2

I have been trying to figure out how to decrypt strings using javascript that were encoded using codeiginter's encryption library.

So far I found this as a guide php to js-mcrypt

But I could not figure out how to supply the iv variable. Because codeiginter randomly generates it upon encryption.

My sample code is 

//PHP Side
    $this->encrypt->encode('apple','1234567');
    //The result is : 2lek4Q1mz4CJtTy2ot/uJWlfeGKuGiUKuKkR5Utkwc1nSWjf3JqG8gOhNmS13mt25QVbgP/2QOuffpn7rhIOmQ==


//JS Side
var encrypted = '2lek4Q1mz4CJtTy2ot/uJWlfeGKuGiUKuKkR5Utkwc1nSWjf3JqG8gOhNmS13mt25QVbgP/2QOuffpn7rhIOmQ==';



var key = 'fcea920f7412b5da7be0cf42b8c93759';//md5 version of "1234567"

var iv = 'some 32 length string';// I don't know how to get the IV because it constantly change in PHP

var decrypted = mcrypt.Decrypt(atob(encrypted), iv, key, 'rijndael-256', 'cbc');

                console.log(decrypted);
Improve this question
0

1 Answer 1

Reset to default
1

A random iv is generally pre-pended to the encrypted data.

Simple encryption of 5 bytes ('apple') with padding using 'rijndael-256' would produce 32 bytes of output. In this case the encrypted output is 88-bytes so the iv is probably there along with something else.

Also mcrypt is somewhat brain-dead in that it does not support the standard PKCS#7 (AKA PKCS#5) padding so that is also an interoperability problem.

Note: 'rijndael-256' means a block size of 256-bits, not a key size and AES is essentially Rijndael with a block size of 128-bits, it is best to use a block size of 128-bits and be compatible with AES.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.