To get padding you have to do it yourself or have an API that supports standard paddings such as PKCS7. Base encryption, stream cyphers excepted, are block based, at the lower level there must be full blocks. Some higher level API provide padding.
I pass keys, iv and data as NSData *
and access the bytes as data.bytes
.
For cypher output data:
NSMutableData *dataOut = [NSMutableData dataWithLength:dataIn.length + kCCBlockSizeAES128];
// ...
dataOut.mutableBytes,
dataOut.length,
&cryptBytes
// ...
dataOut.length = cryptBytes;
I would make my API call similar to:
- (NSString *)encryptWithSerpentText:(NSString *)text key:(NSData *)key iv:(NSData *)iv;
The Mac is good but how will you validate it. Best to research best practices for authentication.
For HMAC just use the Apple supplied CommonCrypto library. CommonCrypto also supports: AES128, DES, 3DES, CAST, RC4 and Blowfish but not Serpent.
Finally, to get things working log each step, both in the server and the client, that way the step that is failing with incorrect data can be found. In this case a straight C++ version against the hybrid Objective-C/C++ version.