huzemin/laravel-encrypt.js

vikasvyas47 · 2024-03-22T12:15:31Z

by this code i decrypt data which comes from laravel to vuejs

let encryptStrVal = CryptoJS.enc.Base64.parse(encryptStr);
let encryptData = encryptStrVal.toString(CryptoJS.enc.Utf8);
encryptData = JSON.parse(encryptData);

  let iv = CryptoJS.enc.Base64.parse(encryptData.iv);
  
  var decrypted = CryptoJS.AES.decrypt(encryptData.value,  CryptoJS.enc.Base64.parse(encryptionKey), {
        iv : iv,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.Pkcs7
    });
    
  decrypted = CryptoJS.enc.Utf8.stringify(decrypted);

now i am trying to decrypt data which post from vuejs to laravel using this process

  let iv = CryptoJS.lib.WordArray.random(16);

let key = CryptoJS.enc.Base64.parse(encryptionKey);

let options = {
    iv: iv,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7
};
let encrypted = CryptoJS.AES.encrypt(JSON.stringify(data), key, options);

encrypted = encrypted.toString();
iv = CryptoJS.enc.Base64.stringify(iv);
let result = {
    iv: iv,
    value: encrypted,
    mac: CryptoJS.HmacSHA256(iv + encrypted, key).toString()
}
result = JSON.stringify(result);
result = CryptoJS.enc.Utf8.parse(result);
let encryptedData = CryptoJS.enc.Base64.stringify(result);

laravel code 
$encryptionKey = env('APP_KEY');
   $encryptedData = $request->input('encryptedData');

   $encryptedData = base64_decode($encryptedData);
   $data  = json_decode($encryptedData, true);

   $iv    = base64_decode($data['iv']);
   $value = $data['value'];
   $mac   = $data['mac'];

   $computedMac = hash_hmac('sha256', $data['iv'] . $data['value'], base64_decode($encryptionKey));

   if (!hash_equals($mac, $computedMac)) 
   {
      return response()->json(['error' => 'MAC verification failed'], 400);
   }
   
  $decryptedValue = Crypt::decrypt($value);
  
  it's not working

flickervale · 2024-07-11T07:06:54Z

I make some adjustment..
I'm using laravel v8.x and vuejs v3.

Assume both APP_KEY in Laravel and Vuejs are match. Do not forget to remove prefix base64: in .env vuejs

At laravel code:

use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Log;

class Helper
{
  public static function encrypt($text)
      {
          if ($text) {
              try {
                  $text = (string)$text;
                  /** set unserialize to false */
                  $encrypted = Crypt::encrypt($text, false);
                  return $encrypted;
              } catch (\Throwable $e) {
                  Log::error("error encrypt ", [$e->getMessage()]);
              }
          }
          return "";
      }
  
   public static function decrypt($text)
      {
          if ($text) {
              try {
                  /** set unserialize to false */
                  $decrypted = Crypt::decrypt($text, false);
                  return $decrypted;
              } catch (\Exception $e) {
                  Log::error("error decrypt ", [$e->getMessage()]);
              }
          }
          return "";
      }
}

Then at vuejs:

import CryptoJS from "crypto-js";

const LaravelEncrypt = function (key) {
    this.key = key;
};

LaravelEncrypt.prototype.decrypt = function (encryptStr) {
    try {
        encryptStr = CryptoJS.enc.Base64.parse(encryptStr);
        let encryptData = encryptStr.toString(CryptoJS.enc.Utf8);
        encryptData = JSON.parse(encryptData);

        let iv = CryptoJS.enc.Base64.parse(encryptData.iv);
        let decrypted = CryptoJS.AES.decrypt(encryptData.value, CryptoJS.enc.Base64.parse(this.key), {
            iv: iv,
            mode: CryptoJS.mode.CBC,
            padding: CryptoJS.pad.Pkcs7
        });

        decrypted = CryptoJS.enc.Utf8.stringify(decrypted);
        return decrypted;
    } catch (error) {
        return null;
    }
};

LaravelEncrypt.prototype.encrypt = function (data) {
    // Generate a random IV
    let iv = CryptoJS.lib.WordArray.random(16);

    // Parse the key into CryptoJS format
    let key = CryptoJS.enc.Base64.parse(this.key);

    // Encryption options
    let options = {
        iv: iv,
        mode: CryptoJS.mode.CBC,
        padding: CryptoJS.pad.Pkcs7
    };

    // Perform AES encryption
    let encrypted = CryptoJS.AES.encrypt(data, key, options);
    encrypted = encrypted.toString(); // Convert encrypted data to string

    // Convert IV to Base64 format
    iv = CryptoJS.enc.Base64.stringify(iv);

    // Calculate HMAC for integrity check
    let mac = CryptoJS.HmacSHA256(iv + encrypted, key).toString();

    // Prepare final result as JSON object
    let result = {
        iv: iv,
        value: encrypted,
        mac: mac
    };

    // Convert result to UTF-8 encoded string and then Base64 format
    result = JSON.stringify(result);
    result = CryptoJS.enc.Utf8.parse(result);
    return CryptoJS.enc.Base64.stringify(result);
};

export default LaravelEncrypt;

You just need to change the key from CryptoJS.enc.Utf8.parse(this.key) to CryptoJS.enc.Base64.parse(this.key) in vuejs.
Also set unserialize to false at decrypt and encrypt function in Laravel.

huzemin/laravel-encrypt.js

vikasvyas47 commented Mar 22, 2024

flickervale commented Jul 11, 2024 •

edited

Loading

	import CryptoJS from "crypto-js";

	const LaravelEncrypt = function (key) {
	this.key = key;
	}

	LaravelEncrypt.prototype.decrypt = function (encryptStr) {
	encryptStr = CryptoJS.enc.Base64.parse(encryptStr);
	let encryptData = encryptStr.toString(CryptoJS.enc.Utf8);
	encryptData = JSON.parse(encryptData);
	let iv = CryptoJS.enc.Base64.parse(encryptData.iv);
	var decrypted = CryptoJS.AES.decrypt(encryptData.value, CryptoJS.enc.Utf8.parse(this.key), {
	iv : iv,
	mode: CryptoJS.mode.CBC,
	padding: CryptoJS.pad.Pkcs7
	});
	decrypted = CryptoJS.enc.Utf8.stringify(decrypted);
	return decrypted;
	};

	LaravelEncrypt.prototype.encrypt = function (data) {
	let iv = CryptoJS.lib.WordArray.random(16),
	key = CryptoJS.enc.Utf8.parse(this.key);
	let options = {
	iv: iv,
	mode: CryptoJS.mode.CBC,
	padding: CryptoJS.pad.Pkcs7
	};
	let encrypted = CryptoJS.AES.encrypt(data, key, options);
	encrypted = encrypted.toString();
	iv = CryptoJS.enc.Base64.stringify(iv);
	let result = {
	iv: iv,
	value: encrypted,
	mac: CryptoJS.HmacSHA256(iv + encrypted, key).toString()
	}
	result = JSON.stringify(result);
	result = CryptoJS.enc.Utf8.parse(result);
	return CryptoJS.enc.Base64.stringify(result);
	};

	export default LaravelEncrypt;

huzemin/laravel-encrypt.js

vikasvyas47 commented Mar 22, 2024

flickervale commented Jul 11, 2024 • edited Loading

flickervale commented Jul 11, 2024 •

edited

Loading