openssl_encrypt cipher decypted using Crypto JS
I have a custom payment method on WordPress that processes the payment through a NodeJS API. For obvious reasons, I should encrypt some data, like credit card numbers and cvv2s.
This is how I encrypt my fields in PHP:
$cvv2 = openssl_encrypt(
$_POST['cvv2'],
'AES-256-CBC',
"2c2702d12c747661358dfe9b77425628", // Testing key, thats why its set like this
0
);
This is the output ciphered text: CRqJRoqHriB7X/u1bwSE1Q==
This is how I try to decrypt in JS
const key = "2cea02d12c747661358dfe9b77425628";
const dec = CryptoJS.AES.decrypt(cvv2,key);
console.log(dec.toString(CryptoJS.enc.Utf8))
But the output is always an empty string.
This is me decrypting it using an online tool
I am really frustrated as I cannot seem to make this work, no matter how much I read online. What could be the problem?
In the CryptoJS code, the key must be passed as WordArray (using a suitable encoder) and the zero IV (16 0x00 values) used implicitly in the PHP code must be specified explicitly.
The ciphertext must be passed as CipherParams object or Base64 encoded (the latter is implicitly converted to a CipherParams object):
const key = CryptoJS.enc.Utf8.parse("2cea02d12c747661358dfe9b77425628");
const iv = CryptoJS.lib.WordArray.create([], 16);
const ciphertext = "CRqJRoqHriB7X/u1bwSE1Q==";
const dec = CryptoJS.AES.decrypt(ciphertext, key, {iv: iv});
console.log(dec.toString(CryptoJS.enc.Base64));
console.log(dec.toString(CryptoJS.enc.Utf8));<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js"></script>Note that a static IV is insecure.
- Error when fetching and downloading images from CDN (S3) on Chrome and Safari
- How does the React hook useCallback recognize the function?
- JavaScript How to Dynamically Move Div by Clicking and Dragging
- mocking window.location.href in Javascript
- Fill With White, Out Of Bounds Part Of Image - Crop Image With CSS Transformations on it
- How to Detect Browser Back Button event - Cross Browser
- Check type of a function parameter
- how to show this.variable value in observer callback function in chrome debug mode
- I am getting these error everytime I try to run the react and node based code in my system , tried "reinstalling npm install" and everything
- Why `[1, 2, 3]` is not showing as an `Array(3)` in Console?
- Is this possible? Scroll slides to key points, like vertical paging
- Angular Previous page button getting disabled when the next page button gets clicked
- ReactJS vs NodeJS - Why do I need to create both?
- Console.log doesn't work, devtools console shows no errors
- How to calculate the execution time of an async function in JavaScript?
- Not able to change the title with metadata when using 'use client' in Next.js
- How do I pass a variable into regex with Node js?
- Why doesn't TypeScript enforce async/await on promise?
- Catch block not working in node fetch
- Creating a writable svelte store from loaded page data in sveltekit
- Best Way To Crossfade Text With a Fixed Height in an Absolute Div?
- Prevent text selection after double click
- Check for browser optional chaining support in Angular project
- Is there a way to create dynamic ranges given an array of values, and counting how many belong to each range
- Can't use type-fest GreaterThan as parameter type
- Is there a way to get the JSX/TSX of a React component from the code itself?
- Check if optional chaining is supported
- What is the best way to remove a table row with jQuery?
- How can I generate a list of random shades of a particular color? (e.g. random shade of orange)
- Proper way to catch exception from JSON.parse