CryptoJS AES-128-ECB 和 PHP openssl_encrypt 不匹配

Question

我有一些关于 PHP 的代码，这些代码无法编辑，并且数据库中充满了这种方式的加密消息。

$key = '297796CCB81D2553B07B379D78D87618'
return $encrypted = openssl_encrypt($data, 'AES-128-ECB', $key);

我必须编写一些 JS 代码来加密和解密这些消息。我为此目的使用 CryptoJS。

const key = '297796CCB81D2553B07B379D78D87618'
let k = CryptoJS.enc.Base64.parse(key)
let cypher = CryptoJS.AES.encrypt(this.text, k, {mode: CryptoJS.mode.ECB})
this.cypher = CryptoJS.enc.Base64.stringify(cypher.ciphertext)

我无法让这些代码产生相同的结果。对于“测试”字符串，我得到以下结果：JS: H1AG6j/i/iSqifSNCG5JKw==，PHP: Nqrur4UMEicEMwJC39qq0A==

我正在尝试解决此问题 3 天，但我找不到问题所在。 我唯一可以编辑的代码是 JS。

Answer 1

我发现了问题所在。 PHP 中的 openssl_encrypt 将密钥作为 UTF-8 字符串。在获得足够的长度后，它会忽略下一个字符，因此我们的键：'297796CCB81D2553B07B379D78D87618' 修剪为 '297796CCB81D2553'。 此代码有效：

// JS 
const key = '297796CCB81D2553'
let k = CryptoJS.enc.Utf8.parse(key)
let cypher = CryptoJS.AES.encrypt(this.text, k, {mode: CryptoJS.mode.ECB})
this.cypher = CryptoJS.enc.Base64.stringify(cypher.ciphertext) 

Answer 2

如果您在 PHP 部分中将方法更改为 AES-256-ECB，那么它将使用相同的密钥（长度）。正是因为 CryptoJS.AES，它自己根据密钥的长度来选择方法。

https://cryptojs.gitbook.io/docs/#the-cipher-algorithms

AES-256-CBC 示例

/*
    CryptoJS (JS) chooses the AES method by size of the key,
    for AES-256 you need 256 bit key (32 1-byte chars).
    For AES-128 you have to change substr() from "32" to "16" in this script below (in both PHP and JS part) and change $method in PHP part to "AES-128-CBC".
    Default CryptoJS mode is CBC.

    Openssl (PHP) AES-CBC cipher expects 128 bit iv (16 1-byte chars).
*/


/* JS */


// Substances
var data = "Data",
    salt = CryptoJS.SHA256( "Salt" ),
    iv   = CryptoJS.SHA1( "Vector" ),
    key  = CryptoJS.SHA256( "Key" );

// Prepare substances
salt = salt.toString( CryptoJS.enc.Base64 );
iv   = iv.toString( CryptoJS.enc.Base64 ).substr( 0, 16 );
iv   = CryptoJS.enc.Utf8.parse( iv );
key  = key.toString( CryptoJS.enc.Base64 ).substr( 0, 32 );
key  = CryptoJS.enc.Utf8.parse( key );

// Cipher
var encrypted = CryptoJS.AES.encrypt( salt + data, key, { iv: iv });

// Results
console.log( "SALT\n"       + salt );
console.log( "IV\n"         + encrypted.iv.toString( CryptoJS.enc.Utf8 ));
console.log( "KEY\n"        + encrypted.key.toString( CryptoJS.enc.Utf8 ));
console.log( "ENCRYPTED\n"  + encrypted.toString());


/* PHP */


// Substances
$data   = "Data";
$salt   = openssl_digest( "Salt",   "SHA256" );
$iv     = openssl_digest( "Vector", "SHA1" );
$key    = openssl_digest( "Key",    "SHA256" );

// Method
$method = "AES-256-CBC";

// Prepare substances
$salt   = base64_encode( hex2bin( $salt ));
$iv     = substr( base64_encode( hex2bin( $iv )),  0, 16 );
$key    = substr( base64_encode( hex2bin( $key )), 0, 32 );

// Cipher
$encrypted = openssl_encrypt( $salt .$data, $method, $key, 0, $iv );

// Results
var_dump([  "SALT"      => $salt,
            "IV"        => $iv,
            "KEY"       => $key,
            "ENCRYPTED" => $encrypted ]);

/*
    Results CryptoJS (JS):

    SALT: yDtwME1gxORm3S1FKrWukVtQJ2/EYSTt3j49voeKTf4=
    IV:   pX4G9FSRBn8DEoT7
    KEY:  S4VjDgGFIBNzA2jl8Ta6/iiIWJgtTgWF
    ENCRYPTED
    5y8MvyMiCUjTQJUxtRNZzuYSWwSoY9edMO0o6aQoSX0t4NZWnnViPotU8vkMtgfBuZ6F1FfE/ZJZvafdtGVHJQ==

    Results openssl_encrypt (PHP):

    SALT: yDtwME1gxORm3S1FKrWukVtQJ2/EYSTt3j49voeKTf4=
    IV:   pX4G9FSRBn8DEoT7
    KEY:  S4VjDgGFIBNzA2jl8Ta6/iiIWJgtTgWF
    ENCRYPTED
    5y8MvyMiCUjTQJUxtRNZzuYSWwSoY9edMO0o6aQoSX0t4NZWnnViPotU8vkMtgfBuZ6F1FfE/ZJZvafdtGVHJQ==
*/