3

I've checked all the related Stack Overflow questions. Also checked the links in that answers but didn't got any usable solution.

Here is my php script and I've nothing to do with this script (as I can't change the script).

function encrypt($message,$secretKey) {
return base64_encode(
    mcrypt_encrypt(
        MCRYPT_RIJNDAEL_256,
        $secretKey,
        $message,
        MCRYPT_MODE_ECB
    )
 );
}

I'm unable to decrypt it in Objective C. I've used a number of Categories like Strong Encryption for Cocoa / Cocoa Touch etc, also I followed this question How do I do base64 encoding on iOS?

Here is the objective C codes that I used for decryption (found in cocoa-aes Category NSData+AES.h) 

- (NSData *)AESDecryptWithPassphrase:(NSString *)pass
{
    NSMutableData *ret = [NSMutableData dataWithCapacity:[self length]];
    unsigned long rk[RKLENGTH(KEYBITS)];
    unsigned char key[KEYLENGTH(KEYBITS)];
    const char *password = [pass UTF8String];
    for (int i = 0; i < sizeof(key); i++)
        key[i] = password != 0 ? *password++ : 0;

    int nrounds = rijndaelSetupDecrypt(rk, key, KEYBITS);
    unsigned char *srcBytes = (unsigned char *)[self bytes];
    int index = 0;
    while (index < [self length])
    {
        unsigned char plaintext[16];
        unsigned char ciphertext[16];
        int j;
        for (j = 0; j < sizeof(ciphertext); j++)
        {
            if (index >= [self length])
                break;

            ciphertext[j] = srcBytes[index++];
        }
        rijndaelDecrypt(rk, nrounds, ciphertext, plaintext);
        [ret appendBytes:plaintext length:sizeof(plaintext)];
        NSString* s = [[NSString alloc] initWithBytes:plaintext length:sizeof(plaintext) encoding:NSASCIIStringEncoding];
        NSLog(@"%@",s);
    }
    return ret;
}

Also I tried this decoder 

- (NSData*) aesDecryptWithKey:(NSString *)key initialVector:(NSString*)iv
{
    int keyLength = [key length];
    if(keyLength != kCCKeySizeAES128)
    {
        DebugLog(@"key length is not 128/192/256-bits long");

        ///return nil;
    }

    char keyBytes[keyLength+1];
    bzero(keyBytes, sizeof(keyBytes));
    [key getCString:keyBytes maxLength:sizeof(keyBytes) encoding:NSUTF8StringEncoding];

    size_t numBytesDecrypted = 0;
    size_t decryptedLength = [self length] + kCCBlockSizeAES128;
    char* decryptedBytes = malloc(decryptedLength);

    CCCryptorStatus result = CCCrypt(kCCDecrypt, 
                                     kCCAlgorithmAES128 , 
                                     (iv == nil ? kCCOptionECBMode | kCCOptionPKCS7Padding : kCCOptionPKCS7Padding),
                                     keyBytes, 
                                     keyLength, 
                                     iv,
                                     [self bytes], 
                                     [self length],
                                     decryptedBytes, 
                                     decryptedLength,
                                     &numBytesDecrypted);

    if(result == kCCSuccess){
        NSData* d=[NSData dataWithBytesNoCopy:decryptedBytes length:numBytesDecrypted];
        NSLog(@"%@",[NSString stringWithUTF8String:[d bytes]]);
        return d;
    }
    free(decryptedBytes);
    return nil;
}
halfer
  • 19,824
  • 17
  • 99
  • 186
Lee
  • 95
  • 1
  • 8
  • What have you tried? If you can show your Objective C code then people might be able to help you. – Cameron Skinner Oct 01 '11 at 06:54
  • I've added the code used for decryption – Lee Oct 01 '11 at 07:06
  • 1
    This is only tangentially relevant, especially since you say that you can't change the PHP script, but you should note that [ECB mode is not secure](http://stackoverflow.com/questions/1220751/how-to-choose-an-aes-encryption-mode-cbc-ecb-ctr-ocb-cfb). – Ilmari Karonen Oct 01 '11 at 07:10

1 Answers1

8

From the looks of it, that php function does two things.

  1. mcrypt using MCRYPT_RIJNDAEL_256
  2. base64 encodes the output of (1)

That would by why simply using base64 doesn't work. I'm going to guess from the name that MCRYPT_RIJNDAEL_256 is just AES 256.

Hope that helps.

Edit:

The code you added above looks ok. You just have to base64 decode the data first.

The php script does this:

  1. aes encrypt
  2. base64 encode

So you want to do this in your cocoa app:

  1. base64 decode
  2. aes decrypt

If you're having trouble, you might want to play around and see if you can get cocoa to do the same thing as the php script: encrypt and base64 encode the data. If you can get the output of your encryption function to be the same as the output of the php encryption function, you're in a good place to get it decrypting.

Kenny Winker
  • 11,919
  • 7
  • 56
  • 78