Password Based Encryption with MD5 and DES algorithm.

In posts of Alexey Shevchik dedicated to “Symmetric Encryption for Windows and iPhone”
was described algorithm to encrypt and decrypt files using Crypto library. The algorithm that was used is named RC4.
I modified his sources to have possibility encrypt/decrypt strings with PBEwithMD2andDES algorithm. Such functionality
are necessary in some authentication mechanisms.
At first lets look at input parameters for CCCryptorCreate function:
// Create and Initialize the crypto reference.
ccStatus = CCCryptorCreate(encryptOrDecrypt,
                           kCCAlgorithmDES,
                           *pkcs7,
                           (const void *)[newKey bytes],
                           kChosenCipherKeySize,
                           (const void *)iv,
                           &thisEncipher);
There are 4 differences from RC4 implementation.
  1. 1st parameter is the same;
  2. 2nd parameter tells that we’ll use the DES algorithm;
  3. 3rd parameter is the same;
  4. 4th parameter is a symmetric key. it is the first 8 bytes from MD5 hash;
  5. 5th parameter is a key size. In case of DES it is 8 bypass;
  6. 6th parameter is initialization vector. In RC4 case it was empty. In our case it is last 8 bytes of MD5 hash;
  7. 7th parameter is the same.
Here is the constants definition for our algorithm:
#define kChosenCipherBlockSize 16
#define kChosenCipherKeySize 8
16 bytes of MD5 hash that is used for newKey and initialization vector are obtained in the following way:
We concatenate our passphrase string with salt and calculate its length.
  size_t lengthInBytes = (lengthInBits + 7)/8;
  NSData *digest = [passphrase dataUsingEncoding: NSUTF8StringEncoding];
  const size_t digestLength = [digest length] + [(NSData*)salt length];
Then create digest_ with calculated length. Here will be our result. Then make first MD5 digest with CC_MD% function.
  memset((void *) digest_, 0x0, digestLength);
  CC_MD5(digest.bytes,digestLength, digest_);
  digest = [NSData dataWithBytes:digest_ length:CC_MD5_DIGEST_LENGTH];
After it we repeat CC_MD5 calculation N-1 times. Where N is required parameter of PBEwithMD5andDES algorithm.
In this example it N = 20.
  for (int i=1; i<20; i++) {
    CC_MD5(digest.bytes,[digest length], digest_);
    digest = [NSData dataWithBytes:digest_ length:CC_MD5_DIGEST_LENGTH];
  }
Finally we get 16 bytes from result and that will be MD5 hash for the next step – encription/decription with DES.
  return [digest subdataWithRange: NSMakeRange(0,16)];
When CCCryptorCreate finished for DES algorithm encryption we should add to incoming data parameter padding symbols. Length of data with padding symbols must be divided by 8 with remainder 0. And padding symbol choses from range 0x1..0x8.
If data length has in remainder 1 padding symbol is 0x1 if remainder is 2 symbol is 0x2. But if it is 0 padding symbol is 0x8.
After this prepare actions we can encrypt our data.
When we will decrypt with DES some data at the end of decryption we should decrease length of result data on the value that is kept in last result byte. This removes padding symbols from result.
That is all that you should change in Alexey’s solution to have PBEwithMD5andDES algorithm in your iPhone application.