Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>Disclaimer: I have zero iPhone development experience.</p> <p>Short answer - what tc. said. Something is horribly wrong with the <code>AES256EncryptWithKey</code>:</p> <p>Being AES256 you would expect it to require a 32 byte key, not a 16 byte key. But OK, say it pads shorter keys with null bytes to make them 32 bytes. This might explain why your 16 byte key is being padded with 16 null characters.</p> <p>But, when it comes to the actual act of encryption, it's using AES 128, but with the 32 byte key. Say wha?</p> <p>Converting tc.'s Python to PHP:</p> <pre><code>$base64encoded_ciphertext = '7opqbb7sEVNoXplyQv/X8g=='; $key = 'a16byteslongkey!'; $padded_key = $key . str_repeat(chr(0x00), 16); // Argh! $result = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $padded_key, base64_decode($base64encoded_ciphertext), 'ecb'); // Yetch - $result ends up being padded with 0x0b's (vertical tab). var_dump(rtrim($result, chr(0x0b))); </code></pre> <p>Result:</p> <blockquote> <p>string(5) "Hello"</p> </blockquote> <p>~~</p> <p>Edit: <a href="https://stackoverflow.com/questions/4540725/iphone-aes-256-encryption-without-padding/4541114#4541114">This post</a> from Henno has some relevant details.</p> <p>~~</p> <p>Did some additional research. The null padding on your key is likely because AES256 requires a 32 byte key. The 0x0B padding on the plaintext is thanks to <a href="http://tools.ietf.org/html/rfc5652#section-6.3" rel="nofollow noreferrer">PKCS7</a>. PKCS7 is a padding scheme where the byte used for padding is equal in value to the number of bytes added. In this example, 11 bytes were added to the end of 'Hello' turning your 5 byte input into a 16 byte block for AES. 11 = 0x0B.</p> <p>Thus, the code above will not work when the plaintext is not length = 5. Try the following instead:</p> <pre><code>$pad_char = ord(substr($result, -1)); $result_without_padding = substr($result, 0, strlen($result) - $pad_char); </code></pre>
    singulars
    1. This table or related slice is empty.
    1. POAESCrypt decryption between iOS and PHP
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USCommunity
    1. USTails
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POAESCrypt decryption between iOS and PHP
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTAcceptedByOriginator
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COOh my numerous gods! It works! Thank you so much, this code will be put in effect, and virtual hugs will reach through the interwebs in your direction ;]
      singulars
      1. PO
      1. USNils Munch
    2. COThat's odd; you'd expect MCRYPT_RIJNDAEL_128 to complain when pssed a 256-bit key. +1 for noticing the PKCS#7 padding which I missed entirely!
      singulars
      1. PO
      1. UStc.
    3. COECB mode should not be used to encrypt strings. Use CBC with a prepadded random IV or a stream cipher mode. Passwords are not keys, you need a function such as PBKDF2 to create a secure string. Zero padding may work for strings, but for binary data try PKCS#7 padding instead.
      singulars
      1. PO
      1. USMaarten Bodewes
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload