I’m having issue to convert following javascript encryption logic to PHP, this javascript library cannot be found on internet so there is no documentation or clue where to start.
It seem the encryption is using AES method but it weird because AES only accept input string and secret, the iv didn’t match the variable s on the javascript (not 16bits)
function doCheckR() { var string= "10000395351475"; console.log("this is plain processing of string : "+string); var a = ManualJS.jun.Des.parse("79540e250fdb16afac03e19c46dbdeb3"), s = ManualJS.jun.Des.parse("eb2bb9425e81ffa942522e4414e95bd0"), result = ManualJS.MDX.goinstring(string, a, { ii: s }); console.log("this is a : "+a); console.log("this is s : "+s); console.log("this is result : "+result); result = result.rabbittext.toString(ManualJS.jun.Text21); console.log("final result for urlencoded : "+encodeURIComponent(result)); }
https://jsfiddle.net/8swegkv6/3/
Thanks
Advertisement
Answer
The following code is simple AES CBC en-/decryption without any proper exception handling and for educational purposes only.
All credits go to @Topaco who examined the algorithm & mode, key and iv.
Please don’t use this code in production as it uses static key & iv!
result:
* * * encryption * * * ciphertext: lOv3As5iF/wk/1LYB+68gw== result urlencod: lOv3As5iF%2Fwk%2F1LYB%2B68gw%3D%3D result expected: lOv3As5iF%2Fwk%2F1LYB%2B68gw%3D%3D * * * decryption * * * decryptedtext: 10000395351475 string : 10000395351475
code:
<?php echo 'https://stackoverflow.com/questions/63447664/convert-javascript-encryption-logic-to-php-probably-aes-method' . PHP_EOL; $string = "10000395351475"; $aKey = "79540e250fdb16afac03e19c46dbdeb3"; $sIv = "eb2bb9425e81ffa942522e4414e95bd0"; // encryption echo '* * * encryption * * *' . PHP_EOL; $ciphertext = openssl_encrypt($string, "aes-128-cbc", hex2bin($aKey), 0, hex2bin($sIv)); echo 'ciphertext: ' . $ciphertext . PHP_EOL; $ciphertextUrlencoded = urlencode($ciphertext); echo 'result urlencod: ' . $ciphertextUrlencoded . PHP_EOL; echo 'result expected: ' . 'lOv3As5iF%2Fwk%2F1LYB%2B68gw%3D%3D' . PHP_EOL; // decryption echo '* * * decryption * * *' . PHP_EOL; $decryptedtext = openssl_decrypt(urldecode($ciphertextUrlencoded), "aes-128-cbc", hex2bin($aKey), 0, hex2bin($sIv)); echo 'decryptedtext: ' . $decryptedtext . PHP_EOL; echo 'string : ' . $string . PHP_EOL; ?>