How to Decrypt AES Encryption in PHP with MCrypt Using evpKDF()?-PHP Tutorial-php.cn

How to Decrypt AES Encryption in PHP with MCrypt Using evpKDF()?

DDD

Release： 2024-11-03 02:02:02

Original

402 people have browsed it

How to Decrypt AES Encryption in PHP with MCrypt Using evpKDF()?

Decrypting AES Encryption in PHP with MCrypt

In this scenario, a password is encrypted using CryptoJS in JavaScript and needs to be decrypted on the server side with PHP using MCrypt. Here's how to achieve this:

Issue with Decryption in PHP

The previous attempt to decrypt the password using MCrypt's mcrypt_decrypt() function failed due to differences in key generation. CryptoJS utilizes a password to create both the AES key and initialization vector (IV), while MCrypt only uses the key for encryption/decryption.

Solution with evpKDF() Function

To resolve this, we need to derive the key and IV in PHP using the same method as CryptoJS. Here's a custom evpKDF() function for this purpose:

<code class="php">function evpKDF($password, $salt, $keySize = 8, $ivSize = 4, $iterations = 1, $hashAlgorithm = "md5") {
    // Code goes here...
}</code>

Copy after login

Modified Encryption Process

To use the evpKDF() function, the encrypted password in JavaScript should include a generated salt. Here's the updated CryptoJS code:

<code class="javascript">    var encryptedPassword = CryptoJS.AES.encrypt(password, "Secret Passphrase");
    var ivHex = encryptedPassword.iv.toString();
    var ivSize = encryptedPassword.algorithm.ivSize; // same as blockSize
    var keySize = encryptedPassword.algorithm.keySize;
    var keyHex = encryptedPassword.key.toString();
    var saltHex = encryptedPassword.salt.toString(); // must be sent
    var openSslFormattedCipherTextString = encryptedPassword.toString(); // not used
    var cipherTextHex = encryptedPassword.ciphertext.toString(); // must be sent</code>

Copy after login

Decryption Process in PHP

On the server side in PHP, retrieve the salt and ciphertext from the request. Then, use the evpKDF() function to derive the key and IV based on the password and salt:

<code class="php">$keyAndIV = evpKDF("Secret Passphrase", hex2bin($saltHex));</code>

Copy after login

Finally, perform decryption with MCrypt:

<code class="php">$decryptPassword = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, 
        $keyAndIV["key"], 
        hex2bin($cipherTextHex), 
        MCRYPT_MODE_CBC, 
        $keyAndIV["iv"]);</code>

Copy after login

This should successfully decrypt the password encrypted using CryptoJS with AES. Additionally, a version using the OpenSSL extension is provided as an alternative to MCrypt.

The above is the detailed content of How to Decrypt AES Encryption in PHP with MCrypt Using evpKDF()?. For more information, please follow other related articles on the PHP Chinese website!