ios - Decrypt AES-256-CBC String (need IV, string/data format?) -


i've been going around in circles apple's cccrypto docs, frameworks , other answers , not making headway.

i think need figure out how iv encrypted string receive.

i receive json payload contains string. string encrypted in aes-256-cbc. (from laravel php instance think uses openssl). string itself, decrypted, json object.

i have pre-defined key.

the string receive looks like:

ejahdkawwkajashwlkwakajsne8ehahdhsiwkdkdhwniehhehellwhwlllllhshnnwhwhabwiiwhwhwh=

(but lot longer).

i'm trying use answer here: issue using cccrypt (commoncrypt) in swift

but a) unsure if i'm converting string data , b) how iv (initialization vector) string receive.

using answer "success" when try pass nsjsonserailizer never got result (it fails) data out - think it's garbage.

edit:

i mis-understood original problem - receiving base64 encoded string needed decode json (which went fine). using linked answer , importing commoncrypto thought i'd able usable data not. @rob napier 's answer extremely helpful. think problem instance of laravel in question using openssl.

there no commonly used standard format aes encrypted data (there several "standard formats" they're not commonly used....) way know how data have encrypted @ documentation data format, or failing that, encrypting code itself.

in encryption formats, iv sent along data. in many common (insecure) formats, there hard-coded iv (sometimes 16 bytes of 0x00). if there's password, need find out how they've converted password key (there several ways this, good, horrible). in format, key derivation may include random "salt" need extract data. you'll need know if there hmac or similar authentication (which might stored @ beginning or end of data, , may include own salt).

there isn't way know without documentation sender. decently encrypted format going random noise, figuring out looking @ final message pretty hard.

if comes out of laravel's encrypt function, seems this code:

public function encrypt($value) {     $iv = mcrypt_create_iv($this->getivsize(), $this->getrandomizer());     $value = base64_encode($this->padandmcrypt($value, $iv));     // once have encrypted value go ahead base64_encode input     // vector , create mac encrypted value can verify     // authenticity. then, we'll json encode data in "payload" array.     $mac = $this->hash($iv = base64_encode($iv), $value);     return base64_encode(json_encode(compact('iv', 'value', 'mac'))); }

if correct, should have been passed base64-encoded json 3 fields: iv (iv), ciphertext (value), , looks hmac encrypted using same key plaintext (mac). data you've given above doesn't json @ (even after base-64 decoding).

this assumes caller used encrypt function, though. there many, many ways encrypt, though, need know how actual server you're talking did it.


Comments

Post a Comment

Popular posts from this blog

get url and add instance to a model with prefilled foreign key :django admin -

Image
i have page in each contest shown in row. each row contains contest id , link other model names have foreign key contest. news model: class news(models.model): title = models.charfield(max_length=50, null=true) description = models.textfield() time = models.timefield( default= datetime.datetime.now().time()) contest = models.foreignkey(contest) i want use admin adding , changing these models. want when user clicks on 'news' has foreign key contest id=1, shows list of news value foreign key. use {% instance in instances %} <tr class="{% cycle 'row1' 'row2' %}"> <td>{{ instance.title }}</td> <td>{{ instance.starttime }}</td> <td>{{ instance.timespan }}</td> <td>{{ instance.date }}</td> <td><a href="/adm
Read more

css - Make div keyboard-scrollable in jQuery Mobile? -

from can tell, although jquery-mobile-powered pages can contain divs overflow set scroll or auto, , these divs can scrolled one-screen bar or mouse wheel, cannot scrolled using arrow keys, page-up/page-down, or home/end. instead, official "page" div (with data-role="page") absorbs input. perhaps other divs can't acquire focus, i'm not sure. is there way around this? edit: jsfiddle of simple example: https://jsfiddle.net/qogz0shx/ <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquerymobile/1.4.5/jquery.mobile.min.js"> </script> <link rel="stylesheet" href="https://code.jquery.com/mobile/1.4.5/jquery.mobile-1.4.5.css"/> <style> #outer { overflow:scroll; height: 50vh; width: 50vw; } #inner { height: 500vh; width: 500vw; } &l
Read more

ruby on rails - Seeing duplicate requests handled with Unicorn -

recently upgraded our ec2 instances c3.large in order boost more unicorn workers handle increased traffic our site. (6xworkers per machine - 2 ec2 instances). when did this, started seeing duplicate records being created! looks somehow, maybe 2 unicorn workers attempting process same request? in nginx logs see 1 [post] request particular rails controller - yet 2 records being created in database. i'm hitting kind of race condition issue - have no idea how debug this. doesn't happen time, when it's frustrating well. noticed 2 database records within 5 seconds of each other. (and yes disable button when user clicks submit button). unicorn 4.8.2 ruby 1.9.3 rails 3.2.14 any great! thanks! although may not fix problem, upgrade ruby 2.0.0. there blog mentioning idea upgrade ruby 2.0.0 if using unicorn. for example: https://www.digitalocean.com/community/articles/how-to-optimize-unicorn-workers-in-a-ruby-on-rails-app specifically: if using ruby 1.9,
Read more