AES-256-ECB encryption/decryption with Arduino <-> PHP openssl

Hello,

I want to exchange data from the Arduino via HTTP with a PHP script and encrypt it via AES-256-ECB.

I use the “arduino cryptography library” and would use base64 encode for the transfer. PHP is running on the server and I use openssl there.

The problem now is that it working on both sides of the encryption, but the encryption is not compatible. As if both sides were encrypting with another key.

I would also choose a different encryption type, but would like to renounce RC4.

Does anyone have any suggestions?

ARDUINO

#include <Crypto.h>
#include <AES.h>
#include <string.h>
#include <Base64.h> //https://github.com/Densaugeo/base64_arduino


AES256 aes256;

byte buffer[16];
byte buffer2[16];

void setup() {
  Serial.begin(115200);
  
  BlockCipher *cipher = &aes256;

  // Planetext
  String message = "Hello my World!!";
  byte plaintext[message.length()];
  message.getBytes(plaintext, message.length());

  // Key (def. by byte or char change also the result!)
  /* 
  char keyc[32] = "12345678123456781234567812345678";
  byte key[32];
  //keyc.getBytes(key, keyc.length());
  for (int i = 0; i<=32; i++) {
    key[i] = keyc[i];
  }
  */
  byte key[32] = {1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8,1,2,3,4,5,6,7,8};
  
  // Encrypt AES-256-ECB
  crypto_feed_watchdog();
  cipher->setKey(key, 32);
  cipher->encryptBlock(buffer, plaintext);
  Serial.print("Original: ");
  Serial.println((char*)plaintext);  

  // Base64 encode
  int inputStringLength = sizeof(buffer);
  int encodedLength = Base64.encodedLength(inputStringLength);
  char encodedString[encodedLength];
  Base64.encode(encodedString, (char*)buffer, inputStringLength);
  Serial.print("Base64 : ");
  Serial.println(encodedString);

  // Base64 decode
  int inputDeStringLength = sizeof(encodedString);
  int decodedLength = Base64.decodedLength(encodedString, inputDeStringLength);
  char decodedString[decodedLength];
  Base64.decode(decodedString, encodedString, inputDeStringLength);

  // Decrypt AES-256-ECB
  cipher->setKey(key, 32);
  cipher->decryptBlock(buffer2, decodedString);
  Serial.print("Output: ");
  Serial.println((char*)buffer2);
}

void loop() {
}

OUTPUT

Original: Hello my World!
Base64 : e0Ha5Ogb3G//dqxArUU4TA==
Output: Hello my World!

PHP openssl

$method = 'AES-256-ECB';
$kkey = '12345678123456781234567812345678';
    
$str = 'Hello my World!';
$encrypted = base64_encode(openssl_encrypt($str, $method, $kkey, OPENSSL_RAW_DATA));
echo $encrypted;

// decode
//$encrypted = "e0Ha5Ogb3G//dqxArUU4TA=="; // return nothing
$encrypted = base64_decode($encrypted);
echo $decryptedData = openssl_decrypt($encrypted, $method, $kkey, OPENSSL_RAW_DATA, "");

OUTPUT

YNmK+4p1TNJFY3ZhEC1CRw==Hello my World!

  1. Key generate by:
char keyc[32] = "12345678123456781234567812345678";
byte key[32];
for (int i = 0; i<=32; i++) {
  key[i] = keyc[i];
}

Use not openssl but phpAES

it will be run:

-- Start --
Execution time to encrypt: 0.00089192390441895 seconds
Cipher-Text: Qh���ה�6��) ~*v
Hex: 5168f8a0b6d794fb36b0e429097e2a76
Base 64: UWj4oLbXlPs2sOQpCX4qdg==

Execution time to decrypt: 0.00084090232849121 seconds
Decrypted-Text: Hello my World!
-- End --

Don't forget to allocate space for the terminating zero byte of the character string:

char keyc[33] = "12345678123456781234567812345678";

or just

char keyc[] = "12345678123456781234567812345678";