Geek Answers Handbook

Php mcrypt for javascript aes integration

I am trying to use javascript to encode data using the AES-256-CBC and php mcrypt libraries for decoding and vice versa.

I know about the problematic nature of javascript and that someone sees the key, but I use javascript for scripting for a non-web environment, so I don’t worry about that.

I found pidder https://sourceforge.net/projects/pidcrypt/

and encrypted some data on the demo page, and then tried to decrypt it using php, but something is wrong and I can not find that ... I use the same key with both ends, a 32-byte string

any pointers would be appreciated

~~~

$encrypted = "string after pidder encryption"; $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_256,'',MCRYPT_MODE_CBC,''); $iv_size = mcrypt_enc_get_iv_size($cipher); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); mcrypt_generic_init($cipher, $key, $iv); $encrypted = base64_decode($encrypted); echo "after b64decode: " . $encrypted . "\n\n\n"; $encrypted = mdecrypt_generic($cipher, $encrypted); echo "decrypt:" . $encrypted;

~~~

+8
javascript php encryption aes pidcrypt
source share
5 answers

Try MCRYPT_RIJNDAEL_128 with a 32-byte key for AES-256.

AES is a 128-bit block cipher that supports 128-, 192- and 256-bit keys. Rijndael-256 is a 256-bit block cipher and AES. AES is the 128-bit block specification for Rijndael.

+1
source share

Pidder uses the key derivation function to get the password key (it should be HMAC-SHA1, I think), but you seem to be using a simple password as the key.

0
source share

Javascript Mcrypt works great with PHP mcrypt. You can use this instead of pidder.

0
source share

Your code is consistent, to be honest, I have not tried to fix it, but I have a function that works well and can help you.

  /** * Encrypt Token * * @param unknown $text */ private function rijndaelEncrypt($text) { $iv_size = mcrypt_get_iv_size ( MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB ); $iv = mcrypt_create_iv ( $iv_size, MCRYPT_RAND ); $key = 'your key'; return base64_encode ( mcrypt_encrypt ( MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv ) ); } /** * Decrypt * * @param unknown $text */ private function rijndaelDecrypt($text) { $iv_size = mcrypt_get_iv_size ( MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB ); $iv = mcrypt_create_iv ( $iv_size, MCRYPT_RAND ); $key = 'your key'; // I used trim to remove trailing spaces return trim ( mcrypt_decrypt ( MCRYPT_RIJNDAEL_256, $key, base64_decode ( $text ), MCRYPT_MODE_ECB, $iv ) ); }

See http://us3.php.net/manual/en/function.mcrypt-encrypt.php

0
source share

first of all: MCRYPT_RIJNDAEL_256 NOT (!) AES-256-CBC, if you want to use this encryption, you must use MCRYPT_RIJNDAEL_128 with 265-bit character with 32 characters.

This will be part of php:

 function decrypt($data, $key) { if(32 !== strlen($key)) $key= hash('SHA256', $key, true); $data = base64_decode($data); $data = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, str_repeat("\0", 16)); $padding = ord($data[strlen($data) - 1]); return substr($data, 0, -$padding); }

This php function includes an add-on, which is an important part, because if the data length of the attached data is not a multiple of the key, you will get something odd.

For decoding, we use some of my Node.js scripts with the php str_repeat emulated method for iv:

 var crypto = require('crypto'); function encrypt(data, key) { key = key || new Buffer(Core.config.crypto.cryptokey, 'binary'), cipher = crypto.createCipheriv('aes-256-cbc', key.toString('binary'), str_repeat('\0', 16)); cipher.update(data.toString(), 'utf8', 'base64'); return cipher.final('base64'); } function str_repeat(input, multiplier) { var y = ''; while (true) { if (multiplier & 1) { y += input; } multiplier >>= 1; if (multiplier) { input += input; } else { break; } } return y; }

NOTE. Static IV ( Initialization Vector ) is not recommended! NOTE. The JavaScript part is for Node.js using the crypto library.

I hope this works for you.

0
source share

More articles:


All Articles