4

Hi I am currently working for encryption and decryption for a string using AES algorithm in PHP and Android. I got the similar values in iOS and in Android. But I cant get the same output in PHP. It shows some other encrypted string. I want to achieve the same result in all iOS, Android and PHP. At the moment iOS and Android are working fine. But I cant fix in PHP.

Please check the screenshots and compare the values. I used "Android" as value and "abcdef" as key.

<?php

$Pass = "abcdef";
$Clear = "android";        

$crypted = mc_encrypt($Clear, $Pass);
echo "Encrypred: ".$crypted."</br>";

$newClear = mc_decrypt($crypted, $Pass);
echo "Decrypred: ".$newClear."</br>";  



function mc_encrypt($encrypt, $mc_key) {
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND);
    $passcrypt = trim(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $mc_key, trim($encrypt), MCRYPT_MODE_ECB, $iv));
    $encode = base64_encode($passcrypt);
    return $encode;
}

function mc_decrypt($decrypt, $mc_key) {
    $decoded = base64_decode($decrypt);
    $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB), MCRYPT_RAND);
    $decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $mc_key, trim($decoded), MCRYPT_MODE_ECB, $iv));
    return $decrypted;
}

?>

I get the following output Encrypred: +NzljOmN0msNkWr/cst11Q==

Decrypred: android

in iPhone

in Android

Below code is used in Android

package com.example.aesalg;

import java.security.MessageDigest;
import java.security.spec.AlgorithmParameterSpec;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

import android.util.Base64;

public class AESCrypt {

private final Cipher cipher;
private final SecretKeySpec key;
private AlgorithmParameterSpec spec;


public AESCrypt(String password) throws Exception
{
    // hash password with SHA-256 and crop the output to 128-bit for key
    MessageDigest digest = MessageDigest.getInstance("SHA-256");
    digest.update(password.getBytes("UTF-8"));
    byte[] keyBytes = new byte[32];
    System.arraycopy(digest.digest(), 0, keyBytes, 0, keyBytes.length);

    cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
    key = new SecretKeySpec(keyBytes, "AES");
    spec = getIV();
}       

public AlgorithmParameterSpec getIV()
{
    byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, };
    IvParameterSpec ivParameterSpec;
    ivParameterSpec = new IvParameterSpec(iv);

    return ivParameterSpec;
}

public String encrypt(String plainText) throws Exception
{
    cipher.init(Cipher.ENCRYPT_MODE, key, spec);
    byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));
    String encryptedText = new String(Base64.encode(encrypted, Base64.DEFAULT), "UTF-8");
    System.out.println("Encrypt Data"+ encryptedText);
    return encryptedText;
}

public String decrypt(String cryptedText) throws Exception
{
    cipher.init(Cipher.DECRYPT_MODE, key, spec);
    byte[] bytes = Base64.decode(cryptedText, Base64.DEFAULT);
    byte[] decrypted = cipher.doFinal(bytes);
    String decryptedText = new String(decrypted, "UTF-8");
    System.out.println("Encrypt Data"+ decryptedText);
    return decryptedText;
}
}
Improve this question
9
  • what is your output in php ? Commented Aug 21, 2013 at 12:50
  • How many bits are the mobile versions? Try one of the different PHP encryption types - perhaps it is not 128 you want: php.net/manual/en/mcrypt.ciphers.php Commented Aug 21, 2013 at 13:01
  • what android code is used? Commented Aug 21, 2013 at 13:04
  • Do you get the same encrypted output everytime you run your PHP / android / iOS code? Commented Aug 21, 2013 at 13:12
  • @cuewizchris Yes I get the same output everytime. Commented Aug 21, 2013 at 13:17

2 Answers 2

Reset to default
3

You are using CBC in your Android app and ECB in the PHP code. See wikipedia for more details.

Try to change mcrypt parameter to MCRYPT_MODE_CBC. Also I believe mcrypt is always using zero padding (I'm not a PHP expert) so on the Android side you have to use "AES/CBC/ZeroBytePadding"

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Can you explain what it is in the Java code that shows this to be the case (or is it a default that needs changing)? Can you explain the difference between the two modes, and suggest which one would be best changed? (This may be the right answer, but substantial answers are encouraged here :=)).
0

in php try this code

  public function encrypt($string, $key)
  {
      $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
      $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
      $pad = $block - (strlen($string) % $block);
      $string .= str_repeat(chr($pad), $pad);
      mcrypt_generic_init($td, $key, 'fedcba9876543210');
      $encrypted = mcrypt_generic($td, $string);
      mcrypt_generic_deinit($td);
      mcrypt_module_close($td);

      return $encrypted;
  }

  function decrypt($string, $key) 
  {
      $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
      mcrypt_generic_init($td, $key, 'fedcba9876543210');
      $decrypted = mdecrypt_generic($td, $string);
      mcrypt_generic_deinit($td); 
      mcrypt_module_close($td);

      return $decrypted;
  }
Improve this answer

1 Comment

Hello,Dinesh Can you share your iOS Code detail ? If it generates encrypted string same as Android , and also php code if you have got solution of your current issue.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.