Encrypt with PHP, Decrypt with Javascript (cryptojs)

Question

I'm having trouble with basic encryption/decryption. I've looked all around for a working example but haven't quite found a working example.

-I will be encrypting in php, decrypting with cryptojs for a small layer of security

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"> <? $text = "this is the text here"; $key = "encryptionkey";  $msgEncrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)); $msgBase64 = trim(base64_encode($msgEncrypted));  echo "<h2>PHP</h2>"; echo "<p>Encrypted:</p>"; echo $msgEncrypted; echo "<p>Base64:</p>"; echo $msgBase64;  ?>  <p>AES Decrypt</p> <script>      var key = 'encryptionkey';     var encrypted = "<?php echo $msgBase64 ?>";     //tried  var base64decode = CryptoJS.enc.Base64.parse(encrypted);      var decrypted = CryptoJS.AES.decrypt(encrypted, key);     console.log( decrypted.toString(CryptoJS.enc.Utf8) ); </script> 

Which step am I missing?

Answer 1

I've required the same thing and i wrote a short library that works for CryptoJS 3.x and PHP with openssl support. Hope this helps, source plus example files here https://github.com/brainfoolong/cryptojs-aes-php

PHP Lib

/** * Decrypt data from a CryptoJS json encoding string * * @param mixed $passphrase * @param mixed $jsonString * @return mixed */ function cryptoJsAesDecrypt($passphrase, $jsonString){     $jsondata = json_decode($jsonString, true);     $salt = hex2bin($jsondata["s"]);     $ct = base64_decode($jsondata["ct"]);     $iv  = hex2bin($jsondata["iv"]);     $concatedPassphrase = $passphrase.$salt;     $md5 = array();     $md5[0] = md5($concatedPassphrase, true);     $result = $md5[0];     for ($i = 1; $i < 3; $i++) {         $md5[$i] = md5($md5[$i - 1].$concatedPassphrase, true);         $result .= $md5[$i];     }     $key = substr($result, 0, 32);     $data = openssl_decrypt($ct, 'aes-256-cbc', $key, true, $iv);     return json_decode($data, true); }  /** * Encrypt value to a cryptojs compatiable json encoding string * * @param mixed $passphrase * @param mixed $value * @return string */ function cryptoJsAesEncrypt($passphrase, $value){     $salt = openssl_random_pseudo_bytes(8);     $salted = '';     $dx = '';     while (strlen($salted) < 48) {         $dx = md5($dx.$passphrase.$salt, true);         $salted .= $dx;     }     $key = substr($salted, 0, 32);     $iv  = substr($salted, 32,16);     $encrypted_data = openssl_encrypt(json_encode($value), 'aes-256-cbc', $key, true, $iv);     $data = array("ct" => base64_encode($encrypted_data), "iv" => bin2hex($iv), "s" => bin2hex($salt));     return json_encode($data); } 

Javascript Lib

var CryptoJSAesJson = {     stringify: function (cipherParams) {         var j = {ct: cipherParams.ciphertext.toString(CryptoJS.enc.Base64)};         if (cipherParams.iv) j.iv = cipherParams.iv.toString();         if (cipherParams.salt) j.s = cipherParams.salt.toString();         return JSON.stringify(j);     },     parse: function (jsonStr) {         var j = JSON.parse(jsonStr);         var cipherParams = CryptoJS.lib.CipherParams.create({ciphertext: CryptoJS.enc.Base64.parse(j.ct)});         if (j.iv) cipherParams.iv = CryptoJS.enc.Hex.parse(j.iv)         if (j.s) cipherParams.salt = CryptoJS.enc.Hex.parse(j.s)         return cipherParams;     } } 

Example Javascript

var encrypted = CryptoJS.AES.encrypt(JSON.stringify("value to encrypt"), "my passphrase", {format: CryptoJSAesJson}).toString(); var decrypted = JSON.parse(CryptoJS.AES.decrypt(encrypted, "my passphrase", {format: CryptoJSAesJson}).toString(CryptoJS.enc.Utf8)); 

Example PHP

$encrypted = cryptoJsAesEncrypt("my passphrase", "value to encrypt"); $decrypted = cryptoJsAesDecrypt("my passphrase", $encrypted);