0

I need to encrypt data in PHP and decrypt in Node.js.

I encrypt this in PHP:

$encrypt_method = "AES-256-CBC";
$secret_key = '7CEsPlLfVXcHf2S4wsnPnfNqYa+N/D/1zCXExN4aJSs=';
$secret_iv = 'StqUaIcbO9LFZ9QiuguXR6M/BepqZDV8p1now0FA/C4=';
// hash
$key = hash('sha256', $secret_key);

// iv - encrypt method AES-256-CBC expects 16 bytes - else you will get a warning
$iv = substr(hash('sha256', $secret_iv), 0, 16);
$output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
$output = base64_encode($output);

result:

VU5pckRaWHA4bjNaUjU3dGhscys3QT09

And decrypt in Node.js:

var crypto = require("crypto");
const decrypt = (textBase64, keyBase64, ivBase64) => {
    const algorithm = 'AES-256-CBC';
    const ivBuffer = Buffer.from(ivBase64, 'base64');
    const keyBuffer = Buffer.from(keyBase64, 'base64');

    const decipher = crypto.createDecipheriv(algorithm, keyBuffer, ivBuffer);
    decipher.setAutoPadding(false);

    let decrypted = decipher.update(textBase64, 'base64', 'utf8');
    decrypted += decipher.final('utf8');
    return decrypted;
}

const encryptedMessage = 'VU5pckRaWHA4bjNaUjU3dGhscys3QT09';
const key = '7CEsPlLfVXcHf2S4wsnPnfNqYa+N/D/1zCXExN4aJSs=';
const iv = Buffer.from('StqUaIcbO9LFZ9QiuguXR6M/BepqZDV8p1now0FA/C4=', 'base64').slice(0, 16);

// the message comes from the bytes AFTER the IV - this is what you should decrypt
const message = Buffer.from(encryptedMessage, 'base64').slice(16);

const result = decrypt(message, key, iv);

res.send("Decrypted: " + result);

Error: error:0606508A:digital envelope routines:EVP_DecryptFinal_ex:data not multiple of block length

I do not understand the error message, help to make a working example.

Improve this question
2
  • Your entryptedMessage has been twice converted to Base 64, is it normal ? Also, have you read this question : stackoverflow.com/questions/19934422/… ? Commented Dec 18, 2019 at 14:16
  • php code does not extract bin data from base64 but node.js does. also your node.js code misses php's step to hash('sha256', ivBuffer).slice(0,16) . Also use OPENSSL_ZERO_PADDING instead of zero in openssl_encrypt Commented Dec 18, 2019 at 15:10
Related questions
12
AES encrypt in Node.js Decrypt in PHP. Fail.
0
How to encrypt using PHP mcrypt and decrypt with node crypto
19
Encrypt string in PHP and decrypt in Node.js
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.