I am trying to create a PHP equivalent to this JS code with CryptoJS:

function aesEncrypt (data) {
   const key = 'GSTEGSTEjdfheyhdHSHSHSHDHHDHmdjjdn12ndndn5r=';
   const iv = '\0';
   
   const cipher = CryptoJS.AES.encrypt(data, CryptoJS.enc.Base64.parse(key), {
       iv: CryptoJS.enc.Utf8.parse(iv), // parse the IV 
       padding: CryptoJS.pad.Pkcs7,
       mode: CryptoJS.mode.CBC
   })
   
   return cipher.toString()
}

result of the js code : pHjpwiyKq7Rf4dFcBMbm1w==

here is the PHP code I wrote by reading other stackoverflow questions. But it did not return the same result.

    $plaintext  = "plainText";
    $method     = 'aes-256-cbc';
    
    $key = base64_encode("GSTEGSTEjdfheyhdHSHSHSHDHHDHmdjjdn12ndndn5r=");
    $iv  = hex2bin('00000000000000000000000000000000');
            
    $ciphertext = openssl_encrypt(
                                   $plaintext,
                                   $method,
                                   $key,
                                   OPENSSL_RAW_DATA,
                                   $iv
                                );
    
    $ciphertext = base64_encode($ciphertext);
    
    echo $ciphertext; 

result of the PHP code : YJOMi2vISmEXIjUZls3MA==

CodePudding user response：

In the PHP code, the key must be Base64 decoded and not Base64 encoded:

$key = base64_decode("GSTEGSTEjdfheyhdHSHSHSHDHHDHmdjjdn12ndndn5r=");

With this change the desired ciphertext is created.

Note that the ciphertext is Base64 encoded by default if 0 is passed instead of OPENSSL_RAW_DATA in the fourth parameter of the openssl_encrypt() call. The explicit Base64 encoding of the ciphertext is then not necessary.

Keep in mind that a static IV is insecure. Usually during encryption a random IV is generated, which is passed to the decrypting side along with the ciphertext (typically concatenated).