Obtain identical encryption results with CryptoJS (JavaScript) and OpenSSL (PHP)

Question

Obtain identical encryption results with CryptoJS (JavaScript) and OpenSSL (PHP)

I am in the process of integrating a PHP encryption function into a ReactJS application. I have a requirement to transmit the token in a specific format that was generated using the OpenSSL library function (openssl_encrypt).

It has been observed that the PHP function generates a slightly shorter string compared to the JAVASCRIPT function, but both functions maintain the same attributes and properties.

PHP:

protected static function encrypt($stringData) {
  $encrypted = false;
  $encrypt_method = 'AES-256-CBC';
  $iv = substr(hash('sha256', static::$ivMessage), 0, 16);
  $encrypted= openssl_encrypt($stringData, $encrypt_method, static::$apiSecret, 0, $iv);

  return $encrypted;
}

JAVASCRIPT:

export const encrypt = (stringData) => {
  const iv = CryptoJS.SHA256(IV_MESSAGE).toString(CryptoJS.enc.Hex).substring(0, 16);
  const encrypted = CryptoJS.AES.encrypt(stringData, API_SECRET, {
    iv,
    mode: CryptoJS.mode.CBC,
    pad: CryptoJS.pad.ZeroPadding,
  });

  return encrypted;
};

Sample constants:

const stringData = "{"uid":19,"price":10000000,"duration":240,"credit_purpose":5,"new_tab":false,"cssFile":"kalkulatorok","css":[],"supported":false,"email":"<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="afdbcadcdbefdbcadcdb81c7da">[email protected]</a>","productType":"home_loan","method":"calculator","calculatorType":"calculator","unique":true}";
const IV_MESSAGE = "a";
const API_SECRET = "secret_key";

(same for PHP function --> $stringData, $ivMessage; $apiSecret)

How can I replicate the PHP function in JavaScript successfully? What steps should I take next?

javascript php encryption openssl cryptography

Answer 1

Answer №1

To achieve the encryption of PHP code in CryptoJS, certain modifications need to be made to the CryptoJS code:

The key must be passed as a WordArray. Passing it as a string will result in interpretation as a passphrase from which a 32-byte key is derived.
PHP pads keys that are too short with 0x00 values up to the specified length. On the other hand, CryptoJS does not do this and may use undefined round numbers for AES due to a bug when invalid keys are used, leading to mismatched ciphertext.
PKCS7 padding is utilized in the PHP code (see comment). This padding must also be included in the CryptoJS code, where it is the default along with the CBC mode.

The provided PHP code snippet:

function encrypt($stringData) {
    
  $ivMessage = "a";
  $apiSecret = "secret_key"; 

  $encrypted = false;
  $encrypt_method = 'AES-256-CBC';
  $iv = substr(hash('sha256', $ivMessage), 0, 16);
  $encrypted= openssl_encrypt($stringData, $encrypt_method, $apiSecret, 0, $iv);

  return $encrypted;
}

$stringData = '{"uid":19,"price":10000000,"duration":240,"credit_purpose":5,"new_tab":false,"cssFile":"kalkulatorok","css":[],"supported":false,"email":"<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="9de9f8eee9dde9f8eee9b3f5e8">[email protected]</a>","productType":"home_loan","method":"calculator","calculatorType":"calculator","unique":true}';
print(encrypt($stringData) . "\n");

produces the output:

d/H+FfTaT/3tIkaXtIix937p6Df/vlnxagNJGJ7ljj48phT7oA7QssTatL3WNZY0Igt0r5ObGyCt0AR0IccVTFVZdR+nzNe+RmKQEoD4dj0mRkZ7qi/y3bAICRpFkP3Nz42fuILKApRtmZqGLTNO6dwlCbUVvjg59fgh0wCzy15g51G6CYLsEHa89Dt193g4qcXRWFgI9gyY1Gq7FX0G6Ers0fySQjjNcfDJg0Hj5aSxbPU6EPn14eaWqkliNYSMqzKhe0Ev7Y54x2YlUCNQeLZhwWRM2W0N+jGU7W+P/bCtF4Udwv4cweUESXkHLGtlQ0K6O5etVJDtb7ZtdEI/sA==

The following CryptoJS code snippet generates the same ciphertext:

const IV_MESSAGE = "a";
const API_SECRET = "secret_key\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";

function encrypt(stringData){
    const iv = CryptoJS.SHA256(IV_MESSAGE).toString(CryptoJS.enc.Hex).substring(0, 16);
    const encrypted = CryptoJS.AES.encrypt(
        stringData, 
        CryptoJS.enc.Utf8.parse(API_SECRET), 
        {
            iv: CryptoJS.enc.Utf8.parse(iv)
        });

    return encrypted;
};

const stringData = {"uid":19,"price":10000000,"duration":240,"credit_purpose":5,"new_tab":false,"cssFile":"kalkulatorok","css":[],"supported":false,"email":"<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="750110060135011006015b1d00">[email protected]</a>","productType":"home_loan","method":"calculator","calculatorType":"calculator","unique":true};
const ciphertextB64 = encrypt(JSON.stringify(stringData)).toString();

console.log(ciphertextB64.replace(/(.{64})/g,'$1\n'));

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>

Additionally, consider the following:

It's recommended to avoid encoding the IV as a hex string during IV generation and use binary data directly. Different platforms may apply different upper/lower case conventions for hex numbers, so keep this variation in mind. However, lowercase usage here poses no critical issues.
If a passphrase like secret_key is used as the key, it's advisable to employ a secure key derivation function (e.g., PBKDF2 with a randomly generated salt) due to low entropy. Avoid using the default KDF in CryptoJS, OpenSSL's proprietary function EVP_BytesToKey, as it lacks standardization and is considered relatively insecure.
For security reasons, static IVs should be avoided. Instead, generate a random IV for each encryption operation. The IV, which is non-secret, is typically concatenated with the ciphertext in the format IV, ciphertext (see comment).

Answer 2

To achieve the encryption of PHP code in CryptoJS, certain modifications need to be made to the CryptoJS code:

The key must be passed as a WordArray. Passing it as a string will result in interpretation as a passphrase from which a 32-byte key is derived.
PHP pads keys that are too short with 0x00 values up to the specified length. On the other hand, CryptoJS does not do this and may use undefined round numbers for AES due to a bug when invalid keys are used, leading to mismatched ciphertext.
PKCS7 padding is utilized in the PHP code (see comment). This padding must also be included in the CryptoJS code, where it is the default along with the CBC mode.

The provided PHP code snippet:

function encrypt($stringData) {
    
  $ivMessage = "a";
  $apiSecret = "secret_key"; 

  $encrypted = false;
  $encrypt_method = 'AES-256-CBC';
  $iv = substr(hash('sha256', $ivMessage), 0, 16);
  $encrypted= openssl_encrypt($stringData, $encrypt_method, $apiSecret, 0, $iv);

  return $encrypted;
}

$stringData = '{"uid":19,"price":10000000,"duration":240,"credit_purpose":5,"new_tab":false,"cssFile":"kalkulatorok","css":[],"supported":false,"email":"<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="9de9f8eee9dde9f8eee9b3f5e8">[email protected]</a>","productType":"home_loan","method":"calculator","calculatorType":"calculator","unique":true}';
print(encrypt($stringData) . "\n");

produces the output:

d/H+FfTaT/3tIkaXtIix937p6Df/vlnxagNJGJ7ljj48phT7oA7QssTatL3WNZY0Igt0r5ObGyCt0AR0IccVTFVZdR+nzNe+RmKQEoD4dj0mRkZ7qi/y3bAICRpFkP3Nz42fuILKApRtmZqGLTNO6dwlCbUVvjg59fgh0wCzy15g51G6CYLsEHa89Dt193g4qcXRWFgI9gyY1Gq7FX0G6Ers0fySQjjNcfDJg0Hj5aSxbPU6EPn14eaWqkliNYSMqzKhe0Ev7Y54x2YlUCNQeLZhwWRM2W0N+jGU7W+P/bCtF4Udwv4cweUESXkHLGtlQ0K6O5etVJDtb7ZtdEI/sA==

The following CryptoJS code snippet generates the same ciphertext:

const IV_MESSAGE = "a";
const API_SECRET = "secret_key\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";

function encrypt(stringData){
    const iv = CryptoJS.SHA256(IV_MESSAGE).toString(CryptoJS.enc.Hex).substring(0, 16);
    const encrypted = CryptoJS.AES.encrypt(
        stringData, 
        CryptoJS.enc.Utf8.parse(API_SECRET), 
        {
            iv: CryptoJS.enc.Utf8.parse(iv)
        });

    return encrypted;
};

const stringData = {"uid":19,"price":10000000,"duration":240,"credit_purpose":5,"new_tab":false,"cssFile":"kalkulatorok","css":[],"supported":false,"email":"<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="750110060135011006015b1d00">[email protected]</a>","productType":"home_loan","method":"calculator","calculatorType":"calculator","unique":true};
const ciphertextB64 = encrypt(JSON.stringify(stringData)).toString();

console.log(ciphertextB64.replace(/(.{64})/g,'$1\n'));

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>

Additionally, consider the following:

It's recommended to avoid encoding the IV as a hex string during IV generation and use binary data directly. Different platforms may apply different upper/lower case conventions for hex numbers, so keep this variation in mind. However, lowercase usage here poses no critical issues.
If a passphrase like secret_key is used as the key, it's advisable to employ a secure key derivation function (e.g., PBKDF2 with a randomly generated salt) due to low entropy. Avoid using the default KDF in CryptoJS, OpenSSL's proprietary function EVP_BytesToKey, as it lacks standardization and is considered relatively insecure.
For security reasons, static IVs should be avoided. Instead, generate a random IV for each encryption operation. The IV, which is non-secret, is typically concatenated with the ciphertext in the format IV, ciphertext (see comment).

Obtain identical encryption results with CryptoJS (JavaScript) and OpenSSL (PHP)

Answer №1

Similar questions

Utilizing JavaScript variables imported from an external library in Next.js: A Guide

Removing Embedded Json Element from a Collection in AngularJS HTML

Ways to extract the coordinates for slices positioned around the circumference of a pie chart

What is the process by which JavaScript evaluates the closing parenthesis?

React - triggering a router link action before the link is assigned a value

What is the purpose of the "Dot" symbol in the "runtimeArgs" property of the launch.json file in Visual Studio Code?

Issue: nodebuffer is incompatible with this platform

Monitor the number of ng-repeat items altering within a directive

Convert string query into an array in PHP containing keys and values

Is it possible to utilize a single command in Discord.js to send multiple embeds?

Implementing OAuth2 in a Microservices architecture to establish a user account

Why does the value become "Undefined" once it is passed to the controller function?

Using Javascript to retrieve form data from a separate file

Include a class above the specified element; for instance, apply the class "act" to the "<ul>" element preceding the "li.item1"

Reading a Json file with keys in puppeteer BDD: A Guide

Ensure that the input remains below ten

The code below is not working as it should be to redirect to the home page after logging in using Angular. Follow these steps to troubleshoot and properly

Navigating through nested objects when processing a JSON stream

Exploring Angular 10: Managing Two Promises in ngOnInit

Preserving data in input fields even after a page is refreshed