iOS 3Des with Ecb Return Half Correct Data

iOS 3DES with ECB return half correct data

It is probably a different padding being used. DES has a block size of 8 byte. So the first block is 12345678 and the second block is 9. Since DES is a block cipher the plaintext must be padded to the next block size.

The online tool probably uses zero padding or no padding which basically means that the other bytes of the block are set to 0x00. You use in your code on the other hand PKCS#7 padding. Remove the PKCS#7 flag, to see if the output matches.

You will have to do the zero padding yourself if the library doesn't provide it. Fill up the password with \0 bytes until a multiple of the block size is reached during encryption and remove those zero bytes during decryption.

It is not recommended to use encryption without padding.

Also, password are not usually encrypted, but rather hashed with a random salt and multiple iterations. When your user database gets "lost", you don't want the one who found it, to be able to easily reverse the passwords and log in as any user (the assumption being that the encryption key is also easily "loseable"). Using a strong cryptographic hash function on the other hand has the advantage that it is really infeasible to reverse the hash.

IOS 3DES in swift

You have to convert the arguments to the expected types. For example, kCCEncrypt is an Int, but the first parameter has the type CCOperation which is an alias for UInt32.
In contrast to (Objective-)C, Swift does not implicitly convert types:

var result = CCCrypt(
    CCOperation(kCCEncrypt),
    CCAlgorithm(kCCAlgorithm3DES),
    CCOptions(kCCOptionPKCS7Padding | kCCOptionECBMode),
    key,
    UInt(kCCKeySize3DES),
    ...

how to use aes mode to encrypt string in swift?

1. You are not setting the length of the encrypted data to the value returned by reference: numBytesEncrypted. In this case: bufferData.length = numBytesEncrypted.

2. MCRYPT_RIJNDAEL_256 specifies a block size of 256 bits, AES only uses a block size of 128, change that in mcrypt to MCRYPT_RIJNDAEL_128. Note: the block size is not the same thing as the key size.

3. The iv size is the block size (128-bits/16-bytes).

4. Show example input and output data for more help.

For a Swift example this SO answer:

CryptoJS DES (ECB) Encryption - Base64 encoded - not producing the correct result

Tools4noobs uses the PHP-method mcyrpt_encrypt, which works with Zero-Byte-Padding. The posted code uses PKCS7-Padding. To use Zero-Byte-Padding, the padding in the code must be changed to CryptoJS.pad.ZeroPadding.

But if Pkcs7-Padding should be used, then Tools4noobs is not a good choice because the padding cannot be set. In this case another option is TxtWizard.

Another source of error is the format of the key. Whether this is also a problem here cannot be said, however, since the key generation is not shown in the posted code. It is important that the key is passed as a WordArray and not as a string. If it is passed as a string, then it is interpreted as a passphrase from which the actual key is generated, see The Cipher Input.

The following code

var key = CryptoJS.enc.Latin1.parse("12345678"); // key as WordArray
var text = "The quick brown fox jumps over the lazy dog";

var encrypted = CryptoJS.DES.encrypt(text, key, {
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.ZeroPadding // Zero-Byte-Padding
});

var finalEncrypted = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
console.log(finalEncrypted); 

has the output

XokzhoQlYFGG7ZfTNqdvr0QGMsFF24oSZ5v+vsPDNlPA+GbJ2peAY/7pNhpOerOV 

in accordance with the Tools4noobs output.

---

Related Topics