Posted by: Tharindu | December 15, 2011

AES128 Encryption in iOS and Decryption in PHP

It was somewhat not straight forward getting this task done initially for me, but finally everything was fine with Objective-C & PHP on decrypting the text encrypted via iOS code with the help of Google & StackOverflow. So I thought of sharing successful piece of codes for iOS and PHP for this task on my blog. The problem with PHP is PHP does not support PKCS7Padding by default which is supported by iOS. So we need to unpad the encrypted text to make decryption successful at PHP code.

On Objective-C, we will extend NSData class and NSString class to have an AES128 encrypted string on iOS using categories. Basically, important AES128 Encryption code is listed below. But for easy reference, download NSData,NSString AES128 Categories from here. and add them to XCode project.

iOS Code

– (NSData *)AES128EncryptWithKey:(NSString *)key
// ‘key’ should be 16 bytes for AES128
char keyPtr[kCCKeySizeAES128 + 1]; // room for terminator (unused)
bzero( keyPtr, sizeof( keyPtr ) ); // fill with zeroes (for padding)

// fetch key data
[key getCString:keyPtr maxLength:sizeof( keyPtr ) encoding:NSUTF8StringEncoding];

NSUInteger dataLength = [self length];

//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That’s why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc( bufferSize );

size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt( kCCEncrypt, kCCAlgorithmAES128, kCCOptionECBMode | kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES128,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted );
if( cryptStatus == kCCSuccess )
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];

free( buffer ); //free the buffer
return nil;

Now add the below PHP function at your server side to decrypt the text with PHP. 🙂

PHP Code

function decrypt_password($pass,$key)

$base64encoded_ciphertext = $pass;

$res_non = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($base64encoded_ciphertext), ‘ecb’);

$decrypted = $res_non;
$dec_s2 = strlen($decrypted);

$padding = ord($decrypted[$dec_s2-1]);
$decrypted = substr($decrypted, 0, -$padding);

return  $decrypted;


  1. Great article. Big thanks!


  2. Great! Thanks a lot!


  3. great tuto! thank you! when you submit your app in app store using this encryption class: you have to answer “Yes” for encryption question? and get a confirmation of approval?


    • Actually, for standard encryption like AES 128 you don’t need to submit as Encryption “Yes” answer. They would approve your app without any issues saying “No” using this encryption in your app.


  4. Thanks a lot:-)


  5. Hello @Tharindu how can i implement this in swift ? I didn’t understand these lines
    char keyPtr[kCCKeySizeAES128 + 1]; // room for terminator (unused)
    bzero( keyPtr, sizeof( keyPtr ) ); // fill with zeroes (for padding)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


%d bloggers like this: