Explanation.

I am facing an issue with AES-256-CTR decryption using the react-native-aes-crypto library. The decryption works perfectly on Android but fails on iOS with the error [Error: Decrypt failed].

Below is the decryption code:

import Aes from 'react-native-aes-crypto';

export async function decryptAES_256_CTR(content, key, iv) { 
   const hexIV = base64ToHex(iv);
   const hexKey = base64ToHex(key);

   // Log converted values
   console.log('Cipher (Base64):', content);
   console.log('Key (Hex):', hexKey);
   console.log('IV (Hex):', hexIV);

   // Decrypt using AES
   return await Aes.decrypt(content, hexKey, hexIV, 'aes-256-ctr');
}

function base64ToHex(base64) {
  const raw = Buffer.from(base64, 'base64').toString('binary');
  let result = '';
  for (let i = 0; i < raw.length; i++) {
    const hex = raw.charCodeAt(i).toString(16);
    result += hex.length === 2 ? hex : '0' + hex;
  }
  return result.toUpperCase();
}

Problem Description

• The decryption works well on Android but fails on iOS.
• The exception thrown on iOS:

(NOBRIDGE) ERROR  Error during decryption: [Error: Decrypt failed]

Logs

Here are the logged inputs when the error occurs:

Cipher (Base64): /j2YKMCrAsi00nN9lnshKwmIuHSHFteafgS0uWskhr0aw0152WPZPKKmNQthurxOO0rtHl8F84hlVg8YsqTAZ5enGKNk+XLKUi58c8H7rQO/Dedw8W3Pv6iHrZN/hLTBo1T4V8XP5sC+FP7NxHvTXrL8lfQ/dhWPYqZZ8hae12/Pwa1dNgL4B0hQaV0AdQySix9zRwCqrVUJXdoJizBcf3gvKl6+goMg5+KYLP+xJUSPCMiz01ocL2x2tipLxVo9FUjgnR2nj+OlTrZ99sWPTD8JkzRL77ge6G/wbCyzIU//JbR1Q+FfFCE+GcphMReH5dNiTR5g2XSeZo/GiVz+n+62xXMVySAs/0DJt4P62mnvE6LUkkAY/02wzvVb4jzuMP/R5KL2oZjuqPIfVvRrw/vp1Wj5/KwWKg6sBb0/z28StBn1qB5is/J61orO8yam2DowYFIZE+vZY3TCIlmoaFEviVW52yVWWGnWwa9AVxUYXUH4ZlbhBdGbO9+xrRhtx9RiU5cahMDOen/k2upiej7kBpXyPisPhPPQ1+K9no1D7/HBnawf+cs5UbOi28PmiS0h07nQd86dhKECFKOWzSaY1VNC0iAXRrG3BEzTzxgEjJmt/LCyl6YI+XpYX5BEXPq94hNYPgrhfVdK+uesnGsLT1XegIryzQzUWSoITpX9R8TwoO13HS0wv8Nu26Iuw3CJvbsGSEbG0glY4HRHwvwuSGIwvLo4Cc6QVCIqGhiSUITwMfd4KbCmLcO87qMc1fvyeeEE91A/3kNGY1AqubnJBqVu6eA2oxp3xdJ8HDKm8w1m0qF3sc/QZD/SnWPoaFBcAPV0mW0KG6XvyZpe9+CJUN4vPeoYs2iSYEkiy+n3L/yFo6tZIgvECQ856sjVjozTecEcyZhKPbpAfiKfWaub+VqcnoeAHLSpblnOGnaK7vtBGmzyfVw++Y0NrNhgSIO+IML+13puoxafVtb/aQ3t4+5Ey1n8Qw6ni9a/GJf0Ix7DK404mo7Bkb+YFJKeuOhb49QhMLzUGbeq5ieBAToiHH4Uz2j6Xrbmolp89Wa36EiVjAfkC15S9bEZWUm+H82cchfFwoHee/hmlzVfdzwDS6WQWyARxaBE048uESnFBAbA5PROobEXob73Q7rePWK4sCLY5P3Q/zTHQ0iF0xht7Bvlq7XnpjUqKjBL6cXqbW15gBDgvmIdZKUFCxfuWqaP4eRWVMwo++cq/P+ScIYELI0aHNJ7RfT9vWbElndQm1IgYQak56FiZ7ATp/MBii3xudE5UJ+wyNAvh58ye3DUoNT2SPfp+nA6JzTO7nAM6I3Kr79f3bIDfx2LP11xnYU4nyTE5LM0o7EpluG6sdIPcf4XpljKXxinJ5Dzb3P+kcyZm/ENmHnqyaH3pQT9
Key (Hex): 6B76F4CE1907991A845AB7523F8C1834E658CBF63A0214A589A2F4752BD19977
IV (Hex): 6333AFCC5354A014

Steps to Reproduce

1. Use the decryptAES_256_CTR function on both Android and iOS.
2. Pass the same ciphertext, key, and IV.
3. Observe the failure on iOS.

Troubleshooting Done

1. Verified the key length (32 bytes for AES-256) and IV length (16 bytes).
2. Checked that the ciphertext is in Base64 format.
3. Ensured the library is properly linked using pod install.
4. Tested with different keys and ciphertexts.

Questions

1. Are there any known issues with AES-256-CTR decryption using react-native-aes-crypto on iOS?
2. Could this be due to differences in how the library handles decryption between platforms?
3. Is there a specific configuration required for AES-256-CTR on iOS?

Any help or suggestions would be greatly appreciated!

Explanation.

I am facing an issue with AES-256-CTR decryption using the react-native-aes-crypto library. The decryption works perfectly on Android but fails on iOS with the error [Error: Decrypt failed].

Below is the decryption code:

import Aes from 'react-native-aes-crypto';

export async function decryptAES_256_CTR(content, key, iv) { 
   const hexIV = base64ToHex(iv);
   const hexKey = base64ToHex(key);

   // Log converted values
   console.log('Cipher (Base64):', content);
   console.log('Key (Hex):', hexKey);
   console.log('IV (Hex):', hexIV);

   // Decrypt using AES
   return await Aes.decrypt(content, hexKey, hexIV, 'aes-256-ctr');
}

function base64ToHex(base64) {
  const raw = Buffer.from(base64, 'base64').toString('binary');
  let result = '';
  for (let i = 0; i < raw.length; i++) {
    const hex = raw.charCodeAt(i).toString(16);
    result += hex.length === 2 ? hex : '0' + hex;
  }
  return result.toUpperCase();
}

Problem Description

• The decryption works well on Android but fails on iOS.
• The exception thrown on iOS:

(NOBRIDGE) ERROR  Error during decryption: [Error: Decrypt failed]

Logs

Here are the logged inputs when the error occurs:

Cipher (Base64): /j2YKMCrAsi00nN9lnshKwmIuHSHFteafgS0uWskhr0aw0152WPZPKKmNQthurxOO0rtHl8F84hlVg8YsqTAZ5enGKNk+XLKUi58c8H7rQO/Dedw8W3Pv6iHrZN/hLTBo1T4V8XP5sC+FP7NxHvTXrL8lfQ/dhWPYqZZ8hae12/Pwa1dNgL4B0hQaV0AdQySix9zRwCqrVUJXdoJizBcf3gvKl6+goMg5+KYLP+xJUSPCMiz01ocL2x2tipLxVo9FUjgnR2nj+OlTrZ99sWPTD8JkzRL77ge6G/wbCyzIU//JbR1Q+FfFCE+GcphMReH5dNiTR5g2XSeZo/GiVz+n+62xXMVySAs/0DJt4P62mnvE6LUkkAY/02wzvVb4jzuMP/R5KL2oZjuqPIfVvRrw/vp1Wj5/KwWKg6sBb0/z28StBn1qB5is/J61orO8yam2DowYFIZE+vZY3TCIlmoaFEviVW52yVWWGnWwa9AVxUYXUH4ZlbhBdGbO9+xrRhtx9RiU5cahMDOen/k2upiej7kBpXyPisPhPPQ1+K9no1D7/HBnawf+cs5UbOi28PmiS0h07nQd86dhKECFKOWzSaY1VNC0iAXRrG3BEzTzxgEjJmt/LCyl6YI+XpYX5BEXPq94hNYPgrhfVdK+uesnGsLT1XegIryzQzUWSoITpX9R8TwoO13HS0wv8Nu26Iuw3CJvbsGSEbG0glY4HRHwvwuSGIwvLo4Cc6QVCIqGhiSUITwMfd4KbCmLcO87qMc1fvyeeEE91A/3kNGY1AqubnJBqVu6eA2oxp3xdJ8HDKm8w1m0qF3sc/QZD/SnWPoaFBcAPV0mW0KG6XvyZpe9+CJUN4vPeoYs2iSYEkiy+n3L/yFo6tZIgvECQ856sjVjozTecEcyZhKPbpAfiKfWaub+VqcnoeAHLSpblnOGnaK7vtBGmzyfVw++Y0NrNhgSIO+IML+13puoxafVtb/aQ3t4+5Ey1n8Qw6ni9a/GJf0Ix7DK404mo7Bkb+YFJKeuOhb49QhMLzUGbeq5ieBAToiHH4Uz2j6Xrbmolp89Wa36EiVjAfkC15S9bEZWUm+H82cchfFwoHee/hmlzVfdzwDS6WQWyARxaBE048uESnFBAbA5PROobEXob73Q7rePWK4sCLY5P3Q/zTHQ0iF0xht7Bvlq7XnpjUqKjBL6cXqbW15gBDgvmIdZKUFCxfuWqaP4eRWVMwo++cq/P+ScIYELI0aHNJ7RfT9vWbElndQm1IgYQak56FiZ7ATp/MBii3xudE5UJ+wyNAvh58ye3DUoNT2SPfp+nA6JzTO7nAM6I3Kr79f3bIDfx2LP11xnYU4nyTE5LM0o7EpluG6sdIPcf4XpljKXxinJ5Dzb3P+kcyZm/ENmHnqyaH3pQT9
Key (Hex): 6B76F4CE1907991A845AB7523F8C1834E658CBF63A0214A589A2F4752BD19977
IV (Hex): 6333AFCC5354A014

Steps to Reproduce

1. Use the decryptAES_256_CTR function on both Android and iOS.
2. Pass the same ciphertext, key, and IV.
3. Observe the failure on iOS.

Troubleshooting Done

1. Verified the key length (32 bytes for AES-256) and IV length (16 bytes).
2. Checked that the ciphertext is in Base64 format.
3. Ensured the library is properly linked using pod install.
4. Tested with different keys and ciphertexts.

Questions

1. Are there any known issues with AES-256-CTR decryption using react-native-aes-crypto on iOS?
2. Could this be due to differences in how the library handles decryption between platforms?
3. Is there a specific configuration required for AES-256-CTR on iOS?

Any help or suggestions would be greatly appreciated!

• ios
• react-native
• encryption

• I verified this. Key: 32byte. IV: 8byte. Also I tried using export function base64ToHex(str) { const raw = atob(str); let result = ''; for (let i = 0; i < raw.length; i++) { const hex = raw.charCodeAt(i).toString(16); result += hex.length === 2 ? hex : '0' + hex; } return result.toUpperCase(); } But I faced on same issue. – Backend Engine Developer Commented Jan 19 at 22:29

1 Answer 1

The IV you are using is 8 bytes in size, but AES requires a 16 byte IV.

If you extend the IV with 0x00 values to 16 bytes, i.e. if you apply 0x6333AFCC5354A0140000000000000000, decryption of the posted data is successful, see CyberChef.

Android implicitly extends the too short IV in the way described above, which is why decryption works.
Presumably iOS handles this differently, which results in an incorrect IV and therefore incorrect decryption (unfortunately I don't have iOS and therefore can't check this in more detail).

As a fix, you should try to use the extended 16 bytes IV from above (and in future you should apply 16 bytes IVs from the start).

There is a peculiarity of the react-native-aes-crypto library that should be pointed out: It uses padding for the CTR mode, s. here. This is unnecessary, as a stream cipher mode such as CTR does not actually require padding. As long as you encrypt and decrypt with react-native-aes-crypto, this is not critical. However, as soon as you encrypt with react-native-aes-crypto and decrypt with another library (or vice versa), this must be taken into account.