I have a PHP endpoint that is used by several websites. While POSTing data to the endpoint the sites use encrypted headers to identify various information. The sites use the standard PHP mcrypt_ecb
function, and the endpoint decrypts the variables like this:
$var = trim(mcrypt_ecb(MCRYPT_DES, $key, base64_decode($input), MCRYPT_DECRYPT)));
I don't really have much chance of altering the PHP endpoint, although I could conceivably make another endpoint if mcrypt_ecb
doesn't play nicely.
I now have a PhoneGap app, which also needs to send the encrypted headers. Phonegap can only really use javascript to POST to a remote server. I've looked at the Google CryptoJS to try to acheive this, along side a base64 library. Note that the key is the same as the $key var above.
var encrypted = CryptoJS.DES.encrypt(user.email, key).toString();
var base64 = base64.encode(encrypted);
The problem is that the encrypted string (and I have tried without the base64 encode/decode) when passed through mcrypt_ecb
is garbage. Apparently there are different methods of triple DES encryption?
How would I create a mcrypt_ecb
compatible encrypted string in JavaScript?