AES encrypt options - Githubissues

AlanQuatermain / aqtoolkit

A toolkit consisting of a bunch of generally useful routines and extensions I wrote when putting together other projects.

http://blog.alanquatermain.net/code

BSD 3-Clause "New" or "Revised" License

783 stars 148 forks source link

AES encrypt options #20

Open hustwcw opened 11 years ago

hustwcw commented 11 years ago

In the AES256EncryptedDataUsingKey method, I can't decryt the data using java when the options is set to kCCOptionPKCS7Padding. But when I modify the options to "kCCOptionPKCS7Padding | kCCOptionECBMode", I can decrypt correctly. I haven't used the decryptedAES256DataUsingKey method in the iOS client, but I think the options in this method should alos be modified to "kCCOptionPKCS7Padding | kCCOptionECBMode".

mschleeweiss commented 11 years ago

ECB is pretty unsecure.

AlanQuatermain commented 11 years ago

Even CBC is heading that way. The recommendation is going towards Galois/Counter Mode instead, although there aren't yet many implementations of that. Hopefully Apple will add it to CommonCrypto in the next revision.