CryptoJS使用密码加密AES，但是PHP解密需要一个密钥 [英] CryptoJS encrypts AES with passphrase but PHP decrypt needs a key

问题描述

我正在使用 CryptoJS 加密字符串：

I am using CryptoJS to encrypt a string:

  function doHash(msg){
    msg = String(msg);
    var passphrase = 'aggourakia';
    var hash = CryptoJS.AES.encrypt(msg, passphrase);
    var ciphertext=  hash.ciphertext.toString(); //return ciphertext instead of object
    return ciphertext;      
}

据了解， CryptoJS 使用密码生成密钥，然后用于加密数据。 p>

As I understand it, CryptoJS uses the passphrase to generate a key, which is then used to encrypt the data.

然而，我想使用PHP函数解密密码，也可以
这样的在线工具： http://aesencryption.net/

问题是这些期望密钥，不是密码。

如何直接提供密钥到CryptoJS AES，我可以在服务器端使用或任何在线工具解密？

How can I supply directly a key to the CryptoJS AES, which I can use on the server-side or any online tool to decrypt?

事情是，我已经有一个很难找到PHP功能来解密AES密码，这个密码/关键的事情是增加了复杂度。

The thing is, I already have a really hard time finding PHP functions to decrypt AES ciphers already, and this passphrase/key thing is adding to the complexity

推荐答案

如果要提供 直接您也应该提供 IV 。需要IV（初始化向量），因此它可以与消息的第一个块进行异或运算。然后第一个块的密文与消息的第二个块进行异或等等。这称为密码链接（CBC）。 p>

If you want to supply the key directly you should supply IV too. The IV (initialization vector) is needed so it can be XOR'ed with the 1st block of the message. Then the ciphertext of the first block is XOR'ed with the 2nd block of the message and so on. This is called cipher-block chaining (CBC).

var key = CryptoJS.enc.Hex.parse('000102030405060708090a0b0c0d0e0f');
var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f');

var encrypted = CryptoJS.AES.encrypt("Message", key, { iv: iv });

这是从CryptoJS文件 https://code.google.com/p/crypto-js/#Custom_Key_and_IV

This is from CryptoJS docs https://code.google.com/p/crypto-js/#Custom_Key_and_IV

你可以用@Narf写的 PBKDF2 生成键和IV。 https://code.google.com/p/crypto-js/#PBKDF2

You can generate keys and IVs with PBKDF2 like @Narf wrote. https://code.google.com/p/crypto-js/#PBKDF2

关于PHP： mcrypt 具有AES 128的MCRYPT_RIJNDAEL_128密码.MCRYPT_RIJNDAEL_192和MCRYPT_RIJNDAEL_256与AES 192和AES 256不兼容，因为AES使用所有密钥大小的128位块。 Rijndael有一个可配置的块大小。如果您使用128位密钥，CryptoJS将使用128位AES，如果您使用接受密码的功能，则使用256位AES。

About PHP: mcrypt has MCRYPT_RIJNDAEL_128 cipher which is AES 128. MCRYPT_RIJNDAEL_192 and MCRYPT_RIJNDAEL_256 are not compatible with AES 192 and AES 256 because AES uses 128 bit block with all key sizes. Rijndael's has a configurable block size. CryptoJS will use 128bit AES if you supply a 128 bit key it will use 256 bit if you use the function that accepts a passphrase.

这篇关于CryptoJS使用密码加密AES，但是PHP解密需要一个密钥的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！