Permalink
Browse files

Fix encrypted Session files on 10.6

  • Loading branch information...
dmoagx committed Mar 31, 2017
1 parent 78d950a commit 8239d138463e88e2d96a60a1f378f677893e5f6f
Showing with 5 additions and 3 deletions.
  1. +5 −3 Source/SPDataAdditions.m
View
@@ -149,6 +149,7 @@ - (NSData *)dataEncryptedWithKey:(NSData *)aesKey IV:(NSData *)iv
unsigned char *lenPtr = paddedBytes + (paddedLength - 4);
memcpy(lenPtr, &bigIntDataLength, 4);
size_t bytesWritten;
CCCryptorStatus res = CCCrypt(
kCCEncrypt, // operation mode
kCCAlgorithmAES128, // algorithm
@@ -160,15 +161,15 @@ - (NSData *)dataEncryptedWithKey:(NSData *)aesKey IV:(NSData *)iv
paddedLength, // length of raw data
paddedBytes, // output buffer. overwriting input is OK
paddedLength, // output buffer size
NULL // number of bytes written. not relevant here
&bytesWritten // number of bytes written. not relevant here, but 10.6 fails if omitted
);
if(res != kCCSuccess)
@throw [NSException exceptionWithName:SPCommonCryptoExceptionName
reason:[NSString stringWithFormat:@"CCCrypt() failed! (CCCryptorStatus=%d)",res]
userInfo:@{@"cryptorStatus":@(res)}];
// the return code of CCCrypt() is not always reliable, better check it again
// CVE-2016-4711: the return code of CCCrypt() is not always reliable, better check it again
if(memcmp(lenPtr, &bigIntDataLength, 4) == 0)
@throw [NSException exceptionWithName:NSInternalInconsistencyException reason:@"Encrypted data is same as plaintext data!" userInfo:nil];
@@ -203,6 +204,7 @@ - (NSData *)dataDecryptedWithKey:(NSData *)aesKey
// Decrypt the data
unsigned char *decryptedBytes = calloc(1,encryptedLength);
size_t bytesRead;
CCCryptorStatus res = CCCrypt(
kCCDecrypt, // operation mode
kCCAlgorithmAES128, // algorithm
@@ -214,7 +216,7 @@ - (NSData *)dataDecryptedWithKey:(NSData *)aesKey
encryptedLength, // length of raw data
decryptedBytes, // output buffer. overwriting input is OK
encryptedLength, // output buffer size
NULL // number of bytes written. not relevant here
&bytesRead // number of bytes decrypted. not relevant here, but 10.6 fails if omitted
);
if(res != kCCSuccess) {

0 comments on commit 8239d13

Please sign in to comment.