douniuta4783 2014-01-17 08:01
浏览 259
已采纳

AES-256-CBC Mcrypt-PHP解密和Crypto-JS加密

I am trying to encrypt in Javascript with CryptoJS and decrypt in PHP. The JS code is:

var salt = CryptoJS.lib.WordArray.random(128/8); 
var key256Bits500Iterations = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 256/32, iterations: 500 });
var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f'); // just chosen for an example, usually random as well

encrypted = CryptoJS.AES.encrypt("Message", key512Bits1000Iterations, { iv: iv });  
var data_base64 = crypted.ciphertext.toString(CryptoJS.enc.Base64);
var iv_base64   = crypted.iv.toString(CryptoJS.enc.Base64);
var key_base64  = crypted.key.toString(CryptoJS.enc.Base64);

And the PHP is as follows:

$encrypted = base64_decode($data_base64);
$iv = base64_decode($iv_base64);
$key = base64_decode($key_base64); 

    $plaintext = mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $encrypted, MCRYPT_MODE_CBC, $iv);
echo ($plaintext);  

This does not return the correct answer.

I am unsure where things are going poorly! I need to do my own IV, but if I do just say:

CryptoJS.AES.Encrypt("Message", "Secret Passphrase");
var data_base64 = crypted.ciphertext.toString(CryptoJS.enc.Base64);
var iv_base64   = crypted.iv.toString(CryptoJS.enc.Base64);
var key_base64  = crypted.key.toString(CryptoJS.enc.Base64);

It DOES successfully work in the PHP code -- only the key_base64 isn't something that can be changed, it has to be what the user remembers... And then it gives me a salt to get a key from the passphrase entered and IDK how it managed to get that using CryptoJS

  • 写回答

1条回答 默认 最新

  • dpo15099 2014-01-20 05:58
    关注

    Your code WILL work if you just fix a few typos there

    JS

        <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
        <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/pbkdf2.js"></script>
        <script>
            var salt = CryptoJS.lib.WordArray.random(128/8); 
            var key256Bits500Iterations = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 256/32, iterations: 500 });
            var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f'); // just chosen for an example, usually random as well
    
            var encrypted = CryptoJS.AES.encrypt("Message", key256Bits500Iterations, { iv: iv });  
            var data_base64 = encrypted.ciphertext.toString(CryptoJS.enc.Base64); 
            var iv_base64   = encrypted.iv.toString(CryptoJS.enc.Base64);       
            var key_base64  = encrypted.key.toString(CryptoJS.enc.Base64);
        </script>
    

    PHP

        <?php
            $encrypted = base64_decode("data_base64"); // data_base64 from JS
            $iv        = base64_decode("iv_base64");   // iv_base64 from JS
            $key       = base64_decode("key_base64");  // key_base64 from JS
    
            $plaintext = rtrim( mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $encrypted, MCRYPT_MODE_CBC, $iv ), "\t\0 " );
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 关于#html5#的问题:H5页面用户手机返回的时候跳转到指定页面例如(语言-javascript)
  • ¥15 无法使用此凭据登录,因为你的域不可用,如何解决?(标签-Windows)
  • ¥15 yolov9的训练时间
  • ¥15 二叉树遍历没有报错但无法正常运行
  • ¥15 在linux系统下vscode运行robocup3d上场球员报错
  • ¥15 Python语言实验
  • ¥15 SAP HANA SQL 增加合计行
  • ¥20 用C#语言解决一个英文打字练习器,有偿
  • ¥15 srs-sip外部服务 webrtc支持H265格式
  • ¥15 在使用abaqus软件中,继承到assembly里的surfaces怎么使用python批量调动