-Decrypt SHA256 ionic & PHP

Greetings, comrades, someone here to help me please. I’m encrypting data with aes256, https://ionicframework.com/docs/native/aes256/ is in my function:

encriptar(encrypt) {
return this.aes256.encrypt(this.secureKey, this.secureIV, encrypt )
.then((encrypt
) => {
this.desencriptar(encrypt
);
return encrypt_;
} )
.catch((error: any) => console.error(error));
}

the value of

this.secureKey = “12345678910123456789012345678901”

and from

this.SecureIv = “1234567891123456”

Which in ionic encrypts and decrypts correctly. the error occurs when this encrypted data sent by api rest and in my backend php does not decrypt me my php function:

<?php define('AES_256_CBC', 'aes-256-cbc'); $encryption_key = "12345678910123456789012345678901"; $iv = "1234567891123456"; $encrypted = "0csm3Gjm6Q+ZNa+sjI+SYg== "; $encrypted = $encrypted . ':' . $iv; $parts = explode(':', $encrypted); echo "encriptado base64 : ".base64_encode($encrypted); echo "
"; echo $parts[0]; echo "
"; $decrypted = openssl_decrypt(base64_decode($parts[0]) , AES_256_CBC, $encryption_key, 0, $iv) ; echo "Decrypted: $decrypted\n"; ?>

If you are baking secrets like symmetric encryption keys into an Ionic app, there is no point in using encryption at all. Anybody with a copy of the app binary can decrypt everything sent by your app.

Please please please do not try to invent cryptographic protocols. It is extremely hard to do, even for experts. Instead take the time to clearly define what information you are trying to secure from what attack vector, look for an existing peer-reviewed industry standard protocol that fits your use case, and then seek an implementation of that protocol that can easily be incorporated in an Ionic app.

1 Like

Please I just tried implementing AES256 in ionic 4 and I get this error
index.js:166 Uncaught TypeError: Object(…) is not a function
at index.js:166
at Module…/node_modules/@ionic-native/aes-256/index.js (index.js:245)
at webpack_require (bootstrap:83)
at Module…/src/app/app.module.ts (app.component.ts:12)
at webpack_require (bootstrap:83)
at Module…/src/main.ts (main.ts:1)
at webpack_require (bootstrap:83)
at Object.0 (main.ts:13)
at webpack_require (bootstrap:83)
at checkDeferredModules (bootstrap:45)

Even though I’ve add ‘AES256’ in Provider @ appmodule…I still get error.

have you found any solution then please give