AES解密iOS

Question

I try to decrypt a String message with AES decryption.

- (NSData *)AES256DecryptWithKey:(NSString *)key andIV:(NSString*)iv{

// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero( keyPtr, sizeof( keyPtr ) ); // fill with zeroes (for padding)

// fetch key data
[key getCString:keyPtr maxLength:sizeof( keyPtr ) encoding:NSUTF8StringEncoding];

NSUInteger dataLength = [self length];

//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc( bufferSize );

size_t numBytesDecrypted = 0;

CCCryptorStatus cryptStatus = CCCrypt( kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                      keyPtr, kCCKeySizeAES256,
                                      //[iv cStringUsingEncoding:NSUTF8StringEncoding] /* initialization vector (optional) */,
                                      NULL,
                                      [self bytes], dataLength, /* input */
                                      buffer, bufferSize, /* output */
                                      &numBytesDecrypted );

if( cryptStatus == kCCSuccess )
{
    NSLog(@"CRYPTSTATUS %d",cryptStatus);

    //the returned NSData takes ownership of the buffer and will free it on deallocation
    return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];

}

NSLog(@"CRYPTSTATUS %d",cryptStatus);


free( buffer ); //free the buffer
return nil;

}

But the Result is truncated, do anyone have a suggestion? It seems to be a problem with the padding, but I dont know. The AES key will be later (RSA encrypted) send.

Would be nice if you could give me suggestions.

EDIT: Input (base64 encoded)

NSData *keydata = [[NSData alloc]initWithBase64EncodedString:@"QUFBQUE5MThEOTMyOEJCQkJCQkJCODhFMTM3MURFREQ="];
NSString *key = [[NSString alloc]initWithData:keydata encoding:NSUTF8StringEncoding];

NSData *msgnormal = [[NSData alloc]initWithBase64EncodedString:@"oE4LOCjOfjPeggXsDbLQ4ko+57kdb/5EBUcmlTBvaaI="];
NSData *decrypted = [msgnormal AES256DecryptWithKey:key andIV:@""];

NSLog(@"DECRYPTED: %@",[[NSString alloc]initWithData:decrypted encoding:NSUTF8StringEncoding]);

Answer 1

The input should be padded to the nearest block also. If the input ends on a block boundary, you actually still add a whole other block just so you always have padding (that you will remove later).

You must know where the end of the decrypted text is and where the padding starts. Typically, this is handled with padding such as PKCS7 . Since you will know how many bytes are the padding, it's easy to strip off later.