iphone - AESCrypt decryption between iOS and PHP

Question

I am having a heck of a time figuring out how to decrypt a string encrypted with the NSData+AESCrypt.m (Explained here)

I have been looking at a handful of other threads, but I only need the iDevice to send a string to a PHP file encrypted, and then it gets decrypted inside PHP (where it gets stored into a database).

This code :

NSString *encryptedString = [@"Hello" AES256EncryptWithKey:@"a16byteslongkey!"];
NSLog(@"The strign encrypted : %@",encryptedString);

Returns the string encrypted : 7opqbb7sEVNoXplyQv/X8g==

And here is my PHP code for decryption:

function decrypt_data($data, $key) {
    return mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key,$data,MCRYPT_MODE_ECB);
}

function unpadPKCS7($data, $blockSize) {
    $length = strlen ( $data );
    if ($length > 0) {
        $first = substr ( $data, - 1 );

        if (ord ( $first ) <= $blockSize) {
            for($i = $length - 2; $i > 0; $i --)
                if (ord ( $data [$i] != $first ))
                    break;

            return substr ( $data, 0, $i );
        }
    }
    return $data;
}

function decrypt_string($string) {
    $string = unpadPKCS7($string,128);
    $string = decrypt_data($string,"a16byteslongkey!");
    return $string;
}
die('<br>Basic :'.decrypt_string('7opqbb7sEVNoXplyQv/X8g=='));

UPDATE:

Been doing some MD5 decryption and experimenting a lot, but still far from achieving usable results. This is what I got so far:

Original string : Hello
AES256Encrypt result : 7opqbb7sEVNoXplyQv/X8
base64_decode Decrypted: ??jm?ìSh^?rB?×
mcrypt_rijndael_128 : ?ˉ????(ás2’'u)
mcrypt_rijndael_128 & hex2bin : U?)?±+úy′e

Sadly, no matter how I bend and twist this, I just get jibberish. Can anyone see what I'm doing wrong?

Answer 1

Disclaimer: I have zero iPhone development experience.

Short answer - what tc. said. Something is horribly wrong with the AES256EncryptWithKey:

Being AES256 you would expect it to require a 32 byte key, not a 16 byte key. But OK, say it pads shorter keys with null bytes to make them 32 bytes. This might explain why your 16 byte key is being padded with 16 null characters.

But, when it comes to the actual act of encryption, it's using AES 128, but with the 32 byte key. Say wha?

Converting tc.'s Python to PHP:

$base64encoded_ciphertext = '7opqbb7sEVNoXplyQv/X8g==';
$key = 'a16byteslongkey!';

$padded_key = $key . str_repeat(chr(0x00), 16); // Argh!

$result = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $padded_key, base64_decode($base64encoded_ciphertext), 'ecb');

// Yetch - $result ends up being padded with 0x0b's (vertical tab).
var_dump(rtrim($result, chr(0x0b)));

Result:

string(5) "Hello"

~~

Edit: This post from Henno has some relevant details.

~~

Did some additional research. The null padding on your key is likely because AES256 requires a 32 byte key. The 0x0B padding on the plaintext is thanks to PKCS7. PKCS7 is a padding scheme where the byte used for padding is equal in value to the number of bytes added. In this example, 11 bytes were added to the end of 'Hello' turning your 5 byte input into a 16 byte block for AES. 11 = 0x0B.

Thus, the code above will not work when the plaintext is not length = 5. Try the following instead:

$pad_char = ord(substr($result, -1));
$result_without_padding = substr($result, 0, strlen($result) - $pad_char);