The signature of one-shot crypto method CCCrypt
is this (from CommonCryptor.h
):
CCCryptorStatus CCCrypt(
CCOperation op, /* kCCEncrypt, etc. */
CCAlgorithm alg, /* kCCAlgorithmAES128, etc. */
CCOptions options, /* kCCOptionPKCS7Padding, etc. */
const void *key,
size_t keyLength,
const void *iv, /* optional initialization vector */
const void *dataIn, /* optional per op and alg */
size_t dataInLength,
void *dataOut, /* data RETURNED here */
size_t dataOutAvailable,
size_t *dataOutMoved)
None of the parameter seems to accept a CCMode
value (maybe sneakily, since all the enums are integers?). I have tried around combining it with the CCOptions
parameter, but to no avail; the two enums are not options, and don't combine unambiguously.
It's not explicitly documented there, but I surmise from what I find around the web that the mode used with kCCAlgorithmAES
is CBC.
How can I change the AES mode CCCrypt
uses?
The documentation says:
CCCrypt
Stateless, one-shot encrypt or decrypt operation. This basically performs a sequence ofCCCrytorCreate()
[sic],CCCryptorUpdate()
,CCCryptorFinal()
, andCCCryptorRelease()
.
Now, CCCryptorCreate
does not seem to accept a mode parameter, either; in fact, we see that CBC is indeed hardcoded (aside from the one, somewhat arbitrary that allows us to use ECB):
/* Determine mode from options - old call only supported ECB and CBC
we treat RC4 as a "mode" in that it's the only streaming cipher
currently supported
*/
if(alg == kCCAlgorithmRC4) mode = kCCModeRC4;
else if(options & kCCOptionECBMode) mode = kCCModeECB;
else mode = kCCModeCBC;
If we want to use another mode we have to use CCCryptorCreateWithMode
. So, unfortunately, it does not appear to be possible to change the mode of CCCrypt
.