CODEWITHSUNDEEP
phpandroidiosaes
dinesh
dinesh

Reputation: 837

AES algorithm differs in PHP from Android and iOS

Hi I am currently working for encryption and decryption for a string using AES algorithm in PHP and Android. I got the similar values in iOS and in Android. But I cant get the same output in PHP. It shows some other encrypted string. I want to achieve the same result in all iOS, Android and PHP. At the moment iOS and Android are working fine. But I cant fix in PHP.

Please check the screenshots and compare the values. I used "Android" as value and "abcdef" as key.

<?php

$Pass = "abcdef";
$Clear = "android";        

$crypted = mc_encrypt($Clear, $Pass);
echo "Encrypred: ".$crypted."</br>";

$newClear = mc_decrypt($crypted, $Pass);
echo "Decrypred: ".$newClear."</br>";  



function mc_encrypt($encrypt, $mc_key) {
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND);
    $passcrypt = trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $mc_key, trim($encrypt), MCRYPT_MODE_ECB, $iv));
    $encode = base64_encode($passcrypt);
    return $encode;
}

function mc_decrypt($decrypt, $mc_key) {
    $decoded = base64_decode($decrypt);
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND);
    $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $mc_key, trim($decoded), MCRYPT_MODE_ECB, $iv));
    return $decrypted;
}

?>

I get the following output Encrypred: +NzljOmN0msNkWr/cst11Q==

Decrypred: android

in iPhone

in Android

Below code is used in Android

package com.example.aesalg;

import java.security.MessageDigest;
import java.security.spec.AlgorithmParameterSpec;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import android.util.Base64;

public class AESCrypt {

private final Cipher cipher;
private final SecretKeySpec key;
private AlgorithmParameterSpec spec;


public AESCrypt(String password) throws Exception
{
    // hash password with SHA-256 and crop the output to 128-bit for key
    MessageDigest digest = MessageDigest.getInstance("SHA-256");
    digest.update(password.getBytes("UTF-8"));
    byte[] keyBytes = new byte[32];
    System.arraycopy(digest.digest(), 0, keyBytes, 0, keyBytes.length);

    cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
    key = new SecretKeySpec(keyBytes, "AES");
    spec = getIV();
}       

public AlgorithmParameterSpec getIV()
{
    byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, };
    IvParameterSpec ivParameterSpec;
    ivParameterSpec = new IvParameterSpec(iv);

    return ivParameterSpec;
}

public String encrypt(String plainText) throws Exception
{
    cipher.init(Cipher.ENCRYPT_MODE, key, spec);
    byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));
    String encryptedText = new String(Base64.encode(encrypted, Base64.DEFAULT), "UTF-8");
    System.out.println("Encrypt Data"+ encryptedText);
    return encryptedText;
}

public String decrypt(String cryptedText) throws Exception
{
    cipher.init(Cipher.DECRYPT_MODE, key, spec);
    byte[] bytes = Base64.decode(cryptedText, Base64.DEFAULT);
    byte[] decrypted = cipher.doFinal(bytes);
    String decryptedText = new String(decrypted, "UTF-8");
    System.out.println("Encrypt Data"+ decryptedText);
    return decryptedText;
}
}

Upvotes: 4

Views: 5059

Answers (2)

Liolik
Liolik

Reputation: 801

in php try this code

  public function encrypt($string, $key)
  {
      $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
      $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
      $pad = $block - (strlen($string) % $block);
      $string .= str_repeat(chr($pad), $pad);
      mcrypt_generic_init($td, $key, 'fedcba9876543210');
      $encrypted = mcrypt_generic($td, $string);
      mcrypt_generic_deinit($td);
      mcrypt_module_close($td);

      return $encrypted;
  }

  function decrypt($string, $key) 
  {
      $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
      mcrypt_generic_init($td, $key, 'fedcba9876543210');
      $decrypted = mdecrypt_generic($td, $string);
      mcrypt_generic_deinit($td); 
      mcrypt_module_close($td);

      return $decrypted;
  }

Upvotes: 0

msh
msh

Reputation: 2770

You are using CBC in your Android app and ECB in the PHP code. See wikipedia for more details.

Try to change mcrypt parameter to MCRYPT_MODE_CBC. Also I believe mcrypt is always using zero padding (I'm not a PHP expert) so on the Android side you have to use "AES/CBC/ZeroBytePadding"

Upvotes: 3

Related Questions