimagemanager

Obtaining Bluetooth Le Scan Response Data with iOS

Sprite Kit Sprites Loading Performance Improvement

Camera Image Orientation

Uilabel, Uifont and Utf-8 Triangle

Uploading Image with iOS App to Server File Size Is Too Large

Removing Lagging Latency in Drawing Uibezierpath Smooth Lines in Swift

Hide a Phone Call Completely in iOS (Jailbreak Device)

Open Uiimagepickercontroller in Landscape Mode

How to Upload Multiple Image on Firebase Using Swift

What Is the Use of Singleton Class in Objective-C

Type 'Nsattributedstringkey' (Aka 'Nsstring') Has No Member 'Font'

Duet - Merge 2 Videos Side by Side

How to Monitor Battery Level and State Changes Using Swift

Swift 3.0 Multiple Selection with Select All Cell

Not Working Transitions in Spritekit

Making Uitableview with Embedded Uicollectionview Using Uitableviewautomaticdimension

Filter Array by Indices


Leave a reply



Submit