0

I am currently working on encryption and decryption. I have encrypted my api key using https://medium.com/@amitasaurus/encrypting-decrypting-a-string-with-aes-js-1d9efa4d66d7 like below

            var api_key = Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15);
            var d = new Date();
            var n = d.getTime();
            var final_key = api_key+'/'+n;
            var encrypted = CryptoJS.AES.encrypt('encryption', final_key);
            var encrypted_key = encrypted.toString();

and passed the encrypted key to the server side. I used 

<?php
$key = pack("H*", "0123456789abcdef0123456789abcdef");
$iv =  pack("H*", "abcdef9876543210abcdef9876543210");
$encrypted = base64_decode('U2FsdGVkX19gHSzwsrc5H9K6rqDYr2E8oYoVNSp8INU=');
$decrypt_string = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $encrypted, MCRYPT_MODE_CBC, $iv);
echo $decrypt_string;

?> for decrypting the encrypted string. When i print decrypted string , it is like this ���9Һ��دa<��5*| աT�;��놻��V�[�}��ID-�}��硵� Any suggestions to print as decoded string?

Improve this question
4
  • mcrypt is deprecated. Have you considered maybe openssl? stackoverflow.com/questions/51035808/… Commented Mar 18, 2020 at 12:34
  • I don't really understand the example. Your ciphertext has the OpenSSL format (starts with U2FsdGVkX1). CryptoJS.encrypt returns this if a passphrase is used, i.e. the 2nd parameter is a string. So where did you get key and IV used in the PHP code? Did you get them from the CipherParams object returned by CryptoJS.encrypt? Maybe you can add how you did the encryption with CryptoJS. Commented Mar 18, 2020 at 17:54
  • Added the encyrption part with CryptoJS Commented Mar 19, 2020 at 4:39
  • The first argument to CryptoJS.AES.encrypt is the message, not the passphrase. Also, key derivation produces a 256 bit key, so the key you use in PHP is definitely incorrect. And there is no reason to assume that the derived IV happens to be 0xabcdef9876543210abcdef9876543210. Commented Mar 19, 2020 at 7:20

1 Answer 1

Reset to default
1

mcryptdefaults to zero padding. That means that, no matter what kind of ciphertext and key combination you are using, that the unpadding will not fail. Instead, it just returns invalid, randomized plaintext.

CryptoJS by default uses OpenSSL key derivation from a given password. Your decryption will return randomized plaintext as long as you cannot mimic the final AES key value that is generated by CryptoJS.

Modern modes such as GCM include an authentication tag with the ciphertext so that the validity of the ciphertext / key combination is ensured, or a verification error will be generated. Note that CBC mode is absolutely not secure when directly used for transport mode security.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I have added the code which i had used for encryption using cryptoJS. Please let me know what needs to be done for decryption
I've indicated what is wrong, but porting the code is your task, not mine. I don't like posting code for which the key creation is so obviously insecure.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.