Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/brainfoolong/cryptojs-aes-php

CryptoJS AES encryption/decryption on client side with Javascript and on server side with PHP
https://github.com/brainfoolong/cryptojs-aes-php

aes-encryption cryptojs javascript php

Last synced: 18 days ago
JSON representation

CryptoJS AES encryption/decryption on client side with Javascript and on server side with PHP

Host: GitHub
URL: https://github.com/brainfoolong/cryptojs-aes-php
Owner: brainfoolong
License: mit
Archived: true
Created: 2014-12-20T16:25:56.000Z (almost 10 years ago)
Default Branch: master
Last Pushed: 2024-08-15T19:44:19.000Z (3 months ago)
Last Synced: 2024-09-15T22:38:20.430Z (about 2 months ago)
Topics: aes-encryption, cryptojs, javascript, php
Language: PHP
Homepage:
Size: 125 KB
Stars: 399
Watchers: 31
Forks: 158
Open Issues: 0
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Security: SECURITY.md

Awesome Lists containing this project

README

        # CryptoJS AES encryption/decryption on client side with Javascript and on server side with PHP

[![Tests](https://github.com/brainfoolong/cryptojs-aes-php/actions/workflows/tests.yml/badge.svg)](https://github.com/brainfoolong/cryptojs-aes-php/actions/workflows/tests.yml)

A tool to AES encrypt/decrypt data in javascript and/or PHP. You can use it for PHP only, for Javascript only or mix it

together.

It uses default `aes-256-cbc` implementation with random salts and random initialization vector. This library does not

support other ciphers or modes.

## Features

* Encrypt any value in Javascript (objects/array/etc...) - Everything that can be passed to `JSON.stringify`

* Encrypt any value in PHP  (object/array/etc...) - Everything that can be passed to `json_encode`

* Decrypt in PHP/Javascript, doesn't matter where you have encrypted the values

## How to use

###### PHP | See [dist/example-php.php](https://github.com/brainfoolong/cryptojs-aes-php/blob/master/dist/example-php.php)

You need the file `src/CryptoJsAes.php`

```php

    (function () {

        // encrypt value

        let valueToEncrypt = 'foobar' // this could also be object/array/whatever

        let password = '123456'

        let encrypted = CryptoJSAesJson.encrypt(valueToEncrypt, password)

        console.log('Encrypted:', encrypted)

        // something like: {"ct":"10MOxNzbZ7vqR3YEoOhKMg==","iv":"9700d78e12910b5cccd07304333102b7","s":"c6b0b7a3dc072248"}

    })()

    (function () {

        // decrypt value

        let encrypted = '{"ct":"hQDvpbAKTGp1mXgzSShR9g==","iv":"57fd85773d898d1f9f868c53b436e28f","s":"a2dac436512077c5"}'

        let password = '123456'

        let decrypted = CryptoJSAesJson.decrypt(encrypted, password)

        console.log('Decrypted:', decrypted)

    })()

```

## Composer Install

    composer require brainfoolong/cryptojs-aes-php

## Supported PHP versions

* 8.x

* 7.x

* 5.x (head to the [legacy branch](https://github.com/brainfoolong/cryptojs-aes-php/tree/legacy))

## Security Notes

Since the time that this library has been created, encryption technologies has been evolved. This library and using

AES-256-CBC encryption is still good and safe but there are (maybe) already better alternatives than this library or

CryptoJS itself. If you require really high security, you should invest more time for what is suitable for you.

Also, there's a good article about PHP issues/info related to this

library: https://stackoverflow.com/questions/16600708/how-do-you-encrypt-and-decrypt-a-php-string/30159120#30159120

## Alternatives - ASCON

You may wonder if there are alternatives to AES encryption that you can use in PHP/JS. ASCON is a newer, lightweight cipher that have been selected in 2023 by the [NIST](https://csrc.nist.gov/projects/lightweight-cryptography) as the new standard for lightweight cryptography, which may suite your needs. I have created libraries for both PHP and JS which you can find at https://github.com/brainfoolong/php-ascon and https://github.com/brainfoolong/js-ascon

## Requirements

* PHP with OpenSSL Support: http://php.net/manual/en/openssl.installation.php

* Does not work with following php.ini option enabled: http://php.net/manual/en/mbstring.overload.php

## Changelog

* 2.3.0 - Dez 2023

    * upgraded CryptoJS to v4.2.0

* 2.2.0 - 13. June 2023

    * fixed implicit true to 1 conversion by using proper OPENSSL flag (thx @benjumanji)

    * added tests for php and js

    * added a js console warning for passphrases with non ASCII characters, as it is and was never supported

    * minor improved php decrypt to avoid one useless hash cycle

* 2.1.1 - 15. January 2021

    * just a few documentation and composer fixes

* 2.1.0 - 30. December 2020

    * added quick decrypt and encrypt functions: `CryptoJSAesJson.encrypt()` and `CryptoJSAesJson.decrypt()` - See

      examples for more information

* 2.x.x - 7. April 2020

    * Upgraded project to namespaces