I encrypt a login in php with this script :
//PHP Code
function cypherAES128($plaintext, $key)
{
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaintext, MCRYPT_MODE_ECB/*, $iv*/);
$ciphertext = base64_encode($ciphertext);
return $ciphertext;
}
function uncypherAES128($ciphertext, $key)
{
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$ciphertext = base64_decode($ciphertext);
$plaintext = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertext, MCRYPT_MODE_ECB/*, $iv*/);
return $plaintext;
}
I get the encrypted password in my iOS app, and try to decrypt it with FBEncryptorAES.
I can get the login decrypted back if it is smaller than 16 character.
//PHP Code
echo cypherAES128("aShortLogin", $key); //this encrypted login can be decrypted
echo cypherAES128("loginGreaterThan16Characters", $key); //this encrypted login cannot
When the encrypted word is greater than 15 char, I got a kCCDecodeError -4304.
A little precision : It sounds like long login can be encrypted then decrypted whithin the PHP script, AND encrypted then decrypted with FBEncryptor. Only PHP encrypt => objectiveC decrypt doesn't works
Any idea please?? I'm a beginner in iOS and cryptography.
Thanks in advance, and sorry for my poor english.
[EDIT] Don't sure the problem is only the objectiveC, because as I said, the FBEncryptor can decode text it encoded itself.
The error appears when I excecute this code :
//Objective-C code:
NSString * decryptedLogin = [FBEncryptorAES decryptBase64String: encryptedLogin keyString:AESKey];
Whith "encryptedLogin" = the value returned by the PHP script. Changing value and lenght of AESKey doesn't seem to work. (AESKey = same key as the $key in PHP) Tried 16 & 32 bytes length key.
I don't changed the code in FBEncryptorAES, here is decryptBase64String :
//Objective-C code
+ (NSData*)decryptData:(NSData*)data key:(NSData*)key iv:(NSData*)iv;
{
NSData* result = nil;
// setup key
unsigned char cKey[FBENCRYPT_KEY_SIZE];
bzero(cKey, sizeof(cKey));
[key getBytes:cKey length:FBENCRYPT_KEY_SIZE];
// setup iv
char cIv[FBENCRYPT_BLOCK_SIZE];
bzero(cIv, FBENCRYPT_BLOCK_SIZE);
if (iv) {
[iv getBytes:cIv length:FBENCRYPT_BLOCK_SIZE];
}
// setup output buffer
size_t bufferSize = [data length] + FBENCRYPT_BLOCK_SIZE;
void *buffer = malloc(bufferSize);
// do decrypt
size_t decryptedSize = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
FBENCRYPT_ALGORITHM,
kCCOptionPKCS7Padding,
cKey,
FBENCRYPT_KEY_SIZE,
cIv,
[data bytes],
[data length],
buffer,
bufferSize,
&decryptedSize);
if (cryptStatus == kCCSuccess) {
result = [NSData dataWithBytesNoCopy:buffer length:decryptedSize];
} else {
free(buffer);
NSLog(@"[ERROR] failed to decrypt| CCCryptoStatus: %d", cryptStatus);
}
return result;
}
The String is converted into a Base64 string. I don't think that the conversion is the problem.