Cannot use in-place buffer if CCCryptorUpdate called multiple times with padding

Number:rdar://9930555 Date Originated:10-Aug-2011 01:29 PM
Status:Open Resolved:
Product: Product Version:
Classification: Reproducible:
10-Aug-2011 01:29 PM Rob Napier:
'' was successfully uploaded

10-Aug-2011 01:29 PM Rob Napier:

The documentation for CCCryptorUpdate says "Encryption and decryption can be performed "in-place", with the same buffer used for input and output." This does not work if CCCryptorUpdate is called multiple times and kCCOptionPKCS7Padding is enabled. In this case, the first block is successful, but all additional blocks are garbled.

Steps to Reproduce:

See attached test file.

Expected Results:

Test file should succeed with USE_SAME_BUFFER and USE_PADDING enabled.

Actual Results:

Test file fails because encryption is corrupted in this case after the first block



plaintext.txt should be a multiple of 16-bytes and larger than kMaxReadSize. (multiple of 16-bytes to demonstrate non-padding).

This does not fail if kMaxReadSize is larger than plaintext.txt (so that CCCryptorUpdate is only called one time).
This fails with or without IV.


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!