How can I make CCCrypt compute AES in another mode?

Question

The signature of one-shot crypto method CCCrypt is this (from CommonCryptor.h):

CCCryptorStatus CCCrypt(
    CCOperation op,         /* kCCEncrypt, etc. */
    CCAlgorithm alg,        /* kCCAlgorithmAES128, etc. */
    CCOptions options,      /* kCCOptionPKCS7Padding, etc. */
    const void *key,
    size_t keyLength,
    const void *iv,         /* optional initialization vector */
    const void *dataIn,     /* optional per op and alg */
    size_t dataInLength,
    void *dataOut,          /* data RETURNED here */
    size_t dataOutAvailable,
    size_t *dataOutMoved)

None of the parameter seems to accept a CCMode value (maybe sneakily, since all the enums are integers?). I have tried around combining it with the CCOptions parameter, but to no avail; the two enums are not options, and don't combine unambiguously.

It's not explicitly documented there, but I surmise from what I find around the web that the mode used with kCCAlgorithmAES is CBC.

How can I change the AES mode CCCrypt uses?

Answer 1

The documentation says:

CCCrypt Stateless, one-shot encrypt or decrypt operation. This basically performs a sequence of CCCrytorCreate() [sic], CCCryptorUpdate(), CCCryptorFinal(), and CCCryptorRelease().

Now, CCCryptorCreate does not seem to accept a mode parameter, either; in fact, we see that CBC is indeed hardcoded (aside from the one, somewhat arbitrary that allows us to use ECB):

/* Determine mode from options - old call only supported ECB and CBC 
   we treat RC4 as a "mode" in that it's the only streaming cipher
   currently supported 
*/
if(alg == kCCAlgorithmRC4) mode = kCCModeRC4;
else if(options & kCCOptionECBMode) mode = kCCModeECB;
else mode = kCCModeCBC;

If we want to use another mode we have to use CCCryptorCreateWithMode. So, unfortunately, it does not appear to be possible to change the mode of CCCrypt.