1

I want to decrypt a encrypted string (encrypted in Nodejs) using PHP passed to the server.

I have found the perfect Nodejs encrypt/decrypt library: Cryptr. I've created a connection in my JavaScript file sending a request to my server with the encrypted string in it.

Now basically I want to decrypt that string.

Taking a look at the Cryptr source, it seems they're using aes-256-ctr as algo method, and sha256 as encryption method.

My Nodejs: https://runkit.com/embed/keu82yjhwyxj

Encrypted string: 1d510024ad0a5da624b76a2be72022bff3aaadfe8ac5e0b6c178b00333

Then I do this in PHP:

<?php
$encrypted = "1d510024ad0a5da624b76a2be72022bff3aaadfe8ac5e0b6c178b00333";
$algorithm = "aes-256-ctr";
$secret_key = "myTotalySecretKey"; 
$iv = "";

$decrypted_data = openssl_decrypt(pack('H*', $encrypted), $algorithm, $secret_key, OPENSSL_RAW_DATA, $iv);
echo $decrypted_data;

But since the IV is randomly generated in Cryptr, how would I generate this in PHP?

How can I decrypt Cryptr encrypted strings using PHP, so it returns "I love pizza!"?

Edit:

Instead pack('H*', $encrypted) try with $encrypted only. Also, you need only data, method and key for decryption.

<?php
$encrypted = "1d510024ad0a5da624b76a2be72022bff3aaadfe8ac5e0b6c178b00333";
$algorithm = "aes-256-ctr";
$secret_key = "myTotalySecretKey";

$decrypted_data = openssl_decrypt($encrypted, $algorithm, $secret_key);
echo $decrypted_data;
Improve this question
3
  • Does your code Works or what is the problem? It's not clear Commented Feb 5, 2019 at 19:33
  • @SilvioCro It does not work. The problem: I'm not sure how I can decrypt strings in PHP generated by the Cryptr dependency for Nodejs. Commented Feb 5, 2019 at 19:34
  • I undeleted answer. Commented Feb 5, 2019 at 19:43

2 Answers 2

Reset to default
2

DO NOT USE CRYPTR. It is insecure. I have opened an issue with the developer, although I'm not sure how it can be fixed without a complete rewrite of the module.

Cryptr uses the CTR encryption mode. This mode is designed for specific use cases, and is not resistant to malleability attacks. If the contents of any encrypted message are known, it is possible to transform that message into any other message. For example, given the encrypted string from the usage sample:

const cryptr = new Cryptr('myTotalySecretKey');

const encryptedString = cryptr.encrypt('bacon');
const decryptedString = cryptr.decrypt(encryptedString);

console.log(encryptedString); // "bcb23b81c4839d06644792878e569de4f251f08007"

(Note that the encrypted string isn't even the same length as what is shown in the module usage. This is an apparent error in their documentation.)

Without knowledge of the key, it is possible to modify this string to make it decrypt to "hello":

var tmp = Buffer.from(encryptedString, "hex");
var b1 = Buffer.from("bacon"), b2 = Buffer.from("hello");
for (var i = 0; i < b1.length; i++) {
    tmp[i + 16] ^= b1[i] ^ b2[i];
}
var ep = tmp.toString("hex");
console.log(ep); // "bcb23b81c4839d06644792878e569de4f855ff8306"

And indeed:

var dp = cryptr.decrypt(ep);
console.log(dp); // "hello"

This is a really big deal from a cryptographic perspective. An attacker has just modified an encrypted message in transit, and you have no way of detecting it.

Don't use this module. If you need portable encryption, use the Sodium library; there are bindings available for both Node and PHP.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

I see, thanks for warning me. The encrypted data is basically a username which is required in the API, so the API can't be exploited. I've been looking for a good solution, but unable to find one. The library you mentioned, can I pass encrypted info from Nodejs and decrypt it in PHP?
If you are implementing an API that runs over HTTP, you should use HTTPS (and only HTTPS) to protect communications. There's no reason to use anything else on top of that.
So sending a GET request api.php?username=Test&removePoints=100 (which removes user balance) is 100% safe over HTTPS?
No, POST request
Got it. But if others have the API url, they can possibly send a fake POST request, and have the API, for example, remove points from other users, correct?
|
0

You need to pass IV as you pass message and security key.

So I did little test

$encrypted = openssl_encrypt("test", "aes-256-ctr", "123", 0, "aaaaaaaaaaaaaaaa");
$algorithm = "aes-256-ctr";
$secret_key = "123"; 
$iv = "";

$decrypted_data = openssl_decrypt($encrypted, $algorithm, $secret_key, 0, "aaaaaaaaaaaaaaaa");
echo $decrypted_data;

And it Works. Yes, it's randomly generated, but you can and have to pass it(as encrypted message) to the server.

I'm not sure what is the purpose of IV parameter but PHP gives you warning if IV param is empty.

I just found this on GitHub page for Cryptr. It says:

The iv is randomly generated and prepended to the result

Improve this answer

6 Comments

I've edited my question, and have added the edited PHP code based on this answer. It does not seem to decrypt the string.
Thanks for the example. I still can't really get it to work with the example in my question for some reason. Would you be able to give it a try with the code in the question?
Where is the code that sends encrypted message and key from client to server?
Without knowing IV when encrypted messaged is generated you can't decrypt it.
That basically answers my question. It seems my code and this crypto library is not suitable for what I want to achieve.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.