4

I am converting an encryption script from PHP to JavaScript and am struggling...

The node.js cipher documentation is as follows:

crypto.createCipheriv(algorithm, key, iv)
Creates and returns a cipher object, with the given algorithm, key and iv.

The PHP openssl-encrypt documentation:

string openssl_encrypt ( string $data , string $method , string $password [, bool $raw_output = false [, string $iv = "" ]] )

PHP uses a password and and iv. Node only uses a password when no IV is used, otherwise you have to provide a key and an iv.

How would I convert my PHP function to node, when I'm using both, the password and iv.

I'm also unclear on what exactly the key represents... the node documentation states that the key and iv are calculated if only a password is provided.. is this what PHP does? If so, what does it do when I provide a password and an iv? Does it use the password as key?

Improve this question
0

1 Answer 1

Reset to default
3
+50

From user comments in the PHP documentation, it seems the $password parameter in PHP is actually the encryption key, and not an actual password. This seems consistent with OpenSSL docs, which state that you use either a key and initialization vector, or use a password from which the key and IV are algorithmically derived, but you never provide a password and IV together.

Example:

<?php echo openssl_encrypt('foobar', 'aes-256-cbc', 'password', false, 'abcdefghijklmnop');
// prints CUigVN+6jU24E2FdfmmmTw==

#!/bin/bash
echo -n foobar | openssl enc -aes-256-cbc -e -K 70617373776F7264 -iv 6162636465666768696A6B6C6D6E6F70 -nosalt -a
// prints CUigVN+6jU24E2FdfmmmTw==

The gotcha is probably that you need to provide the key and IV to openssl in hexadecimal.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks for your response. I still didn't manage to get PHP to produce the same results as: openssl enc -aes-256-cbc -e -pass pass:pass -nosalt -a

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.