Laravel 5 - Decrypt Crypt::encrypt in Javascript

Solution 1

Using laravel 5.1 and CryptoJS which can be found at (https://code.google.com/p/crypto-js/).

in .env set:

1. APP_KEY=uberkeythatrocks

in config/app.php set:

2. 'cipher' => 'AES-256-CBC'

in MyController.php:

3. $mySecret = "Something I wanna hide from them";

4. $encrypted = Crypt::encrypt($mySecret);

in index.js:

5. var key = "uberkeythatrocks";

6. var decrypted = CryptoJS.AES.decrypt(encrypted, key);

7. var readable = decrypted.toString(CryptoJS.enc.Utf8);

IMPORTANT: The 'key' in PHP must be the same with 'key' in JS and the 'cipher' in PHP must be the same in JS however, CryptoJS will automatically select either AES-128-CBC or AES-256-CBC depending on the length of your 'key'. Although laravel 5.1 default 'cipher' is AES-256-CBC so I would suggest you get your 'key' from .env file to use in JS.

To change or generate a new 'key' from Laravel

1. C:/mylaravel> php artisan key:generate [enter]

To use AES-128-CBC

1. Edit config/app.php and set 'cipher' => 'AES-128-CBC'

then

2. C:/mylaravel> php artisan key:generate [enter]

NOTE that the change of 'key' will mean that an existing user account login password will not work unless you delete the user and then create new.

HOPE THIS HELPS! :)

Solution 2

CryptoJs and Laravel 6 & 7.x

Place a Mix variable inside .env file

MIX_APP_KEY=${APP_KEY}

See: https://laravel.com/docs/7.x/mix#environment-variables

In /resources/assets/js/app.js add:

const CryptoJS = require("crypto-js");

window.decrypt = (encrypted) => {
    let key = process.env.MIX_APP_KEY.substr(7);
    var encrypted_json = JSON.parse(atob(encrypted));
    return CryptoJS.AES.decrypt(encrypted_json.value, CryptoJS.enc.Base64.parse(key), {
        iv : CryptoJS.enc.Base64.parse(encrypted_json.iv)
    }).toString(CryptoJS.enc.Utf8);
};

And finally somewhere in your script you can decrypt like so:

console.log(decrypt(encrypted_text)); 

Solution 3

I SOLVE THIS:

I'm using Laravel Framework 5.7.28 and i want to decrypt some users passwords in my node.js application

For Decrypt in my Js file i include CryptoJS and Base64 JS

Here is the code:

$key is the APP_KEY that you have in your .env file
$encrypted is what you encrypt with the Crypt::encrypt in laravel

var CryptoJS = require("crypto-js");
var Base64 = require('js-base64').Base64;


var encrypted = '{{ $encrypted }}';
var key = "{{ $key }}";

var encrypted_json = JSON.parse(Base64.decode(encrypted));


// Now I try to decrypt it.
var decrypted = CryptoJS.AES.decrypt(encrypted_json.value, CryptoJS.enc.Base64.parse(key), {
       iv : CryptoJS.enc.Base64.parse(encrypted_json.iv)
});

console.log(decrypted.toString(CryptoJS.enc.Utf8));