{"id":2943,"date":"2018-07-20T10:47:09","date_gmt":"2018-07-20T10:47:09","guid":{"rendered":"https:\/\/www.mjtnet.com\/blog\/?p=2943"},"modified":"2018-07-20T10:58:19","modified_gmt":"2018-07-20T10:58:19","slug":"cross-language-128-and-256-bit-aes-encryption","status":"publish","type":"post","link":"https:\/\/www.mjtnet.com\/blog\/2018\/07\/20\/cross-language-128-and-256-bit-aes-encryption\/","title":{"rendered":"Cross Language 128 and 256 Bit AES Encryption"},"content":{"rendered":"

With Macro Scheduler<\/a> 14.4.10 we have added new 128 and 256 bit AES Encryption methods which interoperate well with other languages.<\/p>\n

Cross-platform\/cross-language encryption\/decryption can be tricky. Different text encodings, different padding formats and understanding how different algorithms derive keys and initialisation vectors can make encrypting and decrypting between one language and another a bit of a pain!<\/p>\n

Macro Scheduler’s AES function originally worked only on Unicode strings as this is the standard string format in Macro Scheduler. \u00a0Having had some issues trying to make this work between NodeJS and PHP we decided to create some new UTF8 based AES options (available in Macro Scheduler 14.4.10) which we have verified work well with PHP\/OpenSSL and NodeJS. \u00a0<\/p>\n

These new implementations provide 128 and 256 bit AES encryption. \u00a0They use CBC chaining method and use a SHA256 password. If using AES 128 the SHA256 password is truncated to the 32 byte key length. \u00a0By default the initialisation vector is set to “0000000000000000” but can be set to whatever you want (but must be 16 characters long). Padding is PKCS#5.<\/p>\n

Here is an example of AES_256:<\/p>\n

Let>AES_ALG=AES_256_CBC\r\nAESEncrypt>hello world,mypassword,ENCRYPT,result\r\nAESEncrypt>result,mypassword,DECRYPT,original<\/pre>\n
<\/ br>
\nHere is a compatible PHP example:<\/p>\n
data = \"hello world\";\r\n\r\n$method = 'AES-256-CBC';\r\n\r\n\/\/ simple password hash\r\n$password = 'mypassword';\r\n$key = hex2bin(substr(hash('sha256', $password),0,64));\r\n\r\necho \"Method: \" . $method . \"\\n\";\r\n$encrypted = encrypt($data, $key, $method);\r\necho \"Encrypted: \". $encrypted . \"\\n\";\r\n$decrypted = decrypt($encrypted, $key, $method);\r\necho \"Decrypted: \". $decrypted . \"\\n\"; \/\/ plain text\r\n\r\nfunction encrypt(string $data, string $key, string $method): string\r\n{\r\n  $iv = \"0000000000000000\";\r\n  $encrypted = openssl_encrypt($data, $method, $key, OPENSSL_RAW_DATA, $iv);\r\n  $encrypted = base64_encode($encrypted);\r\n  return $encrypted;\r\n}\r\n\r\nfunction decrypt(string $data, string $key, string $method): string\r\n{\r\n  $data = base64_decode($data);\r\n  $iv = \"0000000000000000\";\r\n  $data = openssl_decrypt($data, $method, $key, OPENSSL_RAW_DATA,$iv);\r\n  return $data;\r\n}\r\n<\/pre>\n
Try this PHP Code Here<\/a><\/p>\n
And here’s the Javascript equivalent:<\/p>\n
let data = 'hello world';\r\nlet password = 'mypassword';\r\nlet iv = '0000000000000000';\r\n\r\nlet password_hash = crypto.createHash('sha256').update(password,'utf8').digest('hex');\r\n\r\nlet key = hex2bin(password_hash);\r\npassword_hash = Buffer.alloc(32,key,\"binary\");\r\n\r\nlet cipher = crypto.createCipheriv('aes-256-cbc', password_hash, iv);\r\n\r\nlet encryptedData = cipher.update(data, 'utf8', 'base64') + cipher.final('base64');\r\n\r\nconsole.log('Base64 Encrypted:', encryptedData);\r\n\r\nlet decipher = crypto.createDecipheriv('aes-256-cbc', password_hash, iv);\r\n\r\nlet decryptedText = decipher.update(encryptedData, 'base64', 'utf8') + decipher.final('utf8');\r\n\r\nconsole.log('Decrypted Text:', decryptedText)\r\n\r\nfunction hex2bin(hex)\r\n{\r\n  var bytes = [], str;\r\n\r\n  for(var i=0; i< hex.length-1; i+=2)\r\n    bytes.push(parseInt(hex.substr(i, 2), 16));\r\n\r\n  return String.fromCharCode.apply(String, bytes);\r\n}<\/pre>\n
Try this Javascript code here.<\/a><\/p>\n
You can try the Javscript and PHP examples at repl.it<\/a>:<\/p>\n
https:\/\/repl.it\/@MarcusTettmar\/phpaes256cbc1<\/a>
\nhttps:\/\/repl.it\/@MarcusTettmar\/jsaes267cbc1<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
With Macro Scheduler 14.4.10 we have added new 128 and 256 bit AES Encryption methods which interoperate well with other languages. Cross-platform\/cross-language encryption\/decryption can be tricky. Different text encodings, different padding formats and understanding how different algorithms derive keys and initialisation vectors can make encrypting and decrypting between one language and another a bit of […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,11],"tags":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/posts\/2943"}],"collection":[{"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/comments?post=2943"}],"version-history":[{"count":12,"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/posts\/2943\/revisions"}],"predecessor-version":[{"id":2955,"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/posts\/2943\/revisions\/2955"}],"wp:attachment":[{"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/media?parent=2943"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/categories?post=2943"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mjtnet.com\/blog\/wp-json\/wp\/v2\/tags?post=2943"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}