The iOS and Android project I'm working on requires us to open a webview connecting to a 3rd party website. The problem is that the URL we call must be accompanied with some parameters encrypted using Blowfish with ECB mode.
This 3rd party uses PHP to encrypt/decrypt the parameters and they have given me the code they are using to do the encryption and decryption.
Based on that, in my iOS project, I'm using the FclBlowfish library (https://github.com/cantecim/FclBlowfish) to encrypt/decrypt the data.
After doing everything, the encryption/decryption was not working correctly, and the problem I just found out, after almost 5 hours working on this that in iOS the encryption is almost the same as PHP, but since blowfish generates weird characters, some of them were not being handled by iOS, making the decryption not work.
An example is:
In PHP, my encrypted string is
p%FE& ¶4!ɢߟén™ but in iOS the same encrypted string is p%FE&¶4!É¢ßén as you can see, iOS is missing the Ÿ and ™, making the final encrypted string different, so PHP cannot decrypt correctly.
The Code I'm using on iOS is:
FclBlowfish *bf = [[FclBlowfish alloc] init];
bf.Key = @"MyK3yF8n";
bf.IV = @"aaassss";
[bf prepare];
[bf encrypt:@"21988882121" withMode:modeEBC withPadding:paddingZero]
The encryption/decryption code this lib uses can be seen at: https://github.com/cantecim/FclBlowfish/blob/master/FclBlowfish.m
and the code in PHP is:
$initializationVectorSize = mcrypt_get_iv_size(MCRYPT_BLOWFISH, 'ecb');
$initializationVector = mcrypt_create_iv($initializationVectorSize, MCRYPT_RAND);
// Decrypt
$valor = $_GET['v'];
$valor = base64_decode($valor);
$valor = mcrypt_decrypt(MCRYPT_BLOWFISH, 'MyK3yF8n', $valor, 'ecb', $initializationVector);
print 'Valor: ' . $valor;
// Encrypt
$v = mcrypt_encrypt(MCRYPT_BLOWFISH, 'MyK3yF8n', $valor, 'ecb', $initializationVector);
print $v;
I would appreciate any help trying to figure out why iOS is missing some charecters, making the string non-decryptable in PHP.
Thanks!
UPDATE
So I opened the FclBlowfish code and saw that they were using the NSISOLatin1StringEncoding and NSASCIIStringEncoding Encoding in the Encryption and Decryption methods, then I decided to try a few others and found out that using NSWindowsCP1252StringEncoding actually returns the correct encoding as the PHP one and decryption works like a charm!
Well,
After re-reading my post to see if I forgot any piece of information, it came to me that if the problem is the encoding, then the iOS library maybe using a NSEncoding different then it should be.
So I opened the FclBlowfish code and saw that they were using the NSISOLatin1StringEncoding and NSASCIIStringEncoding Encoding in the Encryption and Decryption methods, then I decided to try a few others and found out that using NSWindowsCP1252StringEncoding actually returns the correct encoding as the PHP one and decryption works like a charm!
Hope this helps someone with the same problem!