-
-
Save huzemin/e8d7a904cec55d4d7635c9322f143c42 to your computer and use it in GitHub Desktop.
| import CryptoJS from "crypto-js"; | |
| const LaravelEncrypt = function (key) { | |
| this.key = key; | |
| } | |
| LaravelEncrypt.prototype.decrypt = function (encryptStr) { | |
| encryptStr = CryptoJS.enc.Base64.parse(encryptStr); | |
| let encryptData = encryptStr.toString(CryptoJS.enc.Utf8); | |
| encryptData = JSON.parse(encryptData); | |
| let iv = CryptoJS.enc.Base64.parse(encryptData.iv); | |
| var decrypted = CryptoJS.AES.decrypt(encryptData.value, CryptoJS.enc.Utf8.parse(this.key), { | |
| iv : iv, | |
| mode: CryptoJS.mode.CBC, | |
| padding: CryptoJS.pad.Pkcs7 | |
| }); | |
| decrypted = CryptoJS.enc.Utf8.stringify(decrypted); | |
| return decrypted; | |
| }; | |
| LaravelEncrypt.prototype.encrypt = function (data) { | |
| let iv = CryptoJS.lib.WordArray.random(16), | |
| key = CryptoJS.enc.Utf8.parse(this.key); | |
| let options = { | |
| iv: iv, | |
| mode: CryptoJS.mode.CBC, | |
| padding: CryptoJS.pad.Pkcs7 | |
| }; | |
| let encrypted = CryptoJS.AES.encrypt(data, key, options); | |
| encrypted = encrypted.toString(); | |
| iv = CryptoJS.enc.Base64.stringify(iv); | |
| let result = { | |
| iv: iv, | |
| value: encrypted, | |
| mac: CryptoJS.HmacSHA256(iv + encrypted, key).toString() | |
| } | |
| result = JSON.stringify(result); | |
| result = CryptoJS.enc.Utf8.parse(result); | |
| return CryptoJS.enc.Base64.stringify(result); | |
| }; | |
| export default LaravelEncrypt; |
hi @tim-reynolds-thegrommet & @careless10 , im getting error when i tried to pass this encrypted data to Laravel 5.5 for further decryption. kindly give some idea
Illuminate \ Contracts \ Encryption \ DecryptException
The MAC is invalid.
hi @tim-reynolds-thegrommet & @careless10 , im getting error when i tried to pass this encrypted data to Laravel 5.5 for further decryption. kindly give some idea
Illuminate \ Contracts \ Encryption \ DecryptException
The MAC is invalid.
@huzemin @tim-reynolds-thegrommet & @careless10 & @vijaysapp Me too getting same error in Laravel 5.4 too. please help.
Thanks, Sorted using https://github.com/Kjuib/encryptLaravel5#readme
Hi @huzemin
Getting same error 'The MAC is invalid.' and it doesn't matter if it's "Utf8" or "Base64". Tried both cases. Context: laravel 7.x.
Any ideas, suggestions what can i do with this? I've spend a few days in order to solve this issue but i can't afford a result.
Regards,
Andrei
Hey @vijaysapp
Can you put the js code you used for encryption? I mean, with utf8 or base64...Just in case. Thx a lot!!
Hello @vijaysapp
Huge thx to you bro!!! You made my day!! It worked!!
Thanks
@vijaysapp I have to remove base64 in the js app but I can't solve this please help.
I have Getting the same error 'The MAC is invalid.' it doesn't matter if it's "Utf8" or "Base64". Tried both cases. Context: laravel 9.x.
just used the utf8 code. but we should remove the base64: from key value[copy laravel app key & remove base64: in JS app]. thats all
…
On Fri, Dec 4, 2020 at 12:17 AM Vesterli Andrei @.> wrote: @.* commented on this gist. ------------------------------ Hey @vijaysapp https://github.com/vijaysapp Can you put the js code you used for encryption? I mean, with utf8 or base64...Just in case. Thx a lot!! — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://gist.github.com/e8d7a904cec55d4d7635c9322f143c42#gistcomment-3549304, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQDVWPQXODRSE7FCR7M5HFDSS7MMJANCNFSM4ODAPYHQ .
-- thanks & regards Vijayaragavan Project Manager [email protected] [email protected] http://annsys.com/ http://annsys.com/ * http://annsys.com/*
This is my JS code.
let iv = CryptoJS.lib.WordArray.random(16),
// Remove 'base64' part from the .env's APP_KEY
key = CryptoJS.enc.Base64.parse(appKey.slice(7));
let options = {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7,
};
// I'm using JSON.stringify(data) instead of just data
let encrypted = CryptoJS.AES.encrypt(JSON.stringify(data), key, options);
encrypted = encrypted.toString();
iv = CryptoJS.enc.Base64.stringify(iv);
let result = {
iv: iv,
value: encrypted,
mac: CryptoJS.HmacSHA256(iv + encrypted, key).toString(),
};
result = JSON.stringify(result);
result = CryptoJS.enc.Utf8.parse(result);
return CryptoJS.enc.Base64.stringify(result);
Then, use decrypt inside laravel without unserializing.
decrypt(encryptedData, unserialize:false);
This is my JS code.
let iv = CryptoJS.lib.WordArray.random(16), // Remove 'base64' part from the .env's APP_KEY key = CryptoJS.enc.Base64.parse(appKey.slice(7)); let options = { iv: iv, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, }; // I'm using JSON.stringify(data) instead of just data let encrypted = CryptoJS.AES.encrypt(JSON.stringify(data), key, options); encrypted = encrypted.toString(); iv = CryptoJS.enc.Base64.stringify(iv); let result = { iv: iv, value: encrypted, mac: CryptoJS.HmacSHA256(iv + encrypted, key).toString(), }; result = JSON.stringify(result); result = CryptoJS.enc.Utf8.parse(result); return CryptoJS.enc.Base64.stringify(result);Then, use decrypt inside laravel without unserializing.
decrypt(encryptedData, unserialize:false);
You literally saved my life, thanks for your code.
I tried everything for something like 4 hours, but nothing works.
Send me your paypal, i will send you 10 bucks :D
@zlAxel No worries pal. Glad I could help.
@Sandeepa-Ceylonsoft I am still facing the issue
In my console it is throwing error
localhost/:1 Access to XMLHttpRequest at 'http://127.0.0.1:8000/api/login' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
and secondly for this in laravel decrypt(encryptedData, unserialize:false);
undefined variable decrypt
is decrypt is a function can u send me the code of laravel to decrypt.
by this code i decrypt data which comes from laravel to vuejs
let encryptStrVal = CryptoJS.enc.Base64.parse(encryptStr);
let encryptData = encryptStrVal.toString(CryptoJS.enc.Utf8);
encryptData = JSON.parse(encryptData);
let iv = CryptoJS.enc.Base64.parse(encryptData.iv);
var decrypted = CryptoJS.AES.decrypt(encryptData.value, CryptoJS.enc.Base64.parse(encryptionKey), {
iv : iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
decrypted = CryptoJS.enc.Utf8.stringify(decrypted);
now i am trying to decrypt data which post from vuejs to laravel using this process
let iv = CryptoJS.lib.WordArray.random(16);
let key = CryptoJS.enc.Base64.parse(encryptionKey);
let options = {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
};
let encrypted = CryptoJS.AES.encrypt(JSON.stringify(data), key, options);
encrypted = encrypted.toString();
iv = CryptoJS.enc.Base64.stringify(iv);
let result = {
iv: iv,
value: encrypted,
mac: CryptoJS.HmacSHA256(iv + encrypted, key).toString()
}
result = JSON.stringify(result);
result = CryptoJS.enc.Utf8.parse(result);
let encryptedData = CryptoJS.enc.Base64.stringify(result);
laravel code
$encryptionKey = env('APP_KEY');
$encryptedData = $request->input('encryptedData');
$encryptedData = base64_decode($encryptedData);
$data = json_decode($encryptedData, true);
$iv = base64_decode($data['iv']);
$value = $data['value'];
$mac = $data['mac'];
$computedMac = hash_hmac('sha256', $data['iv'] . $data['value'], base64_decode($encryptionKey));
if (!hash_equals($mac, $computedMac))
{
return response()->json(['error' => 'MAC verification failed'], 400);
}
$decryptedValue = Crypt::decrypt($value);
it's not working
I make some adjustment..
I'm using laravel v8.x and vuejs v3.
Assume both APP_KEY in Laravel and Vuejs are match. Do not forget to remove prefix base64: in .env vuejs
At laravel code:
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Log;
class Helper
{
public static function encrypt($text)
{
if ($text) {
try {
$text = (string)$text;
/** set unserialize to false */
$encrypted = Crypt::encrypt($text, false);
return $encrypted;
} catch (\Throwable $e) {
Log::error("error encrypt ", [$e->getMessage()]);
}
}
return "";
}
public static function decrypt($text)
{
if ($text) {
try {
/** set unserialize to false */
$decrypted = Crypt::decrypt($text, false);
return $decrypted;
} catch (\Exception $e) {
Log::error("error decrypt ", [$e->getMessage()]);
}
}
return "";
}
}
Then at vuejs:
import CryptoJS from "crypto-js";
const LaravelEncrypt = function (key) {
this.key = key;
};
LaravelEncrypt.prototype.decrypt = function (encryptStr) {
try {
encryptStr = CryptoJS.enc.Base64.parse(encryptStr);
let encryptData = encryptStr.toString(CryptoJS.enc.Utf8);
encryptData = JSON.parse(encryptData);
let iv = CryptoJS.enc.Base64.parse(encryptData.iv);
let decrypted = CryptoJS.AES.decrypt(encryptData.value, CryptoJS.enc.Base64.parse(this.key), {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
});
decrypted = CryptoJS.enc.Utf8.stringify(decrypted);
return decrypted;
} catch (error) {
return null;
}
};
LaravelEncrypt.prototype.encrypt = function (data) {
// Generate a random IV
let iv = CryptoJS.lib.WordArray.random(16);
// Parse the key into CryptoJS format
let key = CryptoJS.enc.Base64.parse(this.key);
// Encryption options
let options = {
iv: iv,
mode: CryptoJS.mode.CBC,
padding: CryptoJS.pad.Pkcs7
};
// Perform AES encryption
let encrypted = CryptoJS.AES.encrypt(data, key, options);
encrypted = encrypted.toString(); // Convert encrypted data to string
// Convert IV to Base64 format
iv = CryptoJS.enc.Base64.stringify(iv);
// Calculate HMAC for integrity check
let mac = CryptoJS.HmacSHA256(iv + encrypted, key).toString();
// Prepare final result as JSON object
let result = {
iv: iv,
value: encrypted,
mac: mac
};
// Convert result to UTF-8 encoded string and then Base64 format
result = JSON.stringify(result);
result = CryptoJS.enc.Utf8.parse(result);
return CryptoJS.enc.Base64.stringify(result);
};
export default LaravelEncrypt;
You just need to change the key from CryptoJS.enc.Utf8.parse(this.key) to CryptoJS.enc.Base64.parse(this.key) in vuejs.
Also set unserialize to false at decrypt and encrypt function in Laravel.
Thank you,
and thank you @tim-reynolds-thegrommet , for me to get this working i had to also change the line 12 that has also the same code as you mentioned,
CryptoJS.enc.Utf8.parse(this.key)to
CryptoJS.enc.Base64.parse(this.key)so for anyone who can't figure it out its line 12 and line 23.