Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AESCrypt decryption between iOS and PHP

I am having a heck of a time figuring out how to decrypt a string encrypted with the NSData+AESCrypt.m (Explained here)

I have been looking at a handful of other threads, but I only need the iDevice to send a string to a PHP file encrypted, and then it gets decrypted inside PHP (where it gets stored into a database).

This code :

NSString *encryptedString = [@"Hello" AES256EncryptWithKey:@"a16byteslongkey!"];
NSLog(@"The strign encrypted : %@",encryptedString);

Returns the string encrypted : 7opqbb7sEVNoXplyQv/X8g==

And here is my PHP code for decryption:

function decrypt_data($data, $key) {
    return mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key,$data,MCRYPT_MODE_ECB);
}

function unpadPKCS7($data, $blockSize) {
    $length = strlen ( $data );
    if ($length > 0) {
        $first = substr ( $data, - 1 );

        if (ord ( $first ) <= $blockSize) {
            for($i = $length - 2; $i > 0; $i --)
                if (ord ( $data [$i] != $first ))
                    break;

            return substr ( $data, 0, $i );
        }
    }
    return $data;
}

function decrypt_string($string) {
    $string = unpadPKCS7($string,128);
    $string = decrypt_data($string,"a16byteslongkey!");
    return $string;
}
die('<br>Basic :'.decrypt_string('7opqbb7sEVNoXplyQv/X8g=='));

UPDATE:

Been doing some MD5 decryption and experimenting a lot, but still far from achieving usable results. This is what I got so far:

Original string : Hello
AES256Encrypt result : 7opqbb7sEVNoXplyQv/X8
base64_decode Decrypted: îŠjm¾ìSh^™rBÿ×
mcrypt_rijndael_128 : Õ¯Öå«Ž(ás2’'u)
mcrypt_rijndael_128 & hex2bin : UÃ)ı+úy´e

Sadly, no matter how I bend and twist this, I just get jibberish. Can anyone see what I'm doing wrong?

like image 575
Nils Munch Avatar asked Jun 23 '11 22:06

Nils Munch


People also ask

How do I decrypt Aescrypt?

To decrypt the file, you simply right-click on the encrypted file, select the "AES Decrypt" option, and enter your secret password.

Can PHP decrypt data?

In PHP, Encryption and Decryption of a string is possible using one of the Cryptography Extensions called OpenSSL function for encrypt and decrypt.

Can we decrypt AES 256?

Only those who have the special key can decrypt it. AES uses symmetric key encryption, which involves the use of only one secret key to cipher and decipher information.

Can you decrypt AES 128?

Yes, with AES-128-CBC, it is possible to decrypt just a single block of cyphertext. Each block is 128 bits (16 bytes).


2 Answers

Disclaimer: I have zero iPhone development experience.

Short answer - what tc. said. Something is horribly wrong with the AES256EncryptWithKey:

Being AES256 you would expect it to require a 32 byte key, not a 16 byte key. But OK, say it pads shorter keys with null bytes to make them 32 bytes. This might explain why your 16 byte key is being padded with 16 null characters.

But, when it comes to the actual act of encryption, it's using AES 128, but with the 32 byte key. Say wha?

Converting tc.'s Python to PHP:

$base64encoded_ciphertext = '7opqbb7sEVNoXplyQv/X8g==';
$key = 'a16byteslongkey!';

$padded_key = $key . str_repeat(chr(0x00), 16); // Argh!

$result = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $padded_key, base64_decode($base64encoded_ciphertext), 'ecb');

// Yetch - $result ends up being padded with 0x0b's (vertical tab).
var_dump(rtrim($result, chr(0x0b)));

Result:

string(5) "Hello"

~~

Edit: This post from Henno has some relevant details.

~~

Did some additional research. The null padding on your key is likely because AES256 requires a 32 byte key. The 0x0B padding on the plaintext is thanks to PKCS7. PKCS7 is a padding scheme where the byte used for padding is equal in value to the number of bytes added. In this example, 11 bytes were added to the end of 'Hello' turning your 5 byte input into a 16 byte block for AES. 11 = 0x0B.

Thus, the code above will not work when the plaintext is not length = 5. Try the following instead:

$pad_char = ord(substr($result, -1));
$result_without_padding = substr($result, 0, strlen($result) - $pad_char);
like image 185
Tails Avatar answered Oct 07 '22 19:10

Tails


The encrypted string looks like it's been base64 encoded. Try decoding it before you decrypt it.

like image 21
tangrs Avatar answered Oct 07 '22 19:10

tangrs