使用 Javascript (cryptojs) 加密,使用 php openssl 解密,无法重新创建消息密钥
Encrypt with Javascript (cryptojs), Decrypt with php openssl, can't recreate message key
我无法获取使用 php 解密的 cryptojs 加密的消息。
在javascript端,创建加密的代码是:
var keySize = 256;
var ivSize = 128;
var saltSize = 256;
var iterations = 100;
var message = "This is my test";
var password = "thepassword";
function encrypt(msg, pass) {
// Generate salt, key and iv
var salt = CryptoJS.lib.WordArray.random(saltSize / 8);
var key = CryptoJS.PBKDF2(pass, salt, {
keySize: 256 / 32,
iterations: iterations
});
console.log('Message key: ' + key);
var iv = CryptoJS.lib.WordArray.random(ivSize / 8);
// encrypt message
var encrypted = CryptoJS.AES.encrypt(msg, key, {
iv: iv,
padding: CryptoJS.pad.Pkcs7,
mode: CryptoJS.mode.CBC
});
// convert encrypted message to hex
var encryptedHex = base64ToHex(encrypted.toString());
// Prepare result to transmit
var base64result = hexToBase64(salt + iv + encryptedHex);
return base64result;
}
这将创建如下字符串:
g281MRrrEdiysHSAolnMmy3Au3yYkb2TK1t7iF4dv8X2k9Fod1DkOt/LF8eLgX8OxRvkSOMqtrcGEMaCL7A8YVBcugcirNg44HcWGWt+hfA=
当我将它带入 php 时,我可以正确地拉回发送的部分(salt、iv、消息),但无法解码消息。
$text_key = 'thepassword';
$cipher = "aes-256-cbc";
$received_message = $_REQUEST['message'];
// Decode message and pull out pieces:
$decoded = base64_decode($received_message);
$hex_version = bin2hex($decoded);
// Pull out salt, iv and encrypted message
$salt = substr($hex_version, 0,64);
$iv = substr($hex_version, 64,32);
$encrypted_string = substr($hex_version, 96);
// Message key
$generated_key = bin2hex(openssl_pbkdf2($text_key, $salt, 32, 100, 'sha256'));
// Decode Message
$result = openssl_decrypt($text_encoded, $cipher, $generated_key, $options=0, hex2bin($iv));
但是,如果我用 javascript 控制台中显示的密钥替换 $generated_key,消息将成功解密。
我在什么地方错误地生成了 php 中的密钥?
通过 openssl_pbkdf2 和 hash_pbkdf2 函数的所有可能算法创建到 运行 的例程后,发现 hash_pbkdf2 函数将创建键:
$generated_key = hex2bin(hash_pbkdf2('sha1', $text_key, hex2bin($salt), 100, 64, FALSE));
一旦设置了正确的算法和大小,解密就会按预期进行。
我无法获取使用 php 解密的 cryptojs 加密的消息。
在javascript端,创建加密的代码是:
var keySize = 256;
var ivSize = 128;
var saltSize = 256;
var iterations = 100;
var message = "This is my test";
var password = "thepassword";
function encrypt(msg, pass) {
// Generate salt, key and iv
var salt = CryptoJS.lib.WordArray.random(saltSize / 8);
var key = CryptoJS.PBKDF2(pass, salt, {
keySize: 256 / 32,
iterations: iterations
});
console.log('Message key: ' + key);
var iv = CryptoJS.lib.WordArray.random(ivSize / 8);
// encrypt message
var encrypted = CryptoJS.AES.encrypt(msg, key, {
iv: iv,
padding: CryptoJS.pad.Pkcs7,
mode: CryptoJS.mode.CBC
});
// convert encrypted message to hex
var encryptedHex = base64ToHex(encrypted.toString());
// Prepare result to transmit
var base64result = hexToBase64(salt + iv + encryptedHex);
return base64result;
}
这将创建如下字符串:
g281MRrrEdiysHSAolnMmy3Au3yYkb2TK1t7iF4dv8X2k9Fod1DkOt/LF8eLgX8OxRvkSOMqtrcGEMaCL7A8YVBcugcirNg44HcWGWt+hfA=
当我将它带入 php 时,我可以正确地拉回发送的部分(salt、iv、消息),但无法解码消息。
$text_key = 'thepassword';
$cipher = "aes-256-cbc";
$received_message = $_REQUEST['message'];
// Decode message and pull out pieces:
$decoded = base64_decode($received_message);
$hex_version = bin2hex($decoded);
// Pull out salt, iv and encrypted message
$salt = substr($hex_version, 0,64);
$iv = substr($hex_version, 64,32);
$encrypted_string = substr($hex_version, 96);
// Message key
$generated_key = bin2hex(openssl_pbkdf2($text_key, $salt, 32, 100, 'sha256'));
// Decode Message
$result = openssl_decrypt($text_encoded, $cipher, $generated_key, $options=0, hex2bin($iv));
但是,如果我用 javascript 控制台中显示的密钥替换 $generated_key,消息将成功解密。
我在什么地方错误地生成了 php 中的密钥?
通过 openssl_pbkdf2 和 hash_pbkdf2 函数的所有可能算法创建到 运行 的例程后,发现 hash_pbkdf2 函数将创建键:
$generated_key = hex2bin(hash_pbkdf2('sha1', $text_key, hex2bin($salt), 100, 64, FALSE));
一旦设置了正确的算法和大小,解密就会按预期进行。