-1

I have a function that decrypt AES-GCM encrypted text in Javascript. I would like to make it work in Php, so I can decipher messages sent by Javascript.

I have two functions: the first one imports and derives a password to a CryptoKey (with salt), the second one uses the CryptoKey to decipher the encrypted message.

    async importAESGCMKeyFromPassword(password, salt){
        const enc = new TextEncoder()

        const keyMaterial = await window.crypto.subtle.importKey(
            'raw', 
            enc.encode(password), 
            { name: 'PBKDF2' }, 
            false, 
            ['deriveBits', 'deriveKey']
        )

        return window.crypto.subtle.deriveKey(
            {
                'name': 'PBKDF2',
                salt: Buffer.from(salt, 'base64'), 
                'iterations': 1000,
                'hash': 'SHA-256'
            },
            keyMaterial,
            { 'name': 'AES-GCM', 'length': 256},
            true,
            [ 'encrypt', 'decrypt' ]
        )
    },
    
    async decryptAESGCM(key, iv, message){
        if( typeof message != 'string' ) return null
        let result
        try{
            result = await window.crypto.subtle.decrypt(
                {
                    name: 'AES-GCM',
                    iv: Buffer.from(iv, 'base64')
                },
                key,
                Buffer.from(message, 'base64')
            )
        }catch(error){
            return null
        }
        const dec = new TextDecoder()
        return dec.decode(result)
    },

How can I convert them in php code ?

I tried this way https://stackoverflow.com/questions/65930881/decrypting-a-string-encrypted-by-php-with-aes256-gcm-using-openssl-in-c-sharp But it does not seems to work...

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Ensiqice
  • 1
  • 3
  • Post your PHP code and describe the problem. Also share some test data. – Topaco Mar 19 '23 at 13:04
  • Done, just updated – Ensiqice Mar 19 '23 at 13:47
  • Just a quick shot - in Js you are running 100000 iterations and in PHP its 1000 only... – Michael Fehr Mar 19 '23 at 14:07
  • The test data cannot be decrypted with the JavaScript code. Complete the posted JavaScript code so that we can verify that this data is indeed decryptable with the JavaScript code. – Topaco Mar 19 '23 at 14:10
  • Thanks for your help. I updated iterations count, and figured out the default tag size was 128 bits, so I updated the code to show the working one :) – Ensiqice Mar 19 '23 at 14:55

1 Answers1

0

Here is the php code that seems to work :

$encrypted = base64_decode($encrypted);
$salt = base64_decode($salt);
$iv = base64_decode($iv);
$key = hash_pbkdf2('sha256', $password, $salt, 1000, 256/8, true);
$tag = substr($encrypted, -16, 16);
$encrypted = substr($encrypted, 0, -16);
return openssl_decrypt($encrypted, 'aes-256-gcm', $key, OPENSSL_RAW_DATA, $iv, $tag);
Ensiqice
  • 1
  • 3