Ionic AES256 - PHP AES-256-CBC

Question

Im trying to generate a message cyphred in the official Ionic library 'AES256' and decypt it in my PHP server.

The app send the IV via URL to server and the server knows the key already, then the server try to decrypt the message and sends back the decripted one.

Server side recives .../api/users.json?apikey=1234567890123456&encdata=zx6Jyh8nfunTvN7+TKG34g==:

    $key = hex2bin('96955281571734888210331492195226');

    echo "key: ".bin2hex($key).", encdata: ".$_GET['encdata'].", apikey: ".$_GET['apikey'];
    $out = openssl_decrypt($_GET['encdata'], 'AES-256-CBC', $key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $_GET['apikey']);
    $out = bin2hex($out);
    fwrite($log, $out);

    echo json_encode($out);

Client side generates:

this.encrypt(this.secureKey, this.secureIV, data).then((encdata) => {

    console.log('HTTP request - Sending: '+ url + '&encdata=' + encdata.toString());
    this.http.get(url + '&encdata=' + encdata).map(res => res.json()).subscribe(encdataserver => {
      console.log('HTTP request - Received: '+JSON.stringify(encdataserver));

      this.decrypt(this.secureKey, this.secureServerPreKey, encdataserver).then((data)=>{      
        resolve(data);
      })

    });

  })

I totally stranded so ANY help is very very welcome.

Thank you a lot.

Answer 1

I don't see you performing any base 64 decoding, while the ciphertext pretty clearly is base 64 encoded.

Furthermore, Ionic clearly specifies that PKCS#7 padding was used for the ciphertext, while you are specifying zero padding, so the padding schemes don't match.

Note that AES in itself is not a transport mechanism. If you simply encrypt / decrypt this way, an attacker may use a padding oracle attack and if that succeeds the confidentiality of the message is lost.