douniuta4783 2014-01-17 08:01
浏览 257
已采纳

AES-256-CBC Mcrypt-PHP解密和Crypto-JS加密

I am trying to encrypt in Javascript with CryptoJS and decrypt in PHP. The JS code is:

var salt = CryptoJS.lib.WordArray.random(128/8); 
var key256Bits500Iterations = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 256/32, iterations: 500 });
var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f'); // just chosen for an example, usually random as well

encrypted = CryptoJS.AES.encrypt("Message", key512Bits1000Iterations, { iv: iv });  
var data_base64 = crypted.ciphertext.toString(CryptoJS.enc.Base64);
var iv_base64   = crypted.iv.toString(CryptoJS.enc.Base64);
var key_base64  = crypted.key.toString(CryptoJS.enc.Base64);

And the PHP is as follows:

$encrypted = base64_decode($data_base64);
$iv = base64_decode($iv_base64);
$key = base64_decode($key_base64); 

    $plaintext = mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $encrypted, MCRYPT_MODE_CBC, $iv);
echo ($plaintext);  

This does not return the correct answer.

I am unsure where things are going poorly! I need to do my own IV, but if I do just say:

CryptoJS.AES.Encrypt("Message", "Secret Passphrase");
var data_base64 = crypted.ciphertext.toString(CryptoJS.enc.Base64);
var iv_base64   = crypted.iv.toString(CryptoJS.enc.Base64);
var key_base64  = crypted.key.toString(CryptoJS.enc.Base64);

It DOES successfully work in the PHP code -- only the key_base64 isn't something that can be changed, it has to be what the user remembers... And then it gives me a salt to get a key from the passphrase entered and IDK how it managed to get that using CryptoJS

  • 写回答

1条回答 默认 最新

  • dpo15099 2014-01-20 05:58
    关注

    Your code WILL work if you just fix a few typos there

    JS

        <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
        <script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/pbkdf2.js"></script>
        <script>
            var salt = CryptoJS.lib.WordArray.random(128/8); 
            var key256Bits500Iterations = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 256/32, iterations: 500 });
            var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f'); // just chosen for an example, usually random as well
    
            var encrypted = CryptoJS.AES.encrypt("Message", key256Bits500Iterations, { iv: iv });  
            var data_base64 = encrypted.ciphertext.toString(CryptoJS.enc.Base64); 
            var iv_base64   = encrypted.iv.toString(CryptoJS.enc.Base64);       
            var key_base64  = encrypted.key.toString(CryptoJS.enc.Base64);
        </script>
    

    PHP

        <?php
            $encrypted = base64_decode("data_base64"); // data_base64 from JS
            $iv        = base64_decode("iv_base64");   // iv_base64 from JS
            $key       = base64_decode("key_base64");  // key_base64 from JS
    
            $plaintext = rtrim( mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, $encrypted, MCRYPT_MODE_CBC, $iv ), "\t\0 " );
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 MATLAB间接平差计算
  • ¥50 nw.js调用activex
  • ¥15 数据库获取信息反馈出错,直接查询了ref字段并且还使用了User文档的_id而不是自己的
  • ¥15 将安全信息用到以下对象时发生以下错误:c:dumpstack.log.tmp 另一个程序正在使用此文件,因此无法访问
  • ¥15 速度位置规划实现精确定位的问题
  • ¥15 代码问题:df = pd.read_excel('c:\User\18343\Desktop\wpsdata.xlxs')路径读不到
  • ¥15 为什么视频算法现在全是动作识别?
  • ¥15 编写一段matlab代码
  • ¥15 用Python做岩石类别鉴定软件
  • ¥15 关于调取、提交更新数据库记录的问题