brainfoolong / cryptojs-aes-php Goto Github PK

CryptoJS AES encryption/decryption on client side with Javascript and on server side with PHP

License: MIT License

PHP 46.44% TypeScript 33.48% HTML 20.08%

cryptojs-aes-php's Introduction

Hi @all 👋

I am Roland Eigelsreiter aka BrainFooLong, i full-time web developer from austria. With focus on PHP and JS. I create and contribute to open source software as often as i can.

👷 Check out what I'm currently working on

frmlx/framelix - A rich featured, Full-Stack PHP framework with built-in backend and data management capabilities for internal/public data applications. (2 weeks ago)
brainfoolong/form-data-json - A zero dependency, cross browser library to easily get or set/manipulate form input values as/from a json object. (3 weeks ago)
brainfoolong/js-ascon - JavaScript / TypeScript Implementation of Ascon, a family of authenticated encryption (AEAD) and hashing algorithms designed to be lightweight. (1 month ago)
NullixAT/browstorjs - Persistent key/value data storage for your Browser and/or PWA, promisified, including file support and service worker support, all with IndexedDB. Perfectly suitable for your next (PWA) app. (2 months ago)
brainfoolong/gdscript-midi-parser - Godot GDScript 4+ Midi File Parser and Player (3 months ago)
brainfoolong/cryptojs-aes-php - CryptoJS AES encryption/decryption on client side with Javascript and on server side with PHP (4 months ago)
brainfoolong/php-ascon - PHP 8+ Implementation of Ascon, a family of authenticated encryption (AEAD) and hashing algorithms designed to be lightweight (5 months ago)

🌱 My latest projects

brainfoolong/gdscript-midi-parser - Godot GDScript 4+ Midi File Parser and Player
brainfoolong/js-ascon - JavaScript / TypeScript Implementation of Ascon, a family of authenticated encryption (AEAD) and hashing algorithms designed to be lightweight.
brainfoolong/php-ascon - PHP 8+ Implementation of Ascon, a family of authenticated encryption (AEAD) and hashing algorithms designed to be lightweight
brainfoolong/misc - Miscellaneous
brainfoolong/form-data-json - A zero dependency, cross browser library to easily get or set/manipulate form input values as/from a json object.
brainfoolong/better-battlelog - Better Battlelog legacy code and legacy website. It was fun :)
brainfoolong/IntoTheBreachTranslations - Inofficial Translations for PC Game Into the Breach.
brainfoolong/unity-music-visualizer - Basic music visualization project for Unity.
brainfoolong/web-ftp-client - A web based, always online, FTP/SFTP client. Like filezilla but for your browser.
brainfoolong/rwa-timedcommands - TimedCommands - A widget for RCON Web Admin.

🔭 Latest releases I've contributed to

brainfoolong/form-data-json (2.2.2, 3 weeks ago) - A zero dependency, cross browser library to easily get or set/manipulate form input values as/from a json object.
brainfoolong/cryptojs-aes-php (2.3.0, 5 months ago) - CryptoJS AES encryption/decryption on client side with Javascript and on server side with PHP
NullixAT/browstorjs (1.3.0, 1 year ago) - Persistent key/value data storage for your Browser and/or PWA, promisified, including file support and service worker support, all with IndexedDB. Perfectly suitable for your next (PWA) app.

🔨 My recent Pull Requests

Added PHP and JS/TS submodules on ascon/ascon_collection (4 months ago)
fixed wrong codepoint (also wrong on website) on stephenhutchings/microns (1 year ago)
fixed regexp not properly escape windows backslash in path on microsoft/playwright (2 years ago)
fix php 8.1 error when autoFilter['ref'] is null in AutoFilter on PHPOffice/PhpSpreadsheet (2 years ago)
fixed is_file() call with null in PHP 8.1 on lbuchs/WebAuthn (2 years ago)
added version detection rather then suppressing obvious error on PHPOffice/PhpSpreadsheet (2 years ago)
convert issuer to string prevents php 8.1 errors on RobThree/TwoFactorAuth (2 years ago)
V2 dev on brainfoolong/form-data-json (2 years ago)
fixed null conversation for strToUpper on PHPOffice/PhpSpreadsheet (2 years ago)
fix implicit cast deprecation in php8.1 on PHPOffice/PhpSpreadsheet (2 years ago)

📓 Gists I wrote

BitMask Demo (2 years ago)
A simple stopwatch for your recordings in OBS Studio (4 years ago)

⭐ Recent Stars

👯 Check out some of my recent followers

cryptojs-aes-php's People

Contributors

Stargazers

Watchers

Forkers

kimho lecaoquochung ershov-ilya aviking1973 pedra finklez hadryan gonpre gamico001 phpcedu digontobd jarayabozo madkixt sam-artup subbu6502 milankragujevic intruxxer meetio paulbaeza rafasashi zuzpk robsonximenes phizzl eduhub123 spencerthayer miadz asimansari92 webdesignerkits zhenzhou nkadyan veneliniliev dineshkamble68 tkleoexp paaul wilcorrea warungkopidigital vgartner fly2006zhao amamatthew kimtrien julienrousset carlosocarvalho wasimverve apnikhil fauzimarjalih ltiollier-webid weirdom bulangnisi oitmain-public jeandelacruz cweiming framgrab vl25 gongbin michaelwayneliu mirocsinchall zickieloox cameradog ariesw ashabrasaneh yassineaddi tbvinh qbqian feranimaciones lytaytouch cdk089 nullying deawx mtgnorton sroehrl millie-david bitqiu heduo mobkr-cyang angelothegreat13 halilhanbadem lcp0578 lowell20 aaku14n flitwebsgit sophie-williams fork-apps cawa0505 ianrothmann emamhasan1137 mihaihaloiu nckf stevesaygoodbuycom glauberf smithdp1 puzzlista snowlord7 kss160992 musasoftlabx eliascolares nicko3 vemarun eemmanuel7 rupendraa gauravmalviya

cryptojs-aes-php's Issues

unminified version of cryptojs-aes.min.js

Where can I get the unminified version of cryptojs-aes.min.js ?

NULL Value

Hi, I was so excited when I found your work, because I've been looking all over for a solution to be able to use crypto.js output with php. However, I seem to be having the same problem with your implementation that I was having before... the php side returns a NULL value.

I went ahead and put your example up as a test at http://gateway.southgateaz.org:8004/aes_test.php. I'm not sure what I'm missing. I'm just wondering if you've run into this or if you have any pointers. Thanks!

-Gus

encrypt in JS and decrypt in PHP gives NULL

Hey, sorry to bother you.

I'm implementing you lib in a already exists cordova project project:
JS:
`let password = 'TestEncrypt'

                var data = new Object();
                data.mail = CryptoJS.AES.encrypt($(".mailLogin").val(), password, { format: CryptoJSAesJson }).toString();


                cordova.plugin.http.get('https://...', {}, { data: JSON.stringify(data) }, function(response) {
                    jsonobj = JSON.parse(response.data);
                    M.toast({ html: jsonobj.most_used_message }, 4000) // 4000 is the duration of the toast
                    if (jsonobj.message_code == "200") {
                       
                    }

                }, function(response) {
                    console.error(response);
                });`

It's working fine here and I'm receiving It on the severside.
But here it's going wrong here! decrypt function returns a empty value.

PHP:
$passwordEN = "TestEncrypt"; CryptoJsAes::decrypt($data["mail"],$passwordEN)

I don't get any error's
When I try to encrypt and decrypt something just on the server site it's working fine

Thanks for you time

提供一个py版本

# -*- coding: utf-8 -*-
import binascii
import base64
import hashlib
import json
from Crypto import Random
from Crypto.Cipher import AES


class AESCipher(object):
    bs = 16

    @staticmethod
    def md5(s, raw_output=False):
        """Calculates the md5 hash of a given string"""
        if isinstance(s, str):
            s = s.encode()
        res = hashlib.md5(s)
        if raw_output:
            return res.digest()
        return res.hexdigest()

    def encrypt(self, data, key, salt=None):
        """
        :param data: str
        :param key: str
        :param salt: str
        :return:
        """
        if not salt:
            salt = Random.new().read(8)
        else:
            salt = binascii.unhexlify(salt)
        salted = b''
        dx = b''
        while len(salted) < 48:
            dx = self.md5(dx + key.encode('utf-8') + salt, True)
            salted += dx
        key = salted[:32]
        iv = salted[-16:]
        raw = self._pad(json.dumps(data).replace(' ', ''))

        cipher = AES.new(key, AES.MODE_CBC, iv)
        enc = cipher.encrypt(raw.encode('utf-8'))
        return base64.b64encode(enc), binascii.hexlify(iv), binascii.hexlify(salt)

    def decrypt(self, enc, iv, key, salt):
        """
        :param enc: str
        :param iv: str
        :param key: str
        :param salt: str
        :return:
        """
        concated_passphrase = key.encode() + binascii.unhexlify(salt)
        md5_salt = self.md5(concated_passphrase, True)
        md5_list = [md5_salt]
        result = md5_list[0]
        for i in [1, 2]:
            md5_list.append(self.md5(md5_list[i - 1] + concated_passphrase, True))
            result += md5_list[i]
        key = result[:32]

        enc = base64.b64decode(enc)
        iv = binascii.unhexlify(iv)
        cipher = AES.new(key, AES.MODE_CBC, iv)
        return self._unpad(cipher.decrypt(enc)).decode('utf-8')

    def _pad(self, s):
        return s + (self.bs - len(s) % self.bs) * chr(self.bs - len(s) % self.bs)

    @staticmethod
    def _unpad(s):
        return s[:-ord(s[len(s) - 1:])]

写得略微粗糙,亲测能用,需要自取

JS only / xhr instead of form name

Hello,

first of all, thanks for that great work, its very hard to find an easily and JS encrypt and PHP decrypt library.
But I have an issue. I would like to use the id of the json input, but due the encryption is handled by jQuery, I dont get it to work.
Instead of sending a form, I want to get it handled by a XHR request and displaying the result without loading another page.
But I dont know what to change in the jquery code to make it work instead with xhr, due I dont get it to use the id of the input field, but always need the name.
Hope you can help and change the jquery code to pure js.

Thanks

Ps. Some code explaining would be fine too ;)

is there any way to encrypt image using cryptojs-aes-php?

PHP miminum version requirement ?

Hi.
I tried to run this library on PHP 5.3 and it didn't failed, but it didn't worked well neither.
What is the minimum version that this library/function requires ?
Thanks.

It doesn't work

it's not working js encrypts but the php side it's not doing anyhing

Simple Output Encrypted String

Thanks for your code... it's most appreciate. I have a question... is it possible to have in output a simpler encryption string?

This is the code that I following:

        <?php
            $valTxt="MyText";
            $pswd="MyPassword";
            echo "<p>Text to Crypt: ".$valTxt." </p>";
            echo "<p>Password: ".$pswd." </p>";
            $encrypted = cryptoJsAesEncrypt($pswd, $valTxt);
            echo "<p> Encrypted PHP: ".$encrypted." </p>";
            $decrypted = cryptoJsAesDecrypt($pswd, $encrypted);
            echo "<p> Decrypted PHP: ".$decrypted." </p>";
        ?>
        
        <script>
            var valEnc='<?php echo $encrypted;?>';
            var pswdDec='<?php echo $pswd;?>';
        </script>
        
        <p>Testo Decriptato JS: -------- <span id="result"></span></p><br><br>

        <script>
            var decrypted = JSON.parse(CryptoJS.AES.decrypt(valEnc, pswdDec, {format: CryptoJSAesJson}).toString(CryptoJS.enc.Utf8));
            document.getElementById("result").innerHTML = decrypted;
        </script>

As you can see in output I have a string like this:
{"ct":"UbDpkBRT1R5Tbt+hp0nX6w==","iv":"6c113edfbc0d7d917294ecdfc4d61d6f","s":"a872cd319b0d2a52"}

I would like to have an encrypted string more simple because I would like that an user can write it.
I thought that the user digits "ct" (better if the string is 16 char between A-Za-z0-9) and I pass to the function "iv" and "s".

An example from your is most appreciate because I'm a beginner... thanks

How to use

Ok im pretty new to php/javascript so im just wondering how I use the encrypting in javascript since it is not a function, it is just a variable.

Not Working

The code below works on the client. How can I decode it using PHP?

<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
<script type="text/javascript">
var bytes  = CryptoJS.AES.decrypt("U2FsdGVkX1/q1v3+WzARwxPwzV6PQ6cUzkmiPwZr6ZI8xBTjVasCX7H9eAhxDyaYe4A68Pqf3EwYoYU/g3YJVDHIB04rMuBfXePSxRoHlenWHOlthU5EXLksWbv6AyA86EVgKG1xF+6TOnkZtRSPJUaaDys2k70hS0M2dUqm1gZCkz6Om/1rOUbaUayAa7TyX6EV6BWN5XIZPXzfQX8SfSsmtuaEwyJjhShnDnSbvML9hwGtnYiI+hCdqRiLRSWUzdmrqZv56hcmBX1vzEs0DwoEkP0myYJ1jOFVTHnGCFG7KgxS5QD1Rfw75Q2PhSqJiG8DdrDUihxkjAizsLDypSEuQVgDmDInKa+nUJ8Z2qb836hjuYQnIguyRPdE/DloFDVEB5CVATUJcxngN59yB3k/q5lMLbv7OSQUCbhaMQ9f01kN1UFrLXn/N+818/cM4rdbk5+YP3S84o7yoUMNoSDKCOtIEAxPQFou/XgLQ+UjgNyXO6U2snma9Wr75ocY9Bz65KgT5/lEh1Wcj3r5uDDp8hDBsd7p+zOq+6TMCCqIUQ/UGB0uC7zgyz0Q8w2zAtlPttrdXcKfsPxuzCtcABEZrQ5RXVayiVEc+urKAocFDV2bW8xwRJ0HZPkN5s9o7MygutsthsIke11zZgYbfgwns2s/tsxVuJIyESF71EL28nZ+f8LFERFvfEbX/aC23WNotFuqjfRt/rNga48hJ8jcA1q5X58rCJSWBtuHdlFYIzz/Sp6s4tceec2AbQpG0eybaP3ZflnQxVyC9tkFBDinUbosJJOUp2YSAN7fGtehzR96K/rKHqp2qpIF1mv9D7gFk3N+EKqZ8LOQuMBjQZtMPPOJN4p8tuN6XyHJRb7g+NRrLUEItwDVa2nlXtgr6Owe4XO4cI8W1H5EZMFt/1ePawjgnLMpMVRau/n1X+QaQoPaTiXyAT06oBNGpiR8X6UNGaK0mE/etuxcboxxZptrcKUzhhd8gsxgRDuNcDGzM2eiEjQIIjkGjhRtQwM+QeTw9XVKaMmTidFgg+XwI3eDfX1GyFPEnCeeq2EkqOt8Z0rVvtkza6NV/HndbR11rEdRbI4q7k1cbGu0Ya4ehTV4qqrQjJaRwDdy1u9tiREjFLv/NK/xjh6qMn0sAaQAnzdBRKQi0+B67r2ItNIBulxqPBOnjFFSEQvATf3HbEDih/LqQ1hYEiJ1J/7fhLVNsa5axif9TlDNLtwnRasvJwXUOfHf2ulWLJiaFWMwdc9rgEFdp9coisbhMZwcR/EbM4SwSaTGSN9fXq2Y9gO4suOsNk0o4qzF+M9xvBW01USaAe3CGI2eqsyzlKiIx6zxP7RygoZ+IKXtfn0C7wVBBJ9NIUJaapIuUv+7+rwbySCh1HFxvU4Xz1cXDvrhz0OVi/qzmT8lUXPWnRZgPimidY1DzwB4akrgOxXZwyv+CnOBFItk8duUNLZO540Q0HvoLrRf2ewkR0UDh/nbWHSKXzrJHFRYpFg3fcZS+/15xfCBCJyfN0abKOQHSAgtfXOvzoJJyTgzYQwjN/PqeedZc2d3TOSm3+20zSJ1lX3NKEn2/yEWxgpsakbcgT/GlO9b/ghv6TFT/jSqaE69Y5orjhyFKiKzXYLayYD5FeBsj6etgNkNSV5oyEvZ4+KZ8DnJ+Feg/YPYqwLoBZeEHqdIwkchTgJdj2OPmXwfvplKCsopq49q1pADH3/JQDyYVff9v543HbPj67cOA8qFBY3eLf+6lnNGGPxYLB1kOHoyfnNHOe3eoCmBeAoIdN7SDcjQQ1OAealdoAlMWByQ4EU367XeQGBb5tQRVAdiNEZztFxBAYhu0ezw4uS8MdoKVSUIXRGDRBckX7Jz3cwFsx97+ODU0m0wRnKCX1X8Nm0iqWrT1B9o2MfC7+SX9BTUAwBocZcrnDUvqQNnWJIC53q39kzdu1SZBfULEhwte2m32I/4AZR5unVKy8S4R5VUIQMyR/9Vie8FmD3cUoS9C+4eUrKlhv1k8vqDzSU2w9VSdDS9tu1ozweUXgXDTc1CWDgSIDqDBjWq7u0ldT3MG5FdD4XbpOA/2NfaWyKPu0uq6FIJ4BBCZ88kKZ91EuQ0ayMmPiexRNa0sr67eDHwAzefoJNGidUsA5yX4mDU54+FVXHjQG2UQOm7ESi8ApZXavf+uV2lx43zHuONFBsTkqtiPywgzVhZeRxrduPM9tjVQ5gcHQMWKAUnwtNHRa/Disy4FhJkBbsMaqqjhxfGdL8QLnFXuxxB/mwP+NgtP0ibo1iSUAA4qtKhayoyjK0XDD0GZ/3wltlVEWZ0aqUXoNQdP6hZBzZVD8OdanzIXQSAPwchdGRSSlWp0r/v5DaZxyFz+r1h1+nBnJhq9GazhOxdBJjCTLs4P/KSJeO6Q1d7iPX9j2uljgYs9rWOeY9mP2v25fR2bPqc54/71yPidNTGUwvDnQUUPghk/4R9Y6qTdcOp13GbIIal6cZjeddUqfRdA76ld7lScZnawoOrFhjfMsgrBCzzcYxtimKz0VPpQ75yRj6a/UsXhD7SFxHMOawiiog/PG45lDiKTJd5iRuDnL1Q0B1X0RihWtzau7trOpBsI7hngkEK073dnO9MBhjMQ7XD5YjBYzHTp3PNU9ooPycTlGsICBP7J/RF7WvyDEMiymdBE9QHZiNoGk3g4Sj2aRGHV4mZTCP8DT7Dqx+ldS0de24TWa0vbFqRCKcHbSFOIqU1j1pUflfCxVx7qoRyuMWHYaDjAVAKiZHPyl4uRetxcUY9tvh75KkOStIuiees1At7p8gi7/Mfq4F0PeZIWIb6XHw/E777bkHT9S3/U2t/cVEtRSD2ErZATJeLZ8Fi15xPHVtegSpCT8nEWRBp+MIwq+49YHZ5SfkTjlEZUAnR7UfhOrM2Zg4kDXTD0BY2tun22WqqbQXwf1SQlcsIYvN+UTKPoAN2GxQ/QqOPTEui2wYLLVz7CP8Wuj1UagTmlOFN9Ee4mtRsSYE45tsINJM5Mb72gN/J5ahLAweRfhM6GsK4scSww9UdYnDDteqtPOZdrp7PsBcMAvPtuJBqLBZfCna5kVgEGiszbDPLZpGvQ3d5ceUhDCRT3SEfHrT7HXfqVBelZcOxa89+xZ+jhfhBXWQXn3mvDZI7OOKZKaW+IMW4HaIevxQaNU18I5mcCrWaSEMV3dd1iqkF5oPi+EuXTh/bYtI8xhmyaieJMKFG4lqYLrmysT0jIN5cI8Y6G28rdAEoSjAWcTMvfgGdcInRqwXsPG5u+IjJCrdVFBx7/0h001RPRrZZ9qqZe+hecfb50uqmIPERZdEBv4aFSDDpf2RD0L2L1QPNy4ex/JYN2r9LJm5ri+nR2JEggIiggXV0V2HZgVEh0Juh+j2tLsvtRRHYXrls2Pux7ers0twDPztchakjq+YGQw7rMXXQjaOfyQJpMjAm+K/iRvBqN7UOMVzuBkmgkYRzEikmVPLoX1ghA/rAXfhaaN78WyT5NqFSRFVFoqHqfyVLmCQrcqaLULqKa5bGl5vtSv9T6JqOPXe4slOGMRw1t4Ev4yW7T45QXQslHEeNcx6HQyOGiPd+lMmnvbv3fAErYVwB8Ckaa+E7Svagj4Bp3BypshpiNvQi9HXUNFzXp8XbclXec7hVu5qXD8Ww9YRu393YFCkrFuXReATzOKMs8fOiXIiMgdkUnhjj9xt59W/1sPRkzVoHNGm8mgUOrJ8nEVq9oj2lBIr6kFGyMdN+ZUum5dDGPQn0yLXvsBW8LCSR514VrLXn5eGr2FQbV0ssJluS2ezOeRwWSXy15GYZYo8WaWvoeUfutAFLY4oDZZUgiFgaBM10p/4kGkQourcyL1o0j9jNsuXzgKrioLBYAN15bf0uuzwrReQ9tsTTLaxPlbvJzTOHOdyjYtm0noTp6C9eQWwWM1a2IHXtJOMCtOGI/pDicTMxVrWNZ1uzJwAufrEVkC0FIt5OOQbJu5KeIVFkapOAnv58Bwljhnx3p1uasbhjUAt12B+ucXqMo1TVJDfj55OPMJubzMEMqM/MUzU0wmraS+eWtM8xthsjju9Q1YeaLnT1Bx9Pf9GF8HzE2UFfDskRVZHKc0SSGDH+eLXXVFkuSSG7cb6B47eDaib1FvYrvw90Ea/IUBdWDk0kPB/AQmJc4ztvEtysG8fq9rDVItmi+NwzdooeQf1Du6ITnBOORlM4VB/o93HW2daRMtWbMJHEbKzpcAxSj2TDuLZ3vNeg6Fa+1oofZrscUiX1dg8nJdH4/v5PH0dIduXp7U1Mnx+UvU0kgqJI6XUuZaH5tGKVSPsHRF/uFCHhIXC7f8tU2vM/HUeVTfNrfQMiJWvtS3k7IeVaTa5SamlI/yXiBmU40x61+/RZmCIwPuTAiPwjxEi71787NzpM2DRDWjwElgqWsf8N8QZyvTMOy3PfjOWY8CbkVMbSqwlszKyA8xsfRqMbDCI7QV62ujLmX4h/eE9k0vwbyqHZveZk9q/iRDMrWm83YhlVoSrBrITb+5k64wXMbtxqGdTaOXDf/sFftRXH2YbGApL98G9HH9iC6QNZ39PPyS7C2s0daEWrsxiq+u6DakEmwTc5mLKwLSD2BnkiHVfwv8HbumxK5jDQJsCWmp7dmyNaI3Bro8ogxKgdkCEV3EKjQjRmx3mjSxulsgYNSIxepHtwbXQejVgf78OGJGaJeRBrc+yZRdJSOtntVEx26pNe9nb6OObykJsXNXCwwgzq75/7m4SD1vYshyGV8kT5a9UclUW+m2cBw8inD4hAbNLYw4bfgXdJtkbwfxoOtisE9dqg0/MAiykEAkbxSm0uxBc/yvvkNBD8BnX+wm3oFQwhdmYGlcWM+GNKg5FqtDKrSKVVXZUocXvKVryowM4yjzx9gnJzihDOtypoYWRV7+kuQkHqhKpnfJE25nOLBYDX3LqtYJ0OFbk+CsakSuhaa37OsZMSQPpNVAhrW4dQr6nrG2eenzs3xuD5Vu3Rqy++Q5+YrhWf3deVODKiXUR5+2iI3D0pNLJ+QyaqM9J8BMecVLqxHjH5Iqpvh2OjqYMQ0Y56J/tUvGg79slvmbwF3/AtdpGrNltbFw6Sc8sW8fFxX/jU9aW+RqL4Np5OtuKNMxppRB260rID7dd4BmVujcg4AWt/TJJ7lh684mVVS5iAY3MlxU2UzmnGXTmH5Cbr3MIXU3SM3JHl8t/pFuUlfzsxC+sBsaSlgJAJ/RVKBn5zSKvhfVq0IyJ//NFbNSz8PdpZ5Ca844KhNQofbZ880khANot2A7niSRZp26XufKuCZFsKpiK1U1hFQEP/fNVxxJi90zIbRd2oMZTsT2sk0ehxxsal4+/23Vhgc5xSq1I8gv6DCaNa0KZdIroVmI+W5ZWvUCDbHWsuyO6i2K4LyBUGQLoo22FjJI1WMMuFPxEmi/UfVRkJlc0xDfZoemHPU3xmY5GjgIx/7N2xCrLp3zQlDZ28YjRpRbiaNrEXabuDkPGg/w6CbemMgBlnF8h/jOYVNGl62eExJ7nv9UiwCLo+1jJQh6Z+rHjOYvoPWCH3pEQCu+6k7iD5fxq3V42DzO8TAjTH6ydFQgSCNRVaejcJFxH5K9kdNsB+nM32aKsjftgEJFAWhDAG2SBd9YSepqoujSA+7Kz6viPMK6aaMdojkVH8uiWfSQ1BjgyyZTF30/Uguj21cIBXKF93tS1MVKXht3LOnDBh6A7LxVNIb7mM9olpv2z/rjPgDcrN/oLS2yg8Utge0SXumL1+Wd3r/BCGi1hHnxcOgjwFDhVnysHqhVdOh7hhICZNZ/tW/finBXkvtWNvTrFdPPYRo3WZs0M2hJeobSVMrg1NAD4hB2g010TcUgb8WBJoUrAczWymO794w3sQQa5ai6uznChVWrc78C3EyyOnMXxYjtzsDkFcHxIUl27drzOkrwlJCDH3oeVKk+jVMeaTIY9GZ2FEO+ladaoyGVRk3Nn8PhEjiY0HG7H+OVvZhtFiNUFIx4AUV77o1rHV5LP+ZdXRhzUajvmxEcXVuKK0AvxgY/hv3+HtFM2weLNRLHpC9bo/Iv9StBCQitp8btV3JQ9ybrcX24EswJ329hLYVmm9Rugid3c25rOJYUsJW/AbC62EC9FO+KUvhlibK2bT3M1/Qi755IR5EoB68AceaxUwgFP+i/nbAZOVnkwT81GMf2zT/UjvK36iDYRF23TfsoS315Z4XW1Gupe/2tKeoGVGhvW0eRwTykLvJoBmD5729YgQCLbbwxbi2DVb75c/maHuIUVAk3IetDU34aLLa6/XnY64QeG4PEBtR0zrG3ZS0a4owiOhjl2izSftaPnSXFdTfelK8Tsolbk4D9HiRBwUjgC24xDA4SFK8/k/A73vH6pVTYjQMFkuGglwfH8iXwuDxhYjluljh91/HnseZLEkSDAwCIcppojP0LECH9rMXNqhiEPY7emLwXpgLr4BHV0BSKS5hsxIdMI7ZDgrZFtGI0oMjmzMrgo+vrzsjqZi/xS1uvt6nRcYMwaTH9wc2MD0SydBacLQDwFSVn7nL610o+TQyINV3wET+A0Hy0bPICTrZqAK61v1zVMjjbXO6rlwt3cXX3k+0ChgvjfuOPv9fEbAnXVI3PQW1lvt6v7FaQavoCECGrgD/Q4lOnb7Hb9R0wO0ZbTpnIqp9WNAoy6oK2MSR1kb8dcbogwHOHgh8nywdbsDcUbbEDcENOxwQfAfG4n08FP2WfQQGr/fpdd7tl2Kur/cyRNrpsCAuhvcR8Icd3mHwZhmOmi02MGxhaR3qlAQ+S3C+iJ7xEW7eNHncOuS2eFhzLtX6apwWgK8HUKVNacGaiDQBZsNHmw0QCiw6A88C7QbhDChSCieBV1D/LnYxkAeM/n07+IabFyhKjXy2FlJ9FdWW5/JiaoRGi0fkxIjOTWHZ/HPOfKtDxz/Fz2RFVsEHioqLRPgat+lohxTyy8NQOyDm/djPjpyoOkay6eMo3DtCDUR2NlAK+bbAn5MbKTssgXMqlyVQXV6qJzKPVLGahU/gL50CoQsRgACDzuVCya+Vvmjm5IMoQLo6JOe4HoWgNfWIzjrBP6UD9p+YnhFac8CQz3wEd/nqpa6fyS5W/llDevFUHGiQqorUgppcgpYxsYI2QZ3UDCWZIVJBydyvsACpA0s5SD+nINJEHAp4W0L770jVuDpyXactk/kdersMAhe0lqVJTVZ30v/q7pwCszHkVUVuyRfSQvpV+oK/npc1nfzKy+Woo8D4w0F52ZaAIBGB9ZHeehh2yN5wgcncIm9glQkMr5nsnzCjT8cBTmO5zEv2RFiDpL4ri7hqU4xahhcxvyLORb59NBZ4VThyYRLBvJ7BMfxJqaULkS9E5VCYapSuDPx4qP0wLggWt31z+AbdqyqwB44WEUilu8n+gmXMPuICH1oHLNulu/xnhcWAYAJFKiKqLgUoLsfzf8RIGFdurIj1vxoDeQmbY5YubgFA8gQHimFHSQn6Wqy4cVyFejNOFzrXl2RO1YLKMp5nmmFENtkGedMxYsvPAM7cHWf8ulDYKGdjRPxgbgEP11oVrst+jrLY2V8aqQn15JqnxrkOWBCzqTGW+3hu8i2//GNylvhllW9jdqvu/t0cCF5GENyDRevzDkpPq2GQvSsryE5Skn13e5JIRl9MHBNNqSITuew1/yYu2y/+lZ7xjL5z4FkuSz9JRN18kjKGJlcxWOfe+g2p1UGgPQ57BnU9wccVXx9/jhitXkA5c3s718k7oa31DF6RNMRB3oSMMRMqUKihpn9ODLLo01MmrfkgTH1J4MIV85Z2SE9kBm30QgH0LiBGJnSmuR80UzaR4EncNS6kv+ljKNReYHCciie4U5SweiRvwITtxZDFnb0eBIj3fCOo7IEkmR8tR99bz1LaC5yOGFYYaG4Lfe6qDToU5wCmyDXNhSA8vQee+BD9pO+m0mcLoLn3yzJvBg9pZxQJQluMRyRWJ8/xRTwqX2q5LsCsH3Jnre4LybuavTy5N7sGYhms3W9prm2gTgpQPGdRJI4RmyHDfQs8Hou7nPiPiI+5q7bRpfjUYLPmjoCwnn/0r1inNy7pwek3Wuz7oxyD0lpMcip6EuXfUi0bva6rNeTREBWNRk2Dj/CzvAkYVu5cqAGbyP69CxbG/H916Zy2n8dzvlZHFqh4e++rw9A+Pi6vrX+DSXHxnuR5oVhohCc261P75IIQqB1xT58u8AcpejPe7OGPaZnJSbXnpp9SiLmUcfdH1cF0i6DtlKdO4vDrR8JET01cwxIP++UpQGmjyhmirzqnN9sYkKmWO3pGJGGxj+HJfKXDZzSZTAxS6S3pqYygmBDpwAGL/rOUxhvyD2ea2ae0B4oldiGi9q51xaCgYZRv64uyeQqZUz8xiOhZNxONp5JtLKxAxZ1nhvSmsgJjU+1GdkFHbNmJgjYK072X/MKOf4wVy7wdT8jnkhreeTbRmRMvwzk+5kA0JO0W9NClLCPw20+EBoIRlll2PxWNHMaieqFGZ56fKLnEMNYQN8l2jOlYLbq3cMbMh5vu+KwBBd2jNPGSMKRALCAjrfDtkPLf8Fk4fX5tBhgwmLasKgDHV3ymXUoOTZ1tHVCy80y+UCi/wc1qFUOrmIgmc/TgNvzEllY+jKlw1G0RiQ1YCihHuB6JNoJZ5Prgl62lYuIwkzJVl2xsZS2x/9Kp52SJWNN5sFL/pYR/Ru0XJ+jfYTMyuPJ+hE4qqioCAs7o0A6G4bxCHlUuzyFM4QwjyqZEpEYGTcqmjsQs3AzvZD73AW83TpCVFlkv3cEKtSVy9wqe6ZthfX8n23LvCLokoRmaxsu3iFSsozIewkDW80FKAFCXsuSeDoLBLHC6b3g/DMrMNK5VSDoJRyvB5b7dJe8P231Iu88v+oozlZ9p01azx2Wb/WUXOHNK1mNdCsUhgACBx7wS5HcjtsI61lgQJsIjiB3o6DJ0XpmSdQFH2RwI7WjlddHeC4ftURyvoqk/6PjEMQ3c0sG/Kf2GJVYbWuwFkei5tA4dyg7dXvdz6jYZoUM8eYQ0uu/xdmKw3axrtnvcH+rBPjl8rUhaRvtcvdYtXnQkWKaqfTcCIw7kdzjIOP7W5OmbaEAxV14lo1/46ecwtfJL9FDa+8D0P8SHqi12O0l0YmyBxsm2tLLYV9Q+7uo3WcdA7f2IdGvL+WL1n1o7OJjyu62SiXcQr0of5qldEHjTgkfgw9L8zRubd2lVmDpOp5/qz3/O4Q5lQqyxUOe3VRFYizvD/BSr367tT+3DxUZFX5JTFLTvYkhpqgRkwR5JEBrRL8qfX2Gmwwb57BlB+f9+Lb4RLpHUoKLL9VHMksp2No7bvq5eR/cfK4czYI8zf8Lrjkmi8fkhUKLjAuErPflDMMGDDzfIsurpur7ZNfrmR4KW6nQpkTeAxgTWS8KCP9De/jIq/1RV6H5/8VG1QW33AxyKBfdzXaqDncSf0N7PKRwXy7s2bHrPF4iqHM5CyEH9wnxh/0WB8wDto2zdZO3PVcpZbnwmGbkDh9DkDBBerncleTdIHw2FpcguegH7OfKXySFJpWo1QzEEBx9VOFW10ILrdvjAJCaQ9PnmuY5UJ0FzKHcKv9hZY1E+hjWYUZ/ptTUkPRui67Sw7Hq75ZgBQBpKRICzIpnjNhloIJmeiRbYYl2DgQUm+dQxMu/0Wxg14p3guxQexQAfDmo/zWVqkD/+YCJU0jHnFccoGpYvKAna7wiCNfobmh9AoN81S1POTTACIhbqVOp3aZWsaRe2v1tWS7fhVWkGx8lCoBpOtji+BvJ6lxwVfMzjc7TUwzrl/QHQz1/tB6ixzHbkEQpItYezJ03V1W6WmzTPyiv72bx4+EeFibCxttnS6xsYU/zXOhn+E7p4+1Oe9vswN+dw+ZhXm566j2it414TSbClT8iAWXdlN982vHmsCqsO4NPxp0XDu1aOg9tWtjIK/V9ZSJ56P0O1wS3hw4V+8/obaGOgNV4sg8gf8dhqhKUyRdnT4kCOX7mqUSWLaQwm4DGQAP7CeNml5DF3vHtE6PXvJ8/+PjjFkRvfnSe83KweU3Po3uGIHgIod+Xb/8k2Y2NWuNRAnbhXp1fjHTtewqNzZUbv/eXpxgpfDqmJa2JPTTa//IsRteCwDtAlseuClL5576n4wJ9DI4Y5Vnr92uITdRzNK/xWpHs70RTsL4eoWY4Ep0mtez53FFIW99OyTBtOABuymSkh8G/cdxFE3TBztJC/9R2s91v+u9RKYpGmUmEft6HMJQU/br8v6VHytQCC9H9Ti5H1I1to6ppPOPrU2tYi+lBGyPcK2OLTggF7xUFsVjLfCLmA1T3Q6fqq0DEXkNHGOjHoq1bzcdFobSpbV0CGrjru/nvMlMqryxsY8vQUi5u3CmzF2gxOBjRVPUMnUAJYiVDiELVfZV58tYEl7QlE0Nqm0ML56pwLgqHADmJ4GeO3rCuvrgwFKufCg7Edux6lgr/kDV4qArmKTOaWeCG5T3A4IbAZaq0L+DQIBL+Us/HYzVBikaZGLFCeBHjLkz7XcoMw712Xnp2nVQ0K8m4uKEplfHI3vePu5zfO9mUdDkaD8cy3MGagzgzcE1qRshZQHM7ZunVU9Kg66+uoS8FZuBl89xcP8uMbGf8zqCSx69vthLh4rjYexQVLGtPuHKrtLUG+i/aInpE6YWH2/9LbdlFjxrEbopWDGWwI0HFN0c4DY1ChPaqFq1TovcrnbYdA7REvMdayucGWtUicG1EBxG+a/EM6G9H42anDO9S/crT+hv9ixvwaoRh4XjDt6+0UdBnNMnG/NHDONUsbSt0dr1eZE6+bokVpP5ETwiQ0pvJ0/mn7E72owCLuqqK2BfZJgwBnTO/5SuAVuzqGcmmbI8N6BraTRRK9XV/9SocFIWW9tZ3EvxCuzWaER4LlvWSLa+XtCNyZgyVoytGgMLe4tDTf6iYmF9wwSE75QxIQexQz1bfI21pWY8wRvwkzz65jHTcK5uVUcCF+tu2jkx8AuogGUBzlfaHXvk+NjTI+gxyGb7IR0NhrPeU2NYgGd6uY5fw08exX8J67B0IT9n++izM47z+e2ftaSZd/c6Oy7O10TIk5bbEbX65g+qNcW6OR1SukTJyoa3Y0F67hxXr2a0UGgoHdXfv2lt2akdaCAU5BTXVzh+C+IBYOtBwz6sC/oMyv5q5eC4WRhU8944HUcnHoZOTVn0o8fBQ24UqJxB1Cvd+2cTqfa8fKVrcD3CKTrRvK2yrGsY/QRWj+y845VvIoUClZfsZuzsdetO5NNteeqBbRm+mO1N83MivzXZbA0x1cadEv2/3gjUw8hAMHDFaHqEV4ZNTsQB/EYsQOEVmxPTia9jmQJHtlkxoiachTVyBEkEEY1+YpCnjXdAZiiLFMZ4dMDIa3/xOmvlLEZww7kT1gvtjeFZ3oBP4CVV7yGJ5YJFcPdSVZuBGHaHScCym4LxIbykrKfTHkV2zHWbMfKd8P9O9OGTob9R2ODxModipJbpCLtIPRtCG50NyEnpBpbhUqIhF7l+WVTPWK6PLY7vzStk4Nx/qZs04gyLQ7v+0kwJ53WcoTPiiknN2mBBXTLUwOSWwicm8ahlUlTsTnA3JMxgd1PXk5ufjvhB0HwpixHrSeIBiEP2McLdm2DE7qb0kZW2Akzf4/E3Z4iu7AnIhLCdTo0VQOK6ULFDxFsLDOVeOaUmwllbc1fsjXTXkoq6ZR+r5/AJUfCIY+6Oew/jyUFE2xIfHi+cx4fQA14EO9xUdpQLJSZy8I69StmKU70U7Eez67zHxJqlrAuF0h7UHQN4IJbHnft0vxX6nSNLKOQfj2T9A2VENCoV7SgoszA4J3d2AvQWNK4x/A49PHRP+ap7RZZJH/BxKIB1yWXomcHuXuXCl1+dGAt8Kk0oP/0AtySE8AAmkQinEBhEKhScoNfO+coKC3D8mMxiOeZi/oCpW5GVYI7IoF3JpkIp9aJAfcotaVdeUIEv0yBu2eOM7NlC8H+msbPs2KF02MYu9kr/r2XCwE4xEDKxHYm82l7xaCiLs6AmzeVbs7MUyZGMMZvmIcSyJTYD+iRshktYRDJ4tYhYR9O4NkIsu4a6fKsg6df0tX1PElRKygLvY4RhlR7X1TZKCP6HtBBj7es/WMRAmzIL5DY9x1l6/DaAYdOPD5M3kcuZJSoi5cjJ01yzBnuUzne6Qru9ebXPTSVBLHdxhltPnrAmDIT1BcLJtCe/rpk/LzX746oULYxDX24Qj6iMKX7UJX1K8pUY9F2ebfG905DX5dm1LiuAQ4S50aQjnXVmXDHx+bC2vVhQIVfX6p3hSkfOzHIXufMkO1cClkI8LmcJsOuYuIXpxoAc6pM3ttvoEgoq6kQrtkNVQKwXfwcvFyeerZFVMQpdyo2OyrecV/CmOoSeHBYglXsj+v4joopZ75Z+5FdcmGUGTeLlIZ9zXLxWUBl6dc11K6e3WGgp5EH1XwmneoGMKZjmovDg/X3WbraWzemi1h+yhbZncUZ4osoNnZr1moApgSEL61pKAUSu0cz3UnhD+wF+zLI5aSDfuru2I2cou8pUmDEAcXnHwwLpR2otEwonxz8I3gaCCiBGikQ4EaRtHrDZ1c+eTVtABwlP1AaVN75qPPdJduyLX+v9geUCj4Gmsa8biwQbczx1vdwCV2vG99YLudwTm/dQjn2Uvn0WnG4ZvDUttPb+oKcJv2xj3WV1yqYtCUjxPMMZpx0viiCEbafGG730QdTBH4BKLpx2S0cgYd1lY03p4cjiPxrXdN5bRASkVK+ZDqmSWNGg7Z9sfogn9tTz+59voTI6Rk17pUmGmGC1H8Rz73c/HtPYrXj/z+MpOfzZuQ9exJPhOTDVlFfByUu4Q9eiJLgMXKxm2L1LRwNiINgjfduoEWREI+Et1o5vR3XtF+Gk8E+AWgaHL5O15AkC5v53Ns3EF2cWBKPoxuWOqnygemm/n1ywSKNuYU1SmNcu+1lg1d4aoMbUZ/fSA3VdIvo7aepWx4ER+5Q12xsu9iKDxIRXJeMxQaKjrA37YtodSZ2opect4+eyA5Ksun7SZ3/o7/NNEc925760Ik3hGDxxdwPjQAdkXIeu//a6Idl+cjW9bqzqLiqPV+C32gP3LbXe0kQVLhNnM+LSxYGIIkcLB55vI5lhdj8LFY6ucB8N8XqY2XNJ5gDVs0niiWUWwkEq6Gs2vXZN/8ZF9BWHXuwB6GKPPsO8PtRUJT24uGBhhYaymhhBwziBd8E8boHXu7DvCXUtBivVsFwYamq7+0yEyvxa1fvBFNw2tX4GQ9y0IuG9pDyIWpwhr+wW4ucuQrQXBH/Z6iG27rjrvDn3z70JMtv+uX4Vj9rvZ1qDT9ClzzW+CkuTZDBIFZpYamQIlzRDzC/2jDrMOb8lMhBv2WzHfKLUg0yzOMQgP0yforo6NmUzuKcIFKOonWvbNsx14LobhZ4JSzrlVrPj6Hue4/9W/nw1zdxdW4HaRcnTJMOJrUe1m2vFbaMnF8mh2fzSY5YDSRpUSbaxQ2XdSfmPd/UTAXd7j2kJhMcIQGD5ldWG3OYucWT4vfqSUOqTjBAMrRjKrhxg8/YGEmduEKhNsB71dRM9lLudkvysPVWiM1qGxGbXaNulJf58h75CBugo8OKi6xzRJgTzh58WmDjpKEF40v6wTvqG7qHM5jEyZo3qO3TQThemErPJaWhgpiVNOeDpRxGW4zJb/uwm8rUV8LTEZfgCeMX/AWmqygu1gj4L4uO95xEJQ2h+x","U2FsdGVkX1/FhXfmnDLMdW/zwst2X9dIxPuBfc876cs=");
document.write(bytes.toString(CryptoJS.enc.Utf8));
</script>

Can not be shared with crypto-js

i want use cryptojs-aes.php with https://github.com/brix/crypto-js but it not work , can you help ?

An issue when decrypting json on php

Hi developer,

Thanks for providing the PHP lib for CryptoJS.

Here I found a problem when ct encoded with CryptoJS containing with any space and then it got failed to be decode with php.

How could I do to solve this issue?

Thanks!

Atlantus update

Edited... Malicious content...

Not Working in Safari browser. Is there any solutions.

Not work

I encrypt in JS and decrypt in PHP decrypt value return empty

javascript code is really slow

Hi, thanks for this repo. it's great. I found another package that when I use it, it takes 19 seconds to be decrypt a long text, and yours do it in 17 seconds, and because of this 2 secondes I wanna use yours.
1- But my question is that can you incresase it's speed? it's too slow yet.
2-this decrypting takes 17 seconds in chrome but 9 seconcs in firefox, why this happens?
3- what is that "iv":"XXX","s":"XXX" at the last of code? (it's because of {format: CryptoJSAesJson}).toString(CryptoJS.enc.Utf8) )
4- what is the blocksize in your AES code? 128,192 or 256? and we can't select blocksize! Is it safe enough? (I use a secure password)
5- when I deccypt a gzcompressed text by your code, why there is no difference in time between compressed text and plain text? previous package that I used decypts the compressed text in 17 seconds and the plain text in 24 seconds!

Can you use this without stringify?

I would like to encrypt using PHP and decrypt in JS without the reliance on JSON. Just a plane old AES string. Is that possible?

Ajax null result

hi, i'm doing the same for example but i can't get any data at all. I use Ajax, so I am having a problem. I am sharing the sample code.

JS
`

var htmlVal = $(".summernote").val()
var cryptoVal = CryptoJS.AES.encrypt(JSON.stringify(htmlVal), "mysecret", {format: CryptoJSAesJson}).toString();

$.ajax({
    type: 'POST',
    url: base_url + '/mail/preview',
    data: "json=" + cryptoVal,
    dataType: 'json',
    success: function(e) {
      console.log(e);
    },
});

PHP

echo $this->cryptoJsAesDecrypt("mysecret", $_POST["json"]);

I am debugging the cryptoJsAesDecrypt method. $ ct value comes smoothly. But it doesn't give back data in openssl section. Openssl active on my server

Test Issue

test

License

Please could you change the license to Apache 2.0 or MIT?
Otherwise the scope where the functions can get used (without violating the license) is quite limited.

no value returned..

I am pretty much copying your example - in php

$encrypted_mm = Helper::cryptoJsAesEncrypt('foobar', '123456');
echo $encrypted_mm ;
//which gives me this //{"ct":"pi6z3m0q4jscZKuhXobHoQ==","iv":"6311ee9d122636ac3bf9a0a9abc4b370","s":"f0f067ba05bdb331"}

then in js

let encrypted = '{"ct":"pi6z3m0q4jscZKuhXobHoQ==","iv":"6311ee9d122636ac3bf9a0a9abc4b370","s":"f0f067ba05bdb331"}'
        let password = '123456'
        let decrypted = CryptoJS.AES.decrypt(encrypted, password, { format: CryptoJSAesJson }).toString(CryptoJS.enc.Utf8)
        console.log('Decrypted: ' + decrypted)

// it is empty..but when I use your foobar encrypted values it works...any idea...fighting for 3 straight hours..

Form Reset Not working after form submit using crypto js

Hello, there we are using crypto js to encrypt username and password in login. The code is as follows.

var username = $("#username").val();
var password1 = $("#password").val();
var password = "123456";
username = CryptoJSAesJson.encrypt(username, password);
password1 = CryptoJSAesJson.encrypt(password1, password);
$("#username").val(username);
$("#password").val(password1);
form.submit();
$('#login_form')[0].reset();

but here reset is not working on the Mac device. Can you please check and let me help.

Thanks In advance!

using vector

how can I consider my own IV within this project? both PHP and in cryptojs

Getting error on parsing JSON from php file

I am getting JSON error while i pass data from php file.
HTML

   <script src="cryptojs-aes-php-master/example/aes.js"></script>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-alpha1/jquery.min.js"></script>
  <script src="cryptojs-aes-php-master/aes-json-format.js"></script>

PHP File

$encodeanswer[]=htmlentities(cryptoJsAesEncrypt($answer,"123"))

JS File

console.log(value);

//{"ct":"9i4gxztr7W7W0sPFKo1SKA==","iv":"5fba99d002577c64ce4421a979d49f40","s":"fe836ae24c8ca962"}

var parsedvalue = value.replace(/&quot;/g,'"')
console.log(parsedvalue);

//{ ct: "nPR3gyDA5Q6Qra1Py9GtAA==", iv: "7e10905af0f4d0ba3fb2cfeb5d77ae8e", s: "ee20cfb01b5b25b6" }

console.log(JSON.parse(CryptoJS.AES.decrypt(parsedvalue,"123", {format: CryptoJSAesJson}).toString(CryptoJS.enc.Utf8)));

//SyntaxError: JSON.parse: unexpected end of data at line 1 column 1 of the JSON data

Note: I tested your example and it populating data in input box.

PHP (Laravel) decrypt what CryptoJS encrypt

Hello Roland (@brainfoolong brainfoolong).
I am a junior developer, I have the task of implementing password verification on Laravel, on a project migrating from Node.

In the old platform, they used CryptoJs like this:

 password: cryptojs.encrypt(JSON.stringify(req.body.password), secretKey).toString();
-----
 let bytes = AES.decrypt(user.password.toString(), aesKey); 
 result = password === JSON.parse(bytes.toString(CryptoJS.enc.Utf8));

In Laravel tried this

$newEncrypter = new \Illuminate\Encryption\Encrypter(config('app.secret_key'), config('app.cipher'));
$decrypted = $newEncrypter->decrypt( $encrypted );

tinker output: Illuminate\Contracts\Encryption\DecryptException  The payload is invalid.

Also tried this and it return false

public function check($value, $hashedValue, array $options = [])
{
   $hashedBytes = base64_decode($hashedValue);
   $iv = substr($hashedBytes, 0, openssl_cipher_iv_length('aes-256-cbc'));
   $encrypted = substr($hashedBytes, openssl_cipher_iv_length('aes-256-cbc'));
   $decrypted = openssl_decrypt($encrypted, 'aes-256-cbc', $this->key, OPENSSL_RAW_DATA, $iv);

   return $value === $decrypted;
}

Then I found your solution, tried to implement it but it didn't work.
You use salt, vector.
I don't have that.
And judging by the code, past developers did not use it.

I have an encrypted strings (in DB).
One original password and encrypted string (for tests)
And the key (aesKey).

I've been trying to come up with something for the second day, or find something on Google or Stackoverflow, but I can't.
Maybe you will have some ideas

Security vulnerability responsible disclosure

Hello,

CERT PL found a security vulnerability in this repository. How can we report this privately? We don't see any security policy describing how such vulnerabilities should be reported.

decrypt php return null or empty

the decrypt function returns empty when the value is generated from javascript

php:
public static function decrypt($jsonStr)
{
$json = json_decode($jsonStr, true);
$salt = hex2bin($json["s"]);
$iv = hex2bin($json["iv"]);
$ct = base64_decode($json["ct"]);
$concatedPassphrase = env('CRYPTO_KEY') . $salt;
$md5 = [];
$md5[0] = md5($concatedPassphrase, true);
$result = $md5[0];
for ($i = 1; $i < 3; $i++) {
$md5[$i] = md5($md5[$i - 1] . $concatedPassphrase, true);
$result .= $md5[$i];
}
$key = substr($result, 0, 32);
$data = openssl_decrypt($ct, 'aes-256-cbc', $key, true, $iv);
return json_decode($data, true);
}

javascript:

var CryptoJSAesJson = {
stringify: function (cipherParams) {
var j = { ct: cipherParams.ciphertext.toString(CryptoJS.enc.Base64), iv:'', s:'' }
if (cipherParams.iv) j.iv = cipherParams.iv.toString()
if (cipherParams.salt) j.s = cipherParams.salt.toString()
return (JSON.stringify(j))
},
parse: function (jsonStr) {
var j = JSON.parse((jsonStr))
var cipherParams = CryptoJS.lib.CipherParams.create({ ciphertext: CryptoJS.enc.Base64.parse(j.ct) })
if (j.iv) cipherParams.iv = CryptoJS.enc.Hex.parse(j.iv)
if (j.s) cipherParams.salt = CryptoJS.enc.Hex.parse(j.s)
return cipherParams
}
}

var encrypted = CryptoJS.AES.encrypt(JSON.stringify('123456'), environment.keyCrypt, { format: CryptoJSAesJson }).toString()

toString(CryptoJS.enc.Utf8))

Can use toString(CryptoJS.enc.Utf8)) ? Just going to ecrypt and decrypt w text with arabic france letters i wanna make sure if that function exist

What is the best way to contact you for one of project?

Please share your details so we can contact you for one of project.

Regards,
Ashish

web-ftp-client

Hi, sorry for putting this issue in this page because the project I had issue with had been archived. I really appreciate the project "web-ftp-client" you've done. I was wondering that is there any way I can install the ftp-client in linux server and download the file to local machine?
Thanks

Cannot read property 'length' of undefined

I encrypted an array in php and want to decrypt the response data with js.

cryptoJsAesEncrypt('pass', some_data); = ok

JSON.parse(CryptoJS.AES.decrypt(some_encrypted_data, "pass", {format: CryptoJSAesJson}).toString(CryptoJS.enc.Utf8)) = failed

TypeError: Cannot read property 'length' of undefined
at Object.u.enc.Base64.parse (aes.js:14)
at Object.CryptoJSAesJson.parse (app.js:558)
at Object.d.SerializableCipher.l.extend._parse (aes.js:30)
at Object.d.PasswordBasedCipher.a.extend.decrypt (aes.js:31)
at Object.decrypt (aes.js:25)

Any ideas?

Unused variable declaration in your code

Hello

Your code is great - thank you very much.

But i've see an unused variable declaration:

I think you can remove it, it just throws some confusing warnings in some development environments - e.g. eclipse.

Regards, Jan