At the very least, you are using differing initialization vectors (IV).
-
The .Net code uses the key for IV.
private static AesCryptoServiceProvider GetProvider(byte[] key) { //Set up the encryption objects AesCryptoServiceProvider result = new AesCryptoServiceProvider(); byte[] RealKey = Encryptor.GetKey(key, result); result.Key = RealKey; result.IV = RealKey; return result; }
and
private static byte[] GetKey(byte[] suggestedKey, AesCryptoServiceProvider p) { byte[] kRaw = suggestedKey; List kList = new List(); for (int i = 0; i < p.LegalKeySizes[0].MinSize; i += 8 ) { kList.Add(kRaw[i % kRaw.Length]); } byte[] k = kList.ToArray(); return k; }
which should probably be:
kList.Add(kRaw[(i / 8) % kRaw.Length]);
. Otherwise a key whose length % 8 == 0 will use the same letter repeatedly, doh!Thus the IV (and key) used by .Net is:
hleolhleolhleolh
. This is not part of the API, but rather due to the wrapper code that you pointed at (which has a serious bug in it…). -
The iPhone code uses 0 for IV.
// Initialization vector; dummy in this case 0's. uint8_t iv[kChosenCipherBlockSize]; memset((void *) iv, 0x0, (size_t) sizeof(iv));
-
openssl by default prepends a randomly generated salt (which is why the output is longer!).
The openssl output is more secure since it is prepending a random initialization vector. It looks like the first few bytes of the base64 decoded string is “Salted__”. You can also ask openssl to not use a salt (-nosalt) and / or provide an IV (-iv).
Essentially, openssl, .Net, and the iPhone are using the same encryption, you just need to be careful how you initialize the APIs with the encryption key and the initialization vector.