CCCrypt returns kCCSuccess in error case and leaks cleartext
Originator: | ggl | ||
Number: | rdar://23248174 | Date Originated: | 24-Oct-2015 |
Status: | Open | Resolved: | YES |
Product: | iOS/OS X/watchOS/tvOS | Product Version: | all |
Classification: | Security | Reproducible: | yes |
Summary: When calling CCCrypt with kCCAlgorithmAES128 and using a key not having a length corresponding kCCBlockSizeAES128, CCCrypt returns the PLAINTEXT inside the CIPHERTEXT buffer and kCCSuccess as result value. It should return kCCParamError. Steps to Reproduce: #import <CommonCrypto/CommonCryptor.h> call CCCrypt Expected Results: CCCryptorStatus theResult = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, theEncryptionKey.bytes, theEncryptionKey.length, // not multiple of kCCBlockSizeAES128 inIV.bytes, inData.bytes, inData.length, theCipherText.mutableBytes, theCipherText.length, &outLength); Actual Results: CCCCryptorStatus returns kCCSuccess and the returned ciphertext is the *plain*text. Cleartext: 1234 Ciphertext: <31323334 0c0c0c0c 0c0c0c0c 0c0c0c0c> // which is the hex representation of '1234'
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!