请大佬们帮忙一下，使用JavaScript的aesjs进行数据加密，如何转化成PHP的加密方式

li914 更新于2022-05-10

这是 JavaScript的aesjs进行数据加密代码

const aesjs = require('aes-js');
const Counter = aesjs.Counter
const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'
const aesSuffix = '12345678'
const hexPrefix = '22222222'
const hexSuffix = '33333333'

const generateRandomNum = (min, max) => {
    if (max === undefined || min === undefined) {
        return false
    }
    const num = Math.floor(Math.random() * (max - min + 1) + min)
    return num
}
//对称加解密code
const generateCode = (len = 8) => {
    const maxPos = chars.length
    let code = ''
    for (let i = 0; i < len; i++) {
        const randomNum = generateRandomNum(0, maxPos - 1)
        const char = chars.charAt(randomNum)
        code += char
    }
    return code
}

const encrypt = (data, key) => {
    const hexData = hexPrefix + Buffer.from(data).toString('hex') + hexSuffix
    console.log('hexData == ',hexData)
    console.log('key + aesSuffix == ',key + aesSuffix)
    const cipher = new aesjs.ModeOfOperation.ctr(Buffer.from(key + aesSuffix), new Counter(5))

    const encrypted = cipher.encrypt(Buffer.from(hexData, 'hex'))
    return Buffer.from(aesjs.utils.hex.fromBytes(encrypted)).toString('hex')
}

let key = generateCode();
let pass = encrypt('1a',key);

搞了一下午，没有改成PHP的加密方式

 1087  3 0

3个回答

liziyu 2022-05-09

mark

li914 2022-05-10

额大佬不要mark

nitron 2022-05-10

你这个没写全啊..
decrypt没写,很多定西都没法去,比如encrypt里头尾加了东西
encrypt写了, 但是在加密内容头尾加了料 2222222 就是4个双引号, 3333333就是4个3
然后key size是要求16/24/32 bytes的,你这上面对key也没做处理

按照你上面的代码推断,大概是下面这样,你上面的generatecode和generaterandomnum没用到,就不写了

<?php

function run($data, $key) {
    $aesSuffix = '12345678';
    $hexPrefix = '22222222';
    $hexSuffix = '33333333';
    $algorithm = "aes-256-ctr";
    $buffer = bin2hex($data);
    $hexData = "{$hexPrefix}{$buffer}{$hexSuffix}";
    $key = bin2hex("{$key}{$aesSuffix}");
    $iv = "0000000000000005";   // Counter(5);
    // Encrypted
    $encrypted_data = openssl_encrypt($hexData, $algorithm, $key, OPENSSL_RAW_DATA, $iv);
    echo "Encrypted: ".bin2hex($encrypted_data).PHP_EOL;
    //Decrypt
    $decrypted_data = openssl_decrypt($encrypted_data, $algorithm, $key, OPENSSL_RAW_DATA, $iv);
    echo "Decrypted: ".$decrypted_data.PHP_EOL;
    $obuffer = ltrim($decrypted_data, $hexPrefix);
    $obuffer = rtrim($obuffer, $hexSuffix);
    echo $obuffer.PHP_EOL;
    echo hex2bin($obuffer);
}

run("you are not here", "b1234567");

li914 2022-05-10

写全了，只是忘了写调用代码
nitron 2022-05-10

generatecode就是随机从'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'拿8个出来当key(默认8个),这个你可以自己实现 , 加上aesSuffix的8个字母就是 16bytes, 我看aes-js的文档,根据key长度用不同的方式
16位就是用aes-128-ctr. 24是aes-196-ctr, 32是aes-256-ctr. 把我上面的aes-256-ctr改成aes-128-ctr就行
nitron 2022-05-10

实际上改不改不影响,可以正常加解密
li914 2022-05-10

谢谢大佬今天上午我自己也搞了一个只是我对 $hexData $iv 进行了 hex2bin 才得到的结果进行了两次 bin2hex 才得到js的结果

li914 2022-05-10

nitron 2022-05-10

[捂脸],我写的时候忘记把iv转了, 因为counter(5)实际就是js的[00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,05],
下午忙里偷闲写的,就验证了enc和dec的结果是否一致,没有去跟你那个js的enc/dec做比较
li914 2022-05-10

大佬威武
li914 2022-05-10

谢谢大佬
nitron 2022-05-10

补充一下,你那个$aesSuffix,$hexPrefix,$hexSuffix,还有iv可以单独提出来做类成员,这样做decrypt的时候会方便点
nitron 2022-05-10

我不是大佬,你客气了
li914 2022-05-10

我只是进行写验证以及测试，具体使用不是我 --.--