1. 首页
  2. 问答
  3. js-mcrypt和php的mcrypt不输出相同的值

js-mcrypt和php的mcrypt不输出相同的值

2014-01-10 30 views
0

我需要在JavaScript中使用AES加密数据,然后将其发送到我们的服务器以供PHP解密。是的,我知道,这是不安全的,人们将能够解密它 - 我们正在使用这种方式来让人们更难以反转和反混淆我们的代码。js-mcrypt和php的mcrypt不输出相同的值

我使用这个库:

https://github.com/Dexus/js-mcrypt/blob/master/mcrypt.js

我使用的Rijndael-128和CBC用于AES,用16的块大小我已验证该值是对同一PHP & JS。我可以在JS和PHP中使用相同的密钥,IV和rijndael-128/cbc对字符串进行加密和解密,但由于某些原因,PHP无法解密JS的输出。有人能帮助我并指出我做错了什么吗?

下面的代码:

<script type="text/javascript" src="Serpent.js"></script> 
<script type="text/javascript" src="rijndael.js"></script> 
<script type="text/javascript" src="mcrypt.js"></script> 

<?php 
    function hex2bin($text) 
    { 
     return pack('H*', $text); 
    } 

    echo mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); 
    echo "->" . mcrypt_get_key_size('rijndael-128', 'cbc'); 

    $ciphertext_hex = "86B83EB77A6D40CACABAD79F0EA335E8454B1A9974B2D89D43B3EE0E25B649FB19EB88DF7A4490F9AB05F44701F081DD"; 
    $ciphertext = hex2bin($ciphertext_hex); 

    $key_hex = "31323334353637383930313233343536"; 
    $key = hex2bin($key_hex); 

    $iv = "123456789"; 
    $cipher = "rijndael-128"; 
    $mode = "cbc"; 

    $plaintext = mcrypt_decrypt($cipher, $key, $ciphertext, $mode, $iv); 

    echo "<h2>Enc in JS, Dec in PHP</h2>Encrypted: $ciphertext<br /><br />\n\nDecrypted: $plaintext"; 

    echo "<h2>Enc/Dec in PHP</h2>Encrypted: " . ($encd = mcrypt_encrypt($cipher, $key, "this is the message I want to encode", $mode, $iv)) . "<br><br>\n\n"; 
    echo "Decrypted: " . mcrypt_decrypt($cipher, $key, $encd, $mode, $iv); 
?> 

<div id='js_results'></div> 
<script> 
    var hexdigits='ABCDEF'; 
    var hexLookup=Array(256); 
    for(var i=0;i<256;i++) 
     hexLookup[i]=hexdigits.indexOf(String.fromCharCode(i)); 

    var bin2hex=function(str){ 
     var out=''; 
     for(var i=0;i<str.length;i++) 
      out+=hexdigits[str.charCodeAt(i)>>4]+hexdigits[str.charCodeAt(i)&15]; 
     return out; 
    } 

    var hex2bin=function(str){ 
     var out=''; 
     var part=-1; 
     for(var i=0;i<str.length;i++){ 
      var t=hexLookup[str.charCodeAt(i)] 
      if(t>-1){ 
       if(part>-1){ 
        out+=String.fromCharCode(part|t); 
        part=-1; 
       }else 
        part=t<<4; 
      } 
     } 
     return out; 
    } 

    var cipher = "<?php echo $cipher; ?>"; 
    var mode = "<?php echo $mode; ?>"; 
    var key = hex2bin("<?php echo $key_hex; ?>"); 
    var iv = "<?php echo $iv; ?>"; 
    var msg = "this is the message I want to encode"; 

    var enc = mcrypt.Encrypt(msg, iv, key, cipher, mode); 
    var enc_hex = bin2hex(enc); 

    var enc_hex_static = "<?php echo $ciphertext_hex; ?>"; 
    var enc_static = hex2bin(enc_hex_static); 
    var dec = mcrypt.Decrypt(enc_static, iv); 

    document.getElementById('js_results').innerHTML = "<h2>Enc in JS</h2>Encrypted: " + enc + "<br><br>\n\nEnc in Hex: " + enc_hex + "<br><br>\n\nDec: " + dec; 

</script>

来源

2014-01-10 Paul B

回答

0

转换两个字符串使用相同的字符编码像UTF8解决方案的

来源

2014-01-10 07:49:52

+0

你的意思是加密的字符串? –

+0

的纯文本字符串转换 –

+0

的JavaScript字符串编码为utf8,并在PHP解码输出为utf8,没有不幸的是解决问题 –

0

一部分是固定为什么很早就您的编码出错。例如:在密文上的hex2bin之后的字符串,与js/php进行比较。我使用了不同的函数来测试输出(hex2bin的不同实现),但我无法在js/php之间的特定位置找到除实际密文之外的错误。我试图找出一些时间来弄清楚如何解决这个问题。

来源

2014-01-14 17:59:43

相关问题

 相关问题