i’m trying to encrypt and decrypt a simple message using AES, no success so far.
I share my code :
index.html
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Chiffrement AES</title>
<link rel="stylesheet" href="styles.css">
</head>
<body>
<div class="container">
<h2>Chiffrement AES</h2>
<textarea id="message" placeholder="Entrez votre message"></textarea>
<button onclick="encryptMessage()">Crypter</button>
<div id="encryptedMessage"></div>
</div>
<textarea id="encryptedText" placeholder="Entrez le message crypté"></textarea>
<button onclick="decryptMessage()">Décrypter</button>
<div id="decryptedMessage"></div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="script.js"></script>
</body>
</html>
script.js :
function encryptMessage() {
var message = $('#message').val();
$.post("encrypt.php", { message: message }, function(data) {
$('#encryptedMessage').text("Message crypté : " + data);
});
}
function decryptMessage() {
var encryptedText = $('#encryptedText').val();
$.post("decrypt.php", { encryptedText: encodeURIComponent(encryptedText) }, function(data) {
$('#decryptedMessage').html("Message décrypté : " + data);
});
}
encrypt.php :
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo "<pre>";
print_r($_POST);
echo "</pre>";
$message = $_POST['message'];
$secretKey = "CleSecrete";
$cipher = "aes-256-cbc";
$ivlen = openssl_cipher_iv_length($cipher);
$iv = openssl_random_pseudo_bytes($ivlen);
$encrypted = openssl_encrypt($message, $cipher, $secretKey, 0, $iv);
echo "Message: " . $message . "<br>";
echo "Encrypted Text: " . $encrypted . "<br>";
}
?>
decrypt.php :
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo "<pre>";
print_r($_POST);
echo "</pre>";
// Récupère le texte crypté envoyé depuis JavaScript et le décode
$encodedEncryptedText = $_POST['encryptedText'];
$encryptedText = urldecode($encodedEncryptedText);
// Clé utilisée pour le chiffrement (doit être la même que celle utilisée pour le chiffrement)
$secretKey = "CleSecrete";
// Algorithme de chiffrement et mode
$cipher = "aes-256-cbc";
// Longueur du vecteur d'initialisation pour l'algorithme de chiffrement
$expected_iv_length = openssl_cipher_iv_length($cipher);
// Récupération du vecteur d'initialisation et du texte chiffré
$iv = substr($encryptedText, 0, $expected_iv_length);
$encrypted = substr($encryptedText, $expected_iv_length);
// Affichage de la longueur attendue du vecteur d'initialisation
echo "Expected IV Length: " . $expected_iv_length . "<br>";
// Longueur réelle du vecteur d'initialisation reçu
$received_iv_length = strlen($iv);
echo "Received IV Length: " . $received_iv_length . "<br>";
if ($received_iv_length !== $expected_iv_length) {
echo "Error: Received IV Length does not match the expected length. Please check.<br>";
}
// Affichage du texte crypté reçu pour vérification
echo "Encrypted Text Received: " . $encryptedText . "<br>";
echo "IV: " . $iv . "<br>";
echo "Encrypted: " . $encrypted . "<br>";
// Décryptage du texte
$decrypted = openssl_decrypt($encrypted, $cipher, $secretKey, 0, $iv);
if ($decrypted === false) {
while ($msg = openssl_error_string()) {
echo $msg . "<br>";
}
} else {
// Affichage du texte décrypté pour vérification
echo "Decrypted Text: " . $decrypted . "<br>";
}
}
?>
here is the result after encrypting "hello world" :
Message crypté :
Array ( [message] => hello world )
Message: hello world
Encrypted Text: FS+bGfvAuuu9RWrjM0/yvQ==
here is the result after trying to decrypt the message FS+bGfvAuuu9RWrjM0/yvQ== :
Message décrypté :
Array
(
[encryptedText] => FS%2BbGfvAuuu9RWrjM0%2FyvQ%3D%3D
)
Expected IV Length: 16
Received IV Length: 16
Encrypted Text Received: FS+bGfvAuuu9RWrjM0/yvQ==
IV: FS+bGfvAuuu9RWrj
Encrypted: M0/yvQ==
error:1C80006B:Provider routines::wrong final block length
I tried lots of modifications but none were conclusive, can anyone help me?
thank you everyone
I tried to encrypt/decrypt nut it is not working yet
2
Answers
You can use CryptoJS library for decryption and customize this function due to your configurations.
It looks like there might be an issue with how you are handling the initialization vector (IV) during encryption and decryption. The IV used during encryption needs to be stored and passed along with the ciphertext during decryption.
Here are a few modifications you can make to your code:
1.Modify the Encryption Output:
Update your encrypt.php to include the IV in the output:
This ensures that both the IV and the encrypted data are properly concatenated and encoded before sending.
2.Update the Decryption Process:
Modify your decrypt.php to properly separate the IV and the encrypted data:
By separating the IV and the encrypted data, you ensure that the correct IV is used during decryption.
3.Update Your JavaScript:
Make sure to base64 encode the encrypted text before sending it in your
This ensures that the data is properly encoded before sending it to the server.
Try making these modifications, and it should resolve the issue you’re facing. Ensure that the IV is properly passed during encryption and used during decryption. Additionally, be consistent with base64 encoding and decoding to avoid data corruption during transmission.