Objective-C RC4 Decryption

I am new to Objective-C, but am an experienced developer (C#), but I can't figure this out:

I have a string which is RC4 encrypted, and I need to decrypt it using Objective-C on the iPad (iOS 5.0). I have looked all over the net for a working example, but have had no luck finding an example that works end-to-end. Not only does the code below not return the decrypted string correctly, it returns something different every time it executes, which makes me thing a pointer is being released someplace.

Note: I do not know if it matters, but the string was encrypted using http://archive.plugins.jquery.com/project/RC4 and then stored as text in a Sqlite database, which I am now accessing from Objective-C (I know, the architecture sounds messy, but I can't change that at this point.)

The code I am using is (taken from RC4 encryption - CommonCrypto (Objective-C) vs PHP):

    + (NSString*)decryptData:(NSData*) dataToDecrypt
    {
        const void *vplainText;
        size_t plainTextBufferSize;


        plainTextBufferSize = [dataToDecrypt length];
        vplainText = [dataToDecrypt bytes];

        CCCryptorStatus ccStatus;
        uint8_t *bufferPtr = NULL;
        size_t bufferPtrSize = 0;
        size_t movedBytes = 0;

        bufferPtrSize = (plainTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1);
        bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
        memset((void *)bufferPtr, 0x0, bufferPtrSize);

        NSString *key = @"theKeyIUsedtoEncryptInTheFirstPlace";
        const void *vkey = (const void *) [key UTF8String];

        size_t keyLength = [[key dataUsingEncoding:NSUTF8StringEncoding] length]; 
        ccStatus = CCCrypt(kCCDecrypt,
                           kCCAlgorithmRC4,
                           0,
                           vkey,
                           kCCKeySizeDES,
                           nil,
                           vplainText,
                           plainTextBufferSize,
                           (void *)bufferPtr,
                           bufferPtrSize,
                           &movedBytes);
        if (ccStatus == kCCSuccess) NSLog(@"SUCCESS");
        /*else*/ if (ccStatus == kCCParamError) return @"PARAM ERROR";
        else if (ccStatus == kCCBufferTooSmall) return @"BUFFER TOO SMALL";
        else if (ccStatus == kCCMemoryFailure) return @"MEMORY FAILURE";
        else if (ccStatus == kCCAlignmentError) return @"ALIGNMENT";
        else if (ccStatus == kCCDecodeError) return @"DECODE ERROR";
        else if (ccStatus == kCCUnimplemented) return @"UNIMPLEMENTED";

        NSString *result = [[ NSString alloc ] initWithData: [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes] encoding:NSASCIIStringEncoding];
        NSLog(@"%@", result);
        return result;
    }

Answers


Use this function for encryption and decryption. (Just put in the encoded string with same key again to decode it).

-(NSString*) rc4Key:(NSString*) key str:(NSString*) str
{    
    int j = 0;
    unichar res[str.length];
    const unichar* buffer = res;
    unsigned char s[256];
    for (int i = 0; i < 256; i++) 
    {
        s[i] = i;
    }
    for (int i = 0; i < 256; i++) 
    {
        j = (j + s[i] + [key characterAtIndex:(i % key.length)]) % 256;

        swap(s[i], s[j]);
    }

    int i = j = 0;

    for (int y = 0; y < str.length; y++) 
    {
        i = (i + 1) % 256;
        j = (j + s[i]) % 256;
        swap(s[i], s[j]);

        unsigned char f = [str characterAtIndex:y] ^ s[ (s[i] + s[j]) % 256];
        res[y] = f;
    }
    return [NSString stringWithCharacters:buffer length:str.length];
}

I see a couple of references to DES in your code (kCCKeySizeDES, kCCBlockSize3DES). That doesn't seem right -- at a minimum, kCCKeySizeDES should probably be replaced with keyLength.

If that doesn't solve it, I'd look next at possible text encoding issues. The data in SQLite might be UTF8-encoded binary data, in which case you'll probably have to "decode" it by converting from UTF8 to ISO8859-1.


RC4 implementation translated from .net:

+(NSString*)RC4:(NSString *)data key:(NSString *)key
{
    id x;
    int y = 0;
    int i = 0;
    int j = 0;
    NSMutableArray *box = [[NSMutableArray alloc] initWithCapacity:256];
    NSString *result = @"";

    for (i = 0; i < 256; i++) {
        [box addObject:[NSNumber numberWithInt:i]];
    }

    for (i = 0; i < 256; i++) {
        j = ((int)[key characterAtIndex:(i % key.length)] + [[box objectAtIndex:i] intValue] + j) % 256;
        x = [box objectAtIndex:i];
        [box setObject:[box objectAtIndex:j] atIndexedSubscript:i];
        [box setObject:x atIndexedSubscript:j];
    }

    for (i = 0; i < data.length; i++) {
       y = i % 256;
       j = ([[box objectAtIndex:y] intValue] + j) % 256;
       x = [box objectAtIndex:y];
       [box setObject:[box objectAtIndex:j] atIndexedSubscript:y];
       [box setObject:x atIndexedSubscript:j];

       NSString *c = [NSString stringWithFormat:@"%c", ([data characterAtIndex:i] ^     (char)[[box objectAtIndex:([[box objectAtIndex:y] intValue] + [[box objectAtIndex:j] intValue]) % 256] intValue])];

       result = [result stringByAppendingString:c];

    }

    return result;
}

Need Your Help

validating X.509 certificate on linux

c linux openssl x509 nss

I have just started working with X.509 certificates. Can any one tell me how to go about validating a certificate on linux? The use case is that my app had downloaded a certificate in a previous se...