1

Hi i have problem with aes-256-cbc encryption. I want encrypt some text in php and after that decrypt it in javascrypt with pidCrypt library.

EDIT: I try to decrypt online here: https://www.pidder.de/pidcrypt/?page=demo_aes-cbc

In console working everything ok (encrypt in php decrypt in pidCrypt) i type this command: (OpenSSL v. 1.0.1i 6 Aug 2014)

echo "some text to en/decrypt"|openssl enc -aes-256-cbc -a
pass: 123456789

I get this:

U2FsdGVkX18c8uPBYdA0af5odtv2WA0Y4a2LhlB3xGUo6pAodMVMAckXr0XcUbJ8

But in php file on server (OpenSSL v. 1.0.1e 11 Feb 2013 OR 0.9.8r 8 Feb 2011 result is the same)

$encrypted = @openssl_encrypt('some text to en/decrypt', 'aes-256-cbc', '123456789');

I get this:

Pqmtan2DSnGKe87JbOmzD5Rz04T3Nwa4K8zqsohPWec=

Outputs are not the same (php file vs console command) and second output can not be decrypted in pidCrypt (but in php file on server yes)

Can anybody help? Why are not result the same? What i must do when i want output as from console?

Lajdák Marek
  • 2,969
  • 8
  • 29
  • 58
  • 2
    The problem stems probably from the misconception that the `password` argument for the `openssl_encrypt` function in PHP is the same as the pass parameter of the commandline tool. It is not. It is the key which may be derived from the password. – Artjom B. Feb 10 '15 at 11:30
  • Ok so can you write more? How i can get key? Is enough convert password to HEX? (because it dont work) – Lajdák Marek Feb 10 '15 at 12:27
  • Everything is explained about command line vs PHP function in the PHP documentation [http://php.net/manual/fr/function.openssl-encrypt.php#104438](http://php.net/manual/fr/function.openssl-encrypt.php#104438) – Jaay Feb 10 '15 at 09:21
  • But my issue is not with decrypt in PHP that it works. In first case i have not tried it because it working (php encrypt and js decrypt) And with second case (only PHP) is en/decryption working WITHOUT strtohex function like this: `openssl_decrypt('Pqmtan2DSnGKe87JbOmzD5Rz04T3Nwa4K8zqsohPWec=', 'aes-256-cbc', '123456789'); ` But on javascript side is not decryption working even if i use strtohex function... – Lajdák Marek Feb 10 '15 at 09:41
  • Similar question is asking here http://stackoverflow.com/questions/7247083/javascript-php-encryption-with-pidcrypt tell me if this is not helping – Jaay Feb 10 '15 at 09:44
  • Sadly no :( I tried to multiple options from yours link but RSA en/decoding i have and it works fine. (php encode and js decode). I just simple need the same result from executable php file as from console... That's all folks! :) – Lajdák Marek Feb 10 '15 at 10:19
  • Can you add in your original post more details, encryption in PHP, decryption in JS and encryption in JS and decryption in PHP with your code, it's a bit confusing – Jaay Feb 10 '15 at 10:30
  • If you just want to encrypt with a key, I suggest you read up on how to specify the key and IV in hex in the command line tool. Otherwise you may be required to implement the OpenSSL proprietary key derivation mechanism in PHP.... – Maarten Bodewes Feb 13 '15 at 13:17
  • More information [here](http://wiki.openssl.org/index.php/Manual:EVP_BytesToKey%283%29) – Maarten Bodewes Feb 13 '15 at 13:25

0 Answers0