AES encrypt in Node.js Decrypt in PHP. Fail.

Question

In node.js, I use the build in function to encrypt data like that:

var text = \"Yes\";
var password = \"123456\";
var encrypt = crypto.createCipher(\'aes-256         


        

Answer 1

I'm just starting messing around with node.js but I think your problem is related to mismatching IVs. Try doing the following instead:

var encrypt = crypto.createCipheriv('aes-256-cbc', password, /* password.createHash('md5').toHex()*/);

_{PS: I'm not sure how to create an MD5 hash in node.js, you'll have to figure it out for yourself and change the above code accordingly.}

And in PHP:

$decrypt = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($encrypted), MCRYPT_MODE_CBC, md5($key)), "\0");

This should make sure both implementations use the same initialization vector.

I also recommend that your make the following changes:

• password: md5(original_password)
• iv = md5(md5(original_password))

This will make sure PHP won't throw any stupid errors. See Best way to use PHP to encrypt and decrypt passwords?