php 使用算法A256GCMKW和编码A256GCM解密JWE令牌

pdsfdshx 于 2023-10-15 发布在 PHP

关注(0)|答案(1)|浏览(166)

JWE代币eyJlbmMiOiJBMjU2R0NNIiwidGFnIjoiY2QtQk5BTVI0VkdzRk1RMndvNXB6dyIsImFsZy I6IkEyNTZHQ01LVyIsIml2IjoiZjY0R05sR01aMVpKY3kxWSJ9.Z1ps3c2qJ_CuNU4XcT-qQsT0vBIGTwM36ps5NntBrug.3g5dmQhc9ZGHXWQr. 7U1ORK-pzz6eNuU5ZG8AdaNNynlTo4cr4xCV3ZAAzXF3Ta9424OIf0LmMr0DITrtuSV0o0LA DHY160ePLAbPCWAD。NzGJvxa7xlZyWPORCJ3GwQ
密钥776 F65257 B2 E3138323 E3 E27582 D46444 A4 C527 A5 F626 B6 C 05672 B122 B373 B31（十六进制）d29 lJXsuMTgyPj 4 nWC 1GREpMUnpfYmtsBWcrumber 3 OzE =（base64）
可以在PHP中编译吗？
我在Trying to decrypt with aes-256-gcm with php and key中尝试了代码
它可以处理发布的数据，但不能处理我的令牌和密钥

<?php
// base64url_decode from: https://www.php.net/manual/de/function.base64-encode.php#121767
function base64url_decode( $data ){
  return base64_decode(strtr( $data, '-_', '+/') . str_repeat('=', 3 - ( 3 + strlen( $data )) % 4 ));
}

$textToDecrypt = "eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6IjFrQ1dpTXZKdFNIX3c1ZEwiLCJ0YWciOiJjT3k2TVhTenhaT3lCYi1WdXBfY1lnIiwiZW5jIjoiQTI1NkdDTSIsInR5cCI6IkpPU0UiLCJraWQiOiJmMGYwYjZmNi05NzJlLWQzMzgtNTZhNS0xZmZiY2NjNzcwMDEiLCJjaGFubmVsU2VjdXJpdHlDb250ZXh0IjoiU0hBUkVEX1NFQ1JFVCIsImlhdCI6IjE1ODc1Nzg4OTkifQ.O0y-pu5knc9IUAfAENoMwT_3LwW-oZzzItVxQD8UhHk.uFmZHB7BU9JlKRWC.7ZoJ0oTI8MWXIr4GtzziTw.6qdmvDbnZdi6zf34nhcnoQ";
//$textToDecrypt = "eyJlbmMiOiJBMjU2R0NNIiwidGFnIjoiY2QtQk5BTVI0VkdzRk1RMndvNXB6dyIsImFsZyI6IkEyNTZHQ01LVyIsIml2IjoiZjY0R05sR01aMVpKY3kxWSJ9.Z1ps3c2qJ_CuNU4XcT-qQsT0vBIGTwM36ps5NntBrug.3g5dmQhc9ZGHXWQr.7U1ORK-pzz6eNuU5ZG8AdaNNynlTo4cr4xCV3ZAAzXF3Ta9424OIf0LmMr0DITrtuSV0o0LADHY160ePLAbPCWAD.NzGJvxa7xlZyWPORCJ3GwQ";

$parts = explode(".",$textToDecrypt);

// Header, IV, tag
$headerB64 = $parts[0];
$header = base64url_decode($headerB64);

$headerJSON = json_decode($header);
$ivKW = base64url_decode($headerJSON->iv);
$tagKW = base64url_decode($headerJSON->tag);

// Ciphertext
$ciphertextKW = base64url_decode($parts[1]);

// Key derivation via password (as already supplied in the posted code)
$password = "-1FwMVo7r{}B17iqly51zM3zvOAh0/r9636-NOXS";
//$password = "d29lJXsuMTgyPj4nWC1GREpMUnpfYmtsBWcrEis3OzE=";
$keyKW = substr(hash('sha256', $password, true), 0, 32);

// Decrypt key
$decryptedKey = openssl_decrypt($ciphertextKW, "aes-256-gcm", $keyKW,  OPENSSL_RAW_DATA, $ivKW, $tagKW);
print("Decrypted key (hex): " . bin2hex($decryptedKey) . "\n");

// IV, ciphertext, tag
$ivCT = base64url_decode($parts[2]);
$ciphertextCT = base64url_decode($parts[3]);
$tagCT = base64url_decode($parts[4]);

// Decrypt ciphertext
$decryptedText = openssl_decrypt($ciphertextCT, "aes-256-gcm", $decryptedKey,  OPENSSL_RAW_DATA, $ivCT, $tagCT, $headerB64);
print("Decrypted ciphertext: " . $decryptedText . "\n");

php

来源：https://stackoverflow.com/questions/77231336/decrypt-a-jwe-token-using-algorithm-a256gcmkw-and-encoding-a256gcm