你在两边做的不是同一件事。

四

你确实在CryptoJS中解析了IV，但忘记在PHP中这样做了：

$iv_dec = pack('H*', "101112131415161718191a1b1c1d1e1f");

要修复IV错误，您可能会注意到前16个字节是乱码。当IV错误时会发生这种情况。请注意，CryptoJS默认使用CBC模式，因此IV在解密过程中只对第一个块有影响。删除这个：

$ciphertext_dec = substr($ciphertext_dec, 16);

填充

你可能已经注意到了，大多数明文都不正确。它们以一些奇怪的重复字符结尾。这是CryptoJS中默认应用的PKCS#7填充。你必须在PHP中自己删除填充。好消息是Maarten Bodewes为这个here提供了一个合适的复制粘贴解决方案。
trim()可能适用于ZeroPadding，但当使用PKCS#7中定义的适当填充方案时则不适用。您可以完全删除trim()调用，因为它没有用处，并且可能导致意外的纯文本，因为零字节和空白从开始到结束都被修剪。

如果您没有在JS部分发送iv设置，并且使用默认设置进行设置，则PHP函数如下所示。

Js段

let value = "Hello ehsan";
let encrypted = CryptoJS.AES.encrypt(value, key);

PHP部分

function cryptoJs_aes_decrypt($data, $key)
{
    $data = base64_decode($data);
    if (substr($data, 0, 8) != "Salted__") {
        return false;
    }
    $salt = substr($data, 8, 8);
    $keyAndIV = aes_evpKDF($key, $salt);
    $decryptPassword = openssl_decrypt(
        substr($data, 16),
        "aes-256-cbc",
        $keyAndIV["key"],
        OPENSSL_RAW_DATA, // base64 was already decoded
        $keyAndIV["iv"]
    );
    return $decryptPassword;
}

function cryptoJs_aes_encrypt($data, $key)
{

    $salted = "Salted__";
    $salt = openssl_random_pseudo_bytes(8);

    $keyAndIV = aes_evpKDF($key, $salt);
    $encrypt  = openssl_encrypt(
        $data,
        "aes-256-cbc",
        $keyAndIV["key"],
        OPENSSL_RAW_DATA, // base64 was already decoded
        $keyAndIV["iv"]
    );
    return  base64_encode($salted . $salt . $encrypt);
}

function aes_evpKDF($password, $salt, $keySize = 8, $ivSize = 4, $iterations = 1, $hashAlgorithm = "md5")
{
    $targetKeySize = $keySize + $ivSize;
    $derivedBytes = "";
    $numberOfDerivedWords = 0;
    $block = NULL;
    $hasher = hash_init($hashAlgorithm);
    while ($numberOfDerivedWords < $targetKeySize) {
        if ($block != NULL) {
            hash_update($hasher, $block);
        }
        hash_update($hasher, $password);
        hash_update($hasher, $salt);
        $block = hash_final($hasher, TRUE);
        $hasher = hash_init($hashAlgorithm);

        // Iterations
        for ($i = 1; $i < $iterations; $i++) {
            hash_update($hasher, $block);
            $block = hash_final($hasher, TRUE);
            $hasher = hash_init($hashAlgorithm);
        }

        $derivedBytes .= substr($block, 0, min(strlen($block), ($targetKeySize - $numberOfDerivedWords) * 4));

        $numberOfDerivedWords += strlen($block) / 4;
    }
    return array(
        "key" => substr($derivedBytes, 0, $keySize * 4),
        "iv"  => substr($derivedBytes, $keySize * 4, $ivSize * 4)
    );
}

你好啊
为了实现这一点，应该考虑使用的关键和iv与32十六进制数字，每个，我必须解决正是这个做我的东西，这里是它的方式

<!--
This reach.your.crypto.js is just a ficticious placeholder, 
that was used replaced by http://crypto-js.googlecode.com/svn/tags/3.1.2/build/,
which does not exist anymore,
which is the path to your CryptoJS library,
that can be downloaded through 
https://code.google.com/archive/p/crypto-js/downloads?page=1
-->
<script src="reach.your.crypto.js/rollups/aes.js">
</script>

<script type="text/javascript">
//The key and iv should be 32 hex digits each, any hex digits you want, 
//but it needs to be 32 on length each
var key = CryptoJS.enc.Hex.parse("0123456789abcdef0123456789abcdef");
var iv =  CryptoJS.enc.Hex.parse("abcdef9876543210abcdef9876543210");

/*
if you wish to have a more friendly key, you can convert letters to Hex this way:
var a = "D";
var hex_D = a.charCodeAt(0).toString(16);
just to mention,
if it were to binary, it would be:
var binary_D = a.charCodeAt(0).toString(2);
*/

var secret = "Hi, this will be seen uncrypted later on";

//crypted
var encrypted = CryptoJS.AES.encrypt(secret, key, {iv:iv});
//and the ciphertext put to base64
encrypted = encrypted.ciphertext.toString(CryptoJS.enc.Base64);    
//Assuming you have control on the server side, and know the key and iv hexes(we do),
//the encrypted var is all you need to pass through ajax,
//Let's follow with welcomed pure JS style, to reinforce one and other concept if needed
var xh = new XMLHttpRequest();
xh.open("POST", "decrypt_in_php.php", true);
xh.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xh.send("encrypted="+encodeURIComponent(encrypted));
</script>

现在用PHP接收和解密

<?php
//Here we have the key and iv which we know, because we have just chosen them on the JS,
//the pack acts just like the parse Hex from JS

$key = pack("H*", "0123456789abcdef0123456789abcdef");
$iv =  pack("H*", "abcdef9876543210abcdef9876543210");

//Now we receive the encrypted from the post, we should decode it from base64,
$encrypted = base64_decode($_POST["encrypted"]);
$shown = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $encrypted, MCRYPT_MODE_CBC, $iv);

echo $shown;
//Although the decrypted is shown, there may be needed to trim and str_replace some \r \n \x06 \x05, if there is not a better "trim" way to do it though
?>

有了这个，我们将有回“嗨，这将是看到解密后”：）

以下是基于此注解的解决方案，使用PHP中的openssl_decrypt。

JavaScript部分（使用浏览器的NodeJS开发）-首先，使用npm install crypto-js安装CryptoJS，然后安装JS代码：

import aes from 'crypto-js/aes'
import encHex from 'crypto-js/enc-hex'
import padZeroPadding from 'crypto-js/pad-zeropadding'

// message to encrypt
let msg = "Hello world";

// the key and iv should be 32 hex digits each, any hex digits you want, but it needs to be 32 on length each
let key = encHex.parse("0123456789abcdef0123456789abcdef");
let iv =  encHex.parse("abcdef9876543210abcdef9876543210");

// encrypt the message
let encrypted = aes.encrypt(msg, key, {iv:iv, padding:padZeroPadding}).toString();

// and finally, send this "encrypted" string to your server

在PHP端，您的代码将如下所示：

// we use the same key and IV
$key = hex2bin("0123456789abcdef0123456789abcdef");
$iv =  hex2bin("abcdef9876543210abcdef9876543210");

// we receive the encrypted string from the post
$encrypted = $_POST['decrypt'];
$decrypted = openssl_decrypt($encrypted, 'AES-128-CBC', $key, OPENSSL_ZERO_PADDING, $iv);
// finally we trim to get our original string
$decrypted = trim($decrypted);