|
|
@@ -450,26 +450,23 @@ cleanup:
|
|
|
#pragma mark - Encrypt / Decrypt Metadata
|
|
|
#
|
|
|
|
|
|
-- (NSString *)decryptMetadata:(NSString *)encrypted privateKey:(NSString *)privateKey initializationVector:(NSString *)initializationVector authenticationTag:(NSString *)authenticationTag
|
|
|
+- (NSString *)decryptMetadata:(NSString *)encrypted privateKey:(NSString *)privateKey initializationVector:(NSString *)initializationVector
|
|
|
{
|
|
|
NSMutableData *plainData;
|
|
|
NSRange range = [encrypted rangeOfString:IV_DELIMITER_ENCODED];
|
|
|
|
|
|
+ // Key
|
|
|
NSData *keyData = [self base64DecodeString:privateKey];
|
|
|
- NSData *ivData = [[NSData alloc] initWithBase64EncodedString:initializationVector options:0];
|
|
|
|
|
|
// Tag
|
|
|
- // authenticationTag = [encrypted substringWithRange:NSMakeRange(range.location - AES_GCM_TAG_LENGTH, AES_GCM_TAG_LENGTH)];
|
|
|
- NSData *tagData = [[NSData alloc] initWithBase64EncodedString:authenticationTag options:0];
|
|
|
+ NSString *tag = [encrypted substringWithRange:NSMakeRange(range.location - AES_GCM_TAG_LENGTH, AES_GCM_TAG_LENGTH)];
|
|
|
+ NSData *tagData = [[NSData alloc] initWithBase64EncodedString:tag options:0];
|
|
|
|
|
|
// Cipher
|
|
|
NSString *cipher = [encrypted substringToIndex:(range.location)];
|
|
|
NSData *cipherData = [[NSData alloc] initWithBase64EncodedString:cipher options:0];
|
|
|
-
|
|
|
- //NSData *tagData = [[NSData alloc] initWithBase64EncodedString:authenticationTag options:0];
|
|
|
- //NSData *cipherData = [[NSData alloc] initWithBase64EncodedString:encrypted options:0];
|
|
|
|
|
|
- BOOL result = [self decryptData:cipherData plainData:&plainData keyData:keyData keyLen:AES_KEY_128_LENGTH ivData:ivData tagData:tagData];
|
|
|
+ BOOL result = [self decryptMetadataJ:cipherData keyData:keyData tagData:tagData];
|
|
|
|
|
|
if (plainData != nil && result) {
|
|
|
|
|
|
@@ -560,6 +557,78 @@ cleanup:
|
|
|
#pragma mark - OPENSSL ENCRYPT/DECRYPT
|
|
|
#
|
|
|
|
|
|
+#
|
|
|
+#pragma mark - Asymmetric Encrypt/Decrypt Metadata JSON
|
|
|
+#
|
|
|
+
|
|
|
+- (NSString *)decryptMetadataJ:(NSData *)metadataData keyData:(NSData *)keyData tagData:(NSData *)tagData
|
|
|
+{
|
|
|
+ int status = 0;
|
|
|
+ int len = 0;
|
|
|
+ NSData *printData;
|
|
|
+
|
|
|
+ // set up key
|
|
|
+ len = (int)keyData.length;
|
|
|
+ unsigned char cKey[len];
|
|
|
+ bzero(cKey, sizeof(cKey));
|
|
|
+ [keyData getBytes:cKey length:len];
|
|
|
+ // ----- DEBUG Print -----
|
|
|
+ printData = [NSData dataWithBytes:cKey length:len];
|
|
|
+ NSLog(@"Key %@", [printData base64EncodedStringWithOptions:0]);
|
|
|
+ // -----------------------
|
|
|
+
|
|
|
+ // set up tag
|
|
|
+ len = (int)[tagData length];;
|
|
|
+ unsigned char cTag[len];
|
|
|
+ bzero(cTag, sizeof(cTag));
|
|
|
+ [tagData getBytes:cTag length:len];
|
|
|
+ // ----- DEBUG Print -----
|
|
|
+ printData = [NSData dataWithBytes:cTag length:len];
|
|
|
+ NSLog(@"Tag %@", [printData base64EncodedStringWithOptions:0]);
|
|
|
+ // -----------------------
|
|
|
+
|
|
|
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
|
|
|
+ if (!ctx)
|
|
|
+ return nil;
|
|
|
+
|
|
|
+ status = EVP_DecryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL);
|
|
|
+ if (status <= 0)
|
|
|
+ return nil;
|
|
|
+
|
|
|
+ EVP_CIPHER_CTX_set_padding(ctx, 0);
|
|
|
+
|
|
|
+ unsigned char *iv = (unsigned char *)"0123456789012345";
|
|
|
+ status = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, 16, NULL);
|
|
|
+ if (status <= 0)
|
|
|
+ return nil;
|
|
|
+
|
|
|
+ status = EVP_DecryptInit_ex(ctx, NULL, NULL, cKey, iv);
|
|
|
+ if (status <= 0)
|
|
|
+ return nil;
|
|
|
+
|
|
|
+ int outLen = 0;
|
|
|
+ unsigned char *out = (unsigned char *) malloc(metadataData.length + 16);
|
|
|
+ status = EVP_DecryptUpdate(ctx, out, &outLen, [metadataData bytes], (int)[metadataData length]);
|
|
|
+ if (status <= 0 || outLen == 0)
|
|
|
+ return nil;
|
|
|
+
|
|
|
+ status = EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, cTag);
|
|
|
+ if (status <= 0)
|
|
|
+ return nil;
|
|
|
+
|
|
|
+ int f_len = outLen;
|
|
|
+ status = EVP_DecryptFinal_ex(ctx,NULL, &f_len);
|
|
|
+ if (status <= 0)
|
|
|
+ return nil;
|
|
|
+
|
|
|
+ NSString *outString = [[NSString alloc] initWithBytes:out length:outLen encoding:NSUTF8StringEncoding];
|
|
|
+
|
|
|
+ if (out)
|
|
|
+ free(out);
|
|
|
+
|
|
|
+ return outString;
|
|
|
+}
|
|
|
+
|
|
|
#
|
|
|
#pragma mark - Asymmetric Encrypt/Decrypt String
|
|
|
#
|
Marino Faggiana