Encrypt in PHP openssl and decrypt in javascript CryptoJS

Question

I'm encrypting some parameters in PHP using

 openssl("parameter", "AES-256-ECB", "client")

and I wish to decrypt in CryptoJS:

CryptoJS.AES.decrypt(parameter, "client", {mode: CryptoJS.mode.ECB}).toString(CryptoJS.enc.Utf8);

but it's throwing an empty string.

Any suggestions?

MTK · Accepted Answer · 2022-12-28 12:40:12Z

53

CryptoJS: PHP openssl encrypt -> javascript decrypt

PHP:

function CryptoJSAesEncrypt($passphrase, $plain_text){

    $salt = openssl_random_pseudo_bytes(256);
    $iv = openssl_random_pseudo_bytes(16);
    //on PHP7 can use random_bytes() istead openssl_random_pseudo_bytes()
    //or PHP5x see : https://github.com/paragonie/random_compat

    $iterations = 999;  
    $key = hash_pbkdf2("sha512", $passphrase, $salt, $iterations, 64);

    $encrypted_data = openssl_encrypt($plain_text, 'aes-256-cbc', hex2bin($key), OPENSSL_RAW_DATA, $iv);

    $data = array("ciphertext" => base64_encode($encrypted_data), "iv" => bin2hex($iv), "salt" => bin2hex($salt));
    return json_encode($data);
}

$string_json_fromPHP = CryptoJSAesEncrypt("your passphrase", "your plain text");

JS:

function CryptoJSAesDecrypt(passphrase,encrypted_json_string){

    var obj_json = JSON.parse(encrypted_json_string);

    var encrypted = obj_json.ciphertext;
    var salt = CryptoJS.enc.Hex.parse(obj_json.salt);
    var iv = CryptoJS.enc.Hex.parse(obj_json.iv);   

    var key = CryptoJS.PBKDF2(passphrase, salt, { hasher: CryptoJS.algo.SHA512, keySize: 64/8, iterations: 999});

        
    var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv});

    return decrypted.toString(CryptoJS.enc.Utf8);
}

console.log(CryptoJSAesDecrypt('your passphrase','<?php echo $string_json_fromPHP?>'));

CryptoJS: javascript encrypt -> PHP openssl decrypt

JS:

function CryptoJSAesEncrypt(passphrase, plain_text){

    var salt = CryptoJS.lib.WordArray.random(256);
    var iv = CryptoJS.lib.WordArray.random(16);
    //for more random entropy can use : https://github.com/wwwtyro/cryptico/blob/master/random.js instead CryptoJS random() or another js PRNG

    var key = CryptoJS.PBKDF2(passphrase, salt, { hasher: CryptoJS.algo.SHA512, keySize: 64/8, iterations: 999 });

    var encrypted = CryptoJS.AES.encrypt(plain_text, key, {iv: iv});

    var data = {
        ciphertext : CryptoJS.enc.Base64.stringify(encrypted.ciphertext),
        salt : CryptoJS.enc.Hex.stringify(salt),
        iv : CryptoJS.enc.Hex.stringify(iv)    
    }
    
    return JSON.stringify(data);
}

PHP:

function CryptoJSAesDecrypt($passphrase, $jsonString){

    $jsondata = json_decode($jsonString, true);
    try {
        $salt = hex2bin($jsondata["salt"]);
        $iv  = hex2bin($jsondata["iv"]);          
    } catch(Exception $e) { return null; }

    $ciphertext = base64_decode($jsondata["ciphertext"]);
    $iterations = 999; //same as js encrypting 

    $key = hash_pbkdf2("sha512", $passphrase, $salt, $iterations, 64);

    $decrypted= openssl_decrypt($ciphertext , 'aes-256-cbc', hex2bin($key), OPENSSL_RAW_DATA, $iv);

    return $decrypted;

}

in mi tests I have used : github.com/sytelus/CryptoJS

edited Dec 28, 2022 at 12:40

answered Apr 16, 2017 at 14:53

MTK

3,6005 gold badges40 silver badges60 bronze badges

Sign up to request clarification or add additional context in comments.

15 Comments

vee Over a year ago

This does not work if I use other algo such as AES-128-CBC, AES-192-CBC

vee Over a year ago

Here is the updated code from yours. It is also support all 128, 192, 256 for AES-CBC methods. gist.github.com/ve3/0f77228b174cf92a638d81fddb17189d I must thank you for this.

MTK Over a year ago

Good job.I used the example only for the strongest encryption that can be used with Crypto.js (aes-256-cbc)

MTK Over a year ago

@GaurangSondagar what mean for you "Your function is not work"? which of the functions does not work for you and what errors or what happend? Maybe you have different version of cryptojs ... in mi tests I have used : github.com/sytelus/CryptoJS

MTK Over a year ago

Solutions: 1. Try to find some function in PHP that are compatible with angular (unfortunately I dont work with angular). 2. Use js function above for reencrypt your original data and then must be working. (But with one condition: if people from angular have not changed the original code for CryptoJS see github.com/sytelus/CryptoJS/tree/master/rollups )

|

Muthu Kumar · Accepted Answer · 2022-09-05 07:59:28Z

2

PHP Encryption

   function encryptPhp($string) {
            $encrypt_method="AES-256-CBC";
            $secret_key='secret_key';
            $secret_iv='secret_iv';
            $key=hash('sha256',$secret_key);
            $iv=substr(hash('sha256',$secret_iv),0,16);
            $output=openssl_encrypt($string,$encrypt_method,$key,0,$iv);
            $output=base64_encode($output);
            return $output
    }

javascript Equialent

function decryptString($string) {
        var Utf8 = CryptoJS.enc.Utf8;
        const $secret_key='secret_key';
        const $secret_iv='secret_iv';
        const key= CryptoJS.SHA256($secret_key).toString(CryptoJS.enc.Hex).substring(0,32);
        let iv= CryptoJS.SHA256($secret_iv).toString(CryptoJS.enc.Hex).substring(0,16);
        const encrypt = CryptoJS.enc.Base64.parse($string).toString(CryptoJS.enc.Utf8);
        const decrypt = CryptoJS.AES.decrypt(encrypt, Utf8.parse(key), { iv: Utf8.parse(iv)}).toString(Utf8);
        return decrypt;
    }

Also Don't use secret key & secret iv in browser side, it may affect security

answered Sep 5, 2022 at 7:59

Muthu Kumar

4786 silver badges10 bronze badges

1 Comment

Seiryoku Over a year ago

Thank you! this worked flawlessly, and it's the simplest way I've seen so far!

M Danial · Accepted Answer · 2020-04-12 16:23:52Z

Please use this method It's work for me.. Thanks

Typescript Code (Anuglar 4+) :

encryptUsingAES256() {
let _key = CryptoJS.enc.Utf8.parse(your_token_here);
let _iv = CryptoJS.enc.Utf8.parse(your_token_here);
let encrypted = CryptoJS.AES.encrypt(
  this.request, _key, {
    keySize: 16,
    iv: _iv,
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7
  });
this.encrypted = encrypted.toString();
console.log(this.encrypted)
}


decryptUsingAES256() {
let _key = CryptoJS.enc.Utf8.parse(your_token_here);
let _iv = CryptoJS.enc.Utf8.parse(your_token_here);

this.decrypted = CryptoJS.AES.decrypt(
  this.encrypted, _key, {
    keySize: 16,
    iv: _iv,
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7
  }).toString(CryptoJS.enc.Utf8);
   console.log(this.decrypted) 
}

Collectives™ on Stack Overflow

Encrypt in PHP openssl and decrypt in javascript CryptoJS

3 Answers 3

15 Comments

1 Comment

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

3 Answers 3

15 Comments

1 Comment

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related