Aes Gets Different Results in iOS (Obj-C) and Android (Java)

AES encryption makes different result in iOS and Android

I vaguely recall I had once similar issue of "synchronizing" the encryption between Android and iPhone, and the solution was in proper IV (initialization vector) usage. So probably switching on an explicit IV usage in Android could help:

final byte[] iv = new byte[16];
Arrays.fill(iv, (byte) 0x00);
IvParameterSpec ivParameterSpec = new IvParameterSpec(iv);
.. // the rest of preparations
ecipher.init(Cipher.ENCRYPT_MODE, skeySpec, ivParameterSpec);

Because when on iPhone you pass NULL as the IV, it may internally use a default one that corresponds to the just stated above.

But in production environment you should use a (cryptographically secure pseudo-)random initialization vector, stored together with the data. Then it is safe for all modes of operations. [1]

AES Encryption Android - iOS different results on message length 15 byte

Check what padding is being used on both systems. Different padding will result in different output. Do not rely on defaults but explicitly set the padding on both sides. Your second code fragment explicitly sets PKCS7 padding. Use that on both ends.

As a general rule, do not rely on defaults between different systems. Explicitly set the IV, mode, padding, nonce or whatever else is needed. Crypto is designed to fail badly if even the slightest detail does not match.

AES encryption on iOS and android, output and buffer size is different

Updates after you provided iOS code:

  • The aesEncryptData should be your output. Get rid of the hmac, that has nothing to do with AES encryption (instead, it is for message integrity).
  • The only way you are going to match your Android code is if you are using the same IV that the Android code is using.

Earlier reply:

How long is the input? Providing source code and sample data may help us solve the problem quicker.

Without the requested information, I don't have your answer, but I have a few pointers that might help you get to the bottom of it:

  • Your padding is okay. PKCS5Padding in Java is wrongly named implementation of PKCS#7, so it should be compatible with Apple's kCCOptionPKCS7Padding.
  • Apple by default uses CBC mode under the hood if no mode is specified, so that agrees with the Android code. So that cannot be the problem either.
  • When you encrypt, the ciphertext will be a multiple of 16 bytes (because AES has N=16 bytes block size and according to defn of PKCS #7). Specifically:

    • If the input is a multiple of 16 bytes, then the output should be exactly 16 bytes more than the input.
    • If the input is not a multiple of 16 bytes, then the output should be 16*Ceiling(Input length/16). Example: 47 byte input should be 16*Ceiling(17/16) = 16*3 = 48 byte output.
  • It is possible that one of the implementations is outputting the IV as part of the ciphertext. If this is happening, it should be at the beginning of the ciphertext. You should be able to test to see if this is happening. (Let me know if that is happening please)

Having said that, something is weird and likely implemented wrong, and we need the code to get to the bottom of it. It makes no sense that the Android code results in 3 blocks of 16 whereas the Apple code results in 5 blocks of 16.

Also, as I commented above, even though Apple tells you that the IV is optional, they mean that it is optional in terms of getting the code to work. It is not optional for security. IVs are required and must be unpredictable for CBC mode of operation, and they should never be repeated. If you ignore that, you leak information about your data, and in some situations, an attacker may be able to decrypt the data (padding oracle attacks).

AES CBC Encryption With PKCS7Padding Has Different Results In Java And Objective-C

Your problem is with the Objective-C code. You should use same method in both Java and Obj-C. You can use this code in order to make it return the same results:

AES.h

#import <Foundation/Foundation.h>
#import <CommonCrypto/CommonCrypto.h>

@interface AES : NSObject 

+ (NSData *)Encrypt:(NSString *)data WithKey:(NSString *)key;
+ (NSString *)Decrypt:(NSData *)data WithKey:(NSString *)key;

+ (NSData *)AESOperation:(CCOperation)operation OnData:(NSData *)data key:(NSString *)key;

@end

AES.m

#import "AES.h"

@implementation AES

+ (NSData *)Encrypt:(NSString *)data WithKey:(NSString *)key {
    return [self AESOperation:kCCEncrypt OnData:[data dataUsingEncoding:NSUTF8StringEncoding] key:key];
}
+ (NSString *)Decrypt:(NSData *)data WithKey:(NSString *)key {
    return [[NSString alloc] initWithData:[self AESOperation:kCCDecrypt OnData:data key:key] encoding:NSUTF8StringEncoding];
}

+ (NSData *)AESOperation:(CCOperation)operation OnData:(NSData *)data key:(NSString *)key {
    char keyPtr[kCCKeySizeAES128];
    bzero(keyPtr, sizeof(keyPtr));
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];

    NSUInteger dataLength = [data length];
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);

    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(operation,
                                          kCCAlgorithmAES128,
                                          kCCOptionPKCS7Padding,
                                          keyPtr,
                                          kCCBlockSizeAES128,
                                          keyPtr,
                                          [data bytes],
                                          dataLength,
                                          buffer,
                                          bufferSize,
                                          &numBytesEncrypted);
    if (cryptStatus == kCCSuccess) {
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
    }

    free(buffer);
    return nil;
}

@end

AES128 CBC encryption in Java and Objective C giving different outputs

I was able to solve the issue on the java code thanks to suggestions above. Here is the Java code that worked for me to achieve AES128 CBC mode on both java and objective c

public static String AESEncrypt(String text, String key, String iv) throws Exception {

     Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
     byte[] keyBytes = new byte[16];
     byte[] b = new BASE64Decoder().decodeBuffer(key);
     int len = b.length;
     if (len > keyBytes.length)
         len = keyBytes.length;
     System.arraycopy(b, 0, keyBytes, 0, len);

     byte[] keyBytesiv = new byte[16];
     byte[] biv = new BASE64Decoder().decodeBuffer(iv);
     int leniv = biv.length;
     if (leniv > keyBytesiv.length)
         leniv = keyBytesiv.length;
     System.arraycopy(biv, 0, keyBytesiv, 0, len);

     SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "AES");
     IvParameterSpec ivSpec = new IvParameterSpec(keyBytesiv);

     cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);

     byte[] results = cipher.doFinal(text.getBytes("UTF-8"));
     BASE64Encoder encoder = new BASE64Encoder();
     return encoder.encode(results);
 }

How can I make my AES encryption identical between Java and Objective-C (iPhone)?

Since the CCCrypt takes an IV, does it not use a chaining block cipher method (such as CBC)? This would be consistant with what you see: the first block is identical, but in the second block the Java version applies the original key to encrypt, but the OSX version seems to use something else.

EDIT:

From here I saw an example. Seems like you need to pass the kCCOptionECBMode to CCCrypt:

ccStatus = CCCrypt(encryptOrDecrypt,
        kCCAlgorithm3DES,
        kCCOptionECBMode, <-- this could help
        vkey, //"123456789012345678901234", //key
        kCCKeySize3DES,
        nil, //"init Vec", //iv,
        vplainText, //"Your Name", //plainText,
        plainTextBufferSize,
        (void *)bufferPtr,
        bufferPtrSize,
        &movedBytes);

EDIT 2:

I played around with some command line to see which one was right. I thought I could contribute it:

$ echo "Now then and what is this nonsense all about. Do you know?" | openssl enc -aes-128-ecb -K $(echo 1234567890123456 | xxd -p) -iv 0 | xxd 
0000000: 7a68 ea36 8288 c73d f7c4 5d8d 2243 2577  zh.6...=..]."C%w
0000010: e66b 32f9 772b 6679 d7c0 cb69 037b 8740  .k2.w+fy...i.{.@
0000020: 883f 8211 7482 29f4 7239 84be b50b 5aea  .?..t.).r9....Z.
0000030: eaa7 519b 65e8 fa26 a1bb de52 083b 478f  ..Q.e..&...R.;G.

Related Topics

Dynamically Add CSS Stylesheets in Javafx

How to Set -Fx-Max-Width to Use_Pref_Size in Javafx CSS

Onclick Event Is Not Triggering | Android

Java - Convert String to Valid Uri Object

Create Pdu for Android That Works with Smsmessage.Createfrompdu() (Gsm 3Gpp)

Getextractedtext on Inactive Inputconnection Warning on Android

Android Project Using Httpclient --> Http.Client (Apache), Post/Get Method

Rxjava Android How to Use the Zip Operator

Map.Clear() VS New Map:Which One Will Be Better

Registering a Headset Button Click with Broadcastreceiver in Android

How to Convert 24 Hr Format Time in to 12 Hr Format

Android Studio - No Jvm Installation Found

Onactivityresult() Not Called in New Nested Fragment API

How to Send Data from Dialogfragment to a Fragment

Convert Object to JSON in Android

Android Firestore Convert Array of Document References to List<Pojo>

How to Get Difference Between Two Dates in Android, Tried Every Thing and Post

Prevent Android Activity Dialog from Closing on Outside Touch


Leave a reply



Submit