AES256 encryption in PHP and decryption in Delphi?

[pk0391]

Hi,

i am trying to encrypt text in PHP (result of web form) and decrypt it in Delphi using AES-256, but withnout success.

In php i am using OpenSSL_encrypt with following code:

$key="secure";
$plaintext = "Hello";
$cipher = "aes-256-cbc";
$ivlen = 16;
$iv = openssl_random_pseudo_bytes($ivlen);
$ciphertext = openssl_encrypt($plaintext, $cipher, $key, $options=0, $iv);

The Delphi code to decrypt is (i made my own function TEncUtil.DecryptString, which converts string to stream and then calls TEncUtil.Decrypt):

EncUtil.UseBase64 := true;
EncUtil.Passphrase := 'secure';
EncUtil.Cipher := 'AES-256-CBC';
EncUtil.DecryptString(cipherText, s);

When i am trying to decrypt it in Delphi, receive an error. Also the encrypted string length is different.
The problem i see is in initial vector, where in PHP is required also for decryption, but in Delphi is not required, but created during encryption (decryption?) process according some rules.

Do you have any suggestions to solve this problem?

Thanks in advance, Pavel

[AndrewKED]

It looks as if you are creating a random Initial Vector in your PHP. Then how would Delphi know what that initial vector is? Decryption will need to make use of both the same key AND the same initial vector that were used during the encryption process. If you're happy to do so, just start with a fixed value initial vector too (e.g. 16 0xFF bytes)