1

Possible Duplicate:
Why does this AES encryption on an iPad and decryption in PHP fail?

I use objective c to encrypt data and php to decrypt

this my code in objective c

NSString *log=[@"enfin on a terminé le projet de cette anné" AES256EncryptWithKey:key]; 
NSString *decr=[@"k6MDFVLV3UrxD63xc1gZBQ==" AES256DecryptWithKey:key];

and this my function in php

$key = "1234567891234567";

$st = urldecode(trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$key, $tmp_st, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND))));
echo("<br>");
// decrypted data
echo "decryptage de (admin) de objective c : ". $st ;

now all work ,but when i use big string more 18 string this code not work

Community
  • 1
  • 1
cs1.6
  • 159
  • 1
  • 2
  • 13

1 Answers1

1

Assuming this is the common AES256EncryptWithKey: that I've seen lots of people copy (for example here), it uses CBC, not ECB. It also unfortunately hard-codes the IV to NULL.

Your PHP code appears to be generating a random IV, which is correct for encryption (though AES256EncryptWithKey: doesn't do so), but incorrect for decryption.

I'm not familiar with the syntax for mcrypt_decrypt, but you appear to be passing a 144 bit key to it (18 bytes). The data is encrypted with a 256-bit key. I don't see what key you're using in your ObjC. A key is not a password (AES256EncryptWithKey: unfortunately treats it like it is).

You can see Properly encrypting with AES with CommonCrypto for more details on how to use CommonCrypto. As I note in the article "it’s a good idea to actually understand this code, not just copy it." That's critical for your PHP decrypt logic as well. You should make sure you carefully read the documentation on mcrypt_decrypt.

Community
  • 1
  • 1
Rob Napier
  • 286,113
  • 34
  • 456
  • 610