Completed

Payout
100 DAI

$103.00

Remaining Balance
0 DAI

$0.00

Common Crypto AES module fails to decrypt cipherText from WebCrypto API [iOS / Objective C]

Ruby

JavaScript

Objective-C

Java

circle

Pedro Gomes

Currently the AES module in react-native-simple-crypto has two methods to encrypt and decrypt using the AES-128-CBC algorithm. It correctly encrypts and decrypts cipherTexts encrypted by itself. However when passed a cipherText encrypted using the WebCrypto API with the same algorithm, the cipher fails to decrypt it.

Example

import RNSimpleCrypto from "react-native-simple-crypto";

// from browser we have the cipherText, key and iv in hexadecimal encoding
const cipherTextHex = "58c23c4b7a4083e1032bed9924be9e6df07714bba0f7ac3f75c7af2cc948925f6852ce378bda2a5a5104eb14b7c38bf6533635e179230fc3badbca7b4d85d757a19f10974ceafdfbbc67b1faba9d7d38a396685852391aef687ddb7aadb2c4927461130ffc4c8e161205b239df9c42e03c6f904698c05af368e6d69888b0a9ed9b14ed2263a760f0dcd70e4da7f0d89f02484c16a1070e7a0e908246fef66823"
const keyHex = "8606388f144bfa3b318cbc7eb0a1267ed6ddea6b5fc21a66bb982c2d345b7d28"
const ivHex = "2e1388a7af1026e61c573d66839b31cb"

// convert hexadecimal encoding into array buffers
const cipherText = RNSimpleCrypto.utils.convertHexToArrayBuffer(test.cipherTextHex);
const key = RNSimpleCrypto.utils.convertHexToArrayBuffer(test.keyHex);
const iv = RNSimpleCrypto.utils.convertHexToArrayBuffer(test.ivHex);

// use decrypt method from our library
const result = await RNSimpleCrypto.AES.decrypt(cipherText, key, iv);

Expected Result

// result
{
  id: 1547162850087708,
  jsonrpc: "2.0",
  method: "wc_sessionRequest",
  params: [
    { peerId: "67b121c8-d66c-44d0-9d0f-6fb5e9235e0c", peerMeta: null }
  ]
};

Actual Result

// error
Error: Decrypt failed
    at createErrorFromErrorData (NativeModules.js:121)
    at NativeModules.js:78
    at MessageQueue.__invokeCallback (MessageQueue.js:398)
    at MessageQueue.js:137
    at MessageQueue.__guardSafe (MessageQueue.js:314)
    at MessageQueue.invokeCallbackAndReturnFlushedQueue (MessageQueue.js:136)
    at debuggerWorker.js:70

The only occurence for this error message is Line 26 on file RCTAes.m
https://github.com/WalletConnect/react-native-simple-crypto/blob/master/ios/RCTCrypto/RCTAes.m#L26
Which is returned by checking the result is nil from the cipher on file Aes.m
https://github.com/WalletConnect/react-native-simple-crypto/blob/master/ios/RCTCrypto/lib/Aes.m

Additionally if we encrypt the same expected result with the same key and iv using the library, we get a different cipherText

8dd33279c17afad8563bbc1fc60c6b306121ffb19ffb264f8b12a3292dbe6ca2faae0c2106fded72545b2c4509daad9e9b7b2e54ef3eb03f5562daf088bbcee642417a2c0305e708679403f91298f32f3e665406dfd3a689f126d03c01c66f518993626770023379c8726a0825570db508987156e125adc3f8af137eb87ef4732f4536ba84cffe7e9d9a04a334a129b499f387bfcca03bcf5092872991db969f

I've checked the WebCrypto API and according to the spec it should follow the same algorithm AES-128-CBC with PKCS7 padding
https://www.w3.org/TR/WebCryptoAPI/#aes-cbc-description

Submissions

1

Comments

0

Submissions are private

The submissions for this bounty have been set to private.