Search code examples
javascriptphpencryptioncryptographyaes

Convert Javascript encryption logic to PHP (Probably AES Method)

I'm having issue to convert following javascript encryption logic to PHP, this javascript library cannot be found on internet so there is no documentation or clue where to start.

It seem the encryption is using AES method but it weird because AES only accept input string and secret, the iv didn't match the variable s on the javascript (not 16bits)

function doCheckR() {
  var string= "10000395351475";
  console.log("this is plain processing of string :  "+string);
  var a = ManualJS.jun.Des.parse("79540e250fdb16afac03e19c46dbdeb3"),
    s = ManualJS.jun.Des.parse("eb2bb9425e81ffa942522e4414e95bd0"),
    result = ManualJS.MDX.goinstring(string, a, {
        ii: s
    });
    console.log("this is a :  "+a);
    console.log("this is s :  "+s);
    console.log("this is result :  "+result);
  result = result.rabbittext.toString(ManualJS.jun.Text21);
  console.log("final result for urlencoded :  "+encodeURIComponent(result));
}

https://jsfiddle.net/8swegkv6/3/

Thanks

Solution

  • The following code is simple AES CBC en-/decryption without any proper exception handling and for educational purposes only.

    All credits go to @Topaco who examined the algorithm & mode, key and iv.

    Please don't use this code in production as it uses static key & iv!

    result:

    * * * encryption * * *
ciphertext:      lOv3As5iF/wk/1LYB+68gw==
result urlencod: lOv3As5iF%2Fwk%2F1LYB%2B68gw%3D%3D
result expected: lOv3As5iF%2Fwk%2F1LYB%2B68gw%3D%3D
* * * decryption * * *
decryptedtext: 10000395351475
string       : 10000395351475

    code:

    <?php
echo 'https://stackoverflow.com/questions/63447664/convert-javascript-encryption-logic-to-php-probably-aes-method' . PHP_EOL;
$string = "10000395351475";
$aKey = "79540e250fdb16afac03e19c46dbdeb3";
$sIv = "eb2bb9425e81ffa942522e4414e95bd0";
// encryption
echo '* * * encryption * * *' . PHP_EOL;
$ciphertext = openssl_encrypt($string, "aes-128-cbc", hex2bin($aKey), 0, hex2bin($sIv));
echo 'ciphertext:      ' . $ciphertext . PHP_EOL;
$ciphertextUrlencoded = urlencode($ciphertext);
echo 'result urlencod: ' . $ciphertextUrlencoded . PHP_EOL;
echo 'result expected: ' . 'lOv3As5iF%2Fwk%2F1LYB%2B68gw%3D%3D' . PHP_EOL;
// decryption
echo '* * * decryption * * *' . PHP_EOL;
$decryptedtext = openssl_decrypt(urldecode($ciphertextUrlencoded), "aes-128-cbc", hex2bin($aKey), 0, hex2bin($sIv));
echo 'decryptedtext: ' . $decryptedtext . PHP_EOL;
echo 'string       : ' . $string . PHP_EOL;
?>