too small input packet for ECIES decrypt

Hello,


I am currently getting an error, "too small input packet from ECIES decrypt" in my iOS app under development.


I have two scenarios, on that works and one that doesn't work. I'm trying to figure out why the one doesn't work.


Scenario A - working:


One device, multiple accounts:


User creates account A -

- Create elliptic curve key with kSecAttrKeyTypeECSECPrimeRandom

- Ecrypt data with eciesEncryptionCofactorVariableIVX963SHA256AESGCM

- send encrypted data X to server

- user posts private key to 3rd party server

- logout


User creates accout B, same device same app

- User B searches for user a.

- User B retreives private key from 3rd party

- User B imports private key into keychain using keyAttrs including kSecAttrKeyTypeECSECPrimeRandom

- User B downloads encrypted data X from server, decryption successful



Scenario B - not working:


User creates account A -

- Create elliptic curve key with kSecAttrKeyTypeECSECPrimeRandom

- Ecrypt data with eciesEncryptionCofactorVariableIVX963SHA256AESGCM

- send encrypted data X to server

- user posts private key to 3rd party server

- logout


**USER DELETES APP AND REINSTALLS


User creates accout B, same device same app

- User B searches for user a.

- User B retreives private key from 3rd party

- User B imports private key into keychain using keyAttrs including kSecAttrKeyTypeECSECPrimeRandom

- User B downloads encrypted data X from server -DECRYPT FAILS
- ERROR - Error Domain=NSOSStatusErrorDomain Code=-50 "<SecKeyRef curve type: kSecECCurveSecp256r1, algorithm id: 3, key type: ECPrivateKey, version: 4, block size: 256 bits, addr: 0x108d23620>: too small input packet for ECIES decrypt"

Would greatly apprecaite any support. I am at a loss of why this isn't working and have been baging my head against the wall for 14+ hours. I've double checked key import attrs, encryption varibles, etc. I'm at a loss of what to do.


Thanks,

Nick

Accepted Reply

Thanks for the reply. Ends up I am an ***** and was sending data with 0 bytes to decrypt. User A was able to download the file to be decrypted but User B was kinda able to, the size of the downloaded data was 0 bytes, hence the error message too small input packet for ECIES decrypt. Aparently sometimes error messages can be useful, lol.

Replies

**USER DELETES APP AND REINSTALLS


Which user ?


Could it be that a signature was recreated when user reinstalls ?

The sender's public key is ephemeral ; so, if you reload, maybe you have the wronk key.


Could that lead to the error you get ? Would need to enter into the detailed ECIES protocol to check it.

Thanks for the reply. Ends up I am an ***** and was sending data with 0 bytes to decrypt. User A was able to download the file to be decrypted but User B was kinda able to, the size of the downloaded data was 0 bytes, hence the error message too small input packet for ECIES decrypt. Aparently sometimes error messages can be useful, lol.

Glad you found.


But that's not at all what you described in the problem statement and you did not provide any code where to see it.


You should read this on how to well formulate questions for the forum.

https://forums.developer.apple.com/thread/97547


Good continuation.