admin管理员组文章数量:1431398
I am using CryptoJS to encrypt a string:
function doHash(msg){
msg = String(msg);
var passphrase = 'aggourakia';
var hash = CryptoJS.AES.encrypt(msg, passphrase);
var ciphertext= hash.ciphertext.toString(); //return ciphertext instead of object
return ciphertext;
}
As I understand it, CryptoJS uses the passphrase to generate a key, which is then used to encrypt the data.
However I'd like to decrypt the cipher using a PHP function, or maybe an online tool such as this: /
The issue is that these expect a key, not a passphrase.
How can I supply directly a key to the CryptoJS AES, which I can use on the server-side or any online tool to decrypt?
The thing is, I already have a really hard time finding PHP functions to decrypt AES ciphers already, and this passphrase/key thing is adding to the plexity
I am using CryptoJS to encrypt a string:
function doHash(msg){
msg = String(msg);
var passphrase = 'aggourakia';
var hash = CryptoJS.AES.encrypt(msg, passphrase);
var ciphertext= hash.ciphertext.toString(); //return ciphertext instead of object
return ciphertext;
}
As I understand it, CryptoJS uses the passphrase to generate a key, which is then used to encrypt the data.
However I'd like to decrypt the cipher using a PHP function, or maybe an online tool such as this: http://aesencryption/
The issue is that these expect a key, not a passphrase.
How can I supply directly a key to the CryptoJS AES, which I can use on the server-side or any online tool to decrypt?
The thing is, I already have a really hard time finding PHP functions to decrypt AES ciphers already, and this passphrase/key thing is adding to the plexity
Share Improve this question edited Oct 21, 2014 at 12:08 nicholaswmin asked Oct 21, 2014 at 11:58 nicholaswminnicholaswmin 23.1k16 gold badges101 silver badges174 bronze badges 4- I'd bet that the passphrase is used to derive a key via PBKDF2. – Narf Commented Oct 21, 2014 at 12:03
- @Narf How much are you willing to bet? – Maarten Bodewes Commented Oct 21, 2014 at 23:20
- @owlstead Hehe, it's just a guess. – Narf Commented Oct 22, 2014 at 7:29
- @Narf Looks like somebody didn't want to bet on it :) – Maarten Bodewes Commented Oct 22, 2014 at 7:33
1 Answer
Reset to default 4If you want to supply the key directly you should supply IV too. The IV (initialization vector) is needed so it can be XOR'ed with the 1st block of the message. Then the ciphertext of the first block is XOR'ed with the 2nd block of the message and so on. This is called cipher-block chaining (CBC).
var key = CryptoJS.enc.Hex.parse('000102030405060708090a0b0c0d0e0f');
var iv = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f');
var encrypted = CryptoJS.AES.encrypt("Message", key, { iv: iv });
This is from CryptoJS docs https://code.google./p/crypto-js/#Custom_Key_and_IV
You can generate keys and IVs with PBKDF2 like @Narf wrote. https://code.google./p/crypto-js/#PBKDF2
About PHP: mcrypt has MCRYPT_RIJNDAEL_128 cipher which is AES 128. MCRYPT_RIJNDAEL_192 and MCRYPT_RIJNDAEL_256 are not patible with AES 192 and AES 256 because AES uses 128 bit block with all key sizes. Rijndael's has a configurable block size. CryptoJS will use 128bit AES if you supply a 128 bit key it will use 256 bit if you use the function that accepts a passphrase.
本文标签: javascriptCryptoJS encrypts AES with passphrase but PHP decrypt needs a keyStack Overflow
版权声明:本文标题:javascript - CryptoJS encrypts AES with passphrase but PHP decrypt needs a key - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745577060a2664395.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论