CCCrypt returns kCCSuccess in error case and leaks cleartext

Originator:ggl
Number:rdar://23248174 Date Originated:24-Oct-2015
Status:Open Resolved:YES
Product:iOS/OS X/watchOS/tvOS Product Version:all
Classification:Security Reproducible:yes
 
Summary:
When calling CCCrypt with kCCAlgorithmAES128 and using a key not having a length corresponding kCCBlockSizeAES128, CCCrypt returns the PLAINTEXT inside the CIPHERTEXT buffer and kCCSuccess as result value. It should return kCCParamError.

Steps to Reproduce:
#import <CommonCrypto/CommonCryptor.h>
call CCCrypt

Expected Results:
CCCryptorStatus theResult = CCCrypt(kCCEncrypt,
                                        kCCAlgorithmAES128,
                                        kCCOptionPKCS7Padding,
                                        theEncryptionKey.bytes,
                                        theEncryptionKey.length, // not multiple of kCCBlockSizeAES128
                                        inIV.bytes,
                                        inData.bytes,
                                        inData.length,
                                        theCipherText.mutableBytes,
                                        theCipherText.length,
                                        &outLength);

Actual Results:
CCCCryptorStatus returns kCCSuccess and the returned ciphertext is the *plain*text.

Cleartext: 1234
Ciphertext: <31323334 0c0c0c0c 0c0c0c0c 0c0c0c0c> // which is the hex representation of '1234'

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!