If there indeed is any ciphertext packing going on, it would be to include the initialization vector (IV), assuming one was even used in the first place.
In short, if I encrypted a string with AES-128:
- I'd likely be using PBKDF2 to take a weak passphrase and a salt to generate secret key material used to do the encryption itself.
- I'd generate a message-specific (i.e. one-time use) initialization vector for ciphering
- I'd then use the secret key [material] and IV generated in the previous steps to encrypt the string using AES-128:
E(plaintext, key, iv)
- If the string is longer than 16 bytes, I'd have to also use an encryption mode such as CBC, CTR, etc.
- For convenience, I would "pack" the IV (not required to be kept secret) in front of the ciphertext by simply concatenating:
iv+ciphertext
- If I was serious about doing it right, I would generate a message authentication code of the ciphertext and append that as well such that I would now have:
iv+ciphertext+mac
On decrypt, I would then verify the MAC before decrypting (if I was to do it right), and I would then need to separate the IV from the ciphertext, and then run it through my decryption routine: D(ciphertext, key, iv).
Another thing to keep in mind is encoding as sometimes we pass around Base64-encoded strings as a more print-friendly format than raw data. You of course would have to decode that before working on unpacking, decrypting, etc.
For academic purposes, I created Crypto Implementation (DRAFT) back when I was teaching myself crypto and wanted to document processes and best practices as well as keep all "moving parts" in view as a reference when I had to work on this stuff. Lots of rules to follow, but all in all, a lot of good learning and professional development opportunities.
Hope that helps some!
Edit: Per my comment below, I just looked at the original source code for the C# implementation. It appears the only way to decrypt this in PHP would be to have a PHP equivalent of C#'s Rfc2898DeriveBytes as this is the part responsible for generating your IV. Study the DecryptRijndael routine and you'll see where it gets the IV from (it basically implies using the same salt). If you truly have no control or influence over the encryption routine, you might be inclined to hack up a solution involving using C# DLLs in PHP and then call the DecryptRijndael method from PHP.
