It was somewhat not straight forward getting this task done initially for me, but finally everything was fine with Objective-C & PHP on decrypting the text encrypted via iOS code with the help of Google & StackOverflow. So I thought of sharing successful piece of codes for iOS and PHP for this task on my blog. The problem with PHP is PHP does not support PKCS7Padding by default which is supported by iOS. So we need to unpad the encrypted text to make decryption successful at PHP code.
On Objective-C, we will extend NSData class and NSString class to have an AES128 encrypted string on iOS using categories. Basically, important AES128 Encryption code is listed below. But for easy reference, download NSData,NSString AES128 Categories from here. and add them to XCode project.
iOS Code
– (NSData *)AES128EncryptWithKey:(NSString *)key
{
// ‘key’ should be 16 bytes for AES128
char keyPtr[kCCKeySizeAES128 + 1]; // room for terminator (unused)
bzero( keyPtr, sizeof( keyPtr ) ); // fill with zeroes (for padding)// fetch key data
[key getCString:keyPtr maxLength:sizeof( keyPtr ) encoding:NSUTF8StringEncoding];NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That’s why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc( bufferSize );size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt( kCCEncrypt, kCCAlgorithmAES128, kCCOptionECBMode | kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES128,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted );
if( cryptStatus == kCCSuccess )
{
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}free( buffer ); //free the buffer
return nil;
}
Now add the below PHP function at your server side to decrypt the text with PHP. 🙂
PHP Code
function decrypt_password($pass,$key)
{$base64encoded_ciphertext = $pass;
$res_non = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($base64encoded_ciphertext), ‘ecb’);
$decrypted = $res_non;
$dec_s2 = strlen($decrypted);$padding = ord($decrypted[$dec_s2-1]);
$decrypted = substr($decrypted, 0, -$padding);return $decrypted;
}
Tharindu Madushanka 
Great article. Big thanks!
LikeLike
By: cetver on February 9, 2012
at 2:55 PM
Great! Thanks a lot!
LikeLike
By: Ali on February 10, 2012
at 7:49 PM
great tuto! thank you! when you submit your app in app store using this encryption class: you have to answer “Yes” for encryption question? and get a confirmation of approval?
LikeLike
By: daca on November 14, 2012
at 9:52 PM
Actually, for standard encryption like AES 128 you don’t need to submit as Encryption “Yes” answer. They would approve your app without any issues saying “No” using this encryption in your app.
LikeLike
By: Tharindu on November 29, 2012
at 5:10 PM
Thanks a lot:-)
LikeLike
By: Chennai on November 29, 2012
at 1:50 PM
Hello @Tharindu how can i implement this in swift ? I didn’t understand these lines
char keyPtr[kCCKeySizeAES128 + 1]; // room for terminator (unused)
bzero( keyPtr, sizeof( keyPtr ) ); // fill with zeroes (for padding)
LikeLike
By: Mitu on March 25, 2017
at 2:16 PM
Hello @Mitu, You could try with following library for AES 128 encryption support in a Swift app.
https://github.com/krzyzanowskim/CryptoSwift
LikeLike
By: Tharindu on April 5, 2017
at 2:45 PM