How can I decrypt an encrypted string like dIwykUwOomuWcdw/QX/Aig== in AES 256 CBC mode with the key ds8am3wys3pd75nf0ggtvajw2k3uny92 and iv jm8lgqa3j1d0ajus as the picture below just with javascript (not Nodejs). I used to try with CryptoJs library but the result not like I expected.
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/pbkdf2.js"></script>
<script>
var str = 'dIwykUwOomuWcdw/QX/Aig==';
var key = 'ds8am3wys3pd75nf0ggtvajw2k3uny92';
var iv = 'jm8lgqa3j1d0ajus';
var encrypted = CryptoJS.AES.encrypt("2730007809303", key, { iv: iv });
var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv});
var base64_str = decrypted.toString(CryptoJS.enc.Base64);
console.log(atob(base64_str))
</script>
By the way, how can I convert input string dIwykUwOomuWcdw/QX/Aig== as encrypted object above ?
Your code snippet is almost right. However, the key must not be passed as a string, otherwise CryptoJS will interpret it as a passphrase and generate the actual key and IV from it [1], with an insecure algorithm by the way. Instead, key and IV must be passed as WordArray, which is easily achieved using the encoders [2]. Since key and IV are Utf8-strings in this example, they must be parsed with the Utf8-encoder. Then you will get the desired ciphertext of the web page. Be aware that encrypt returns a CipherParams-object that encapsulates the ciphertext among other data [3]. Furthermore, you don't need the Base64-detour and should decode the decrypted data directly as UTF8-string:
var key = CryptoJS.enc.Utf8.parse('ds8am3wys3pd75nf0ggtvajw2k3uny92'); // Use Utf8-Encoder.
var iv = CryptoJS.enc.Utf8.parse('jm8lgqa3j1d0ajus'); // Use Utf8-Encoder
var encryptedCP = CryptoJS.AES.encrypt("2730007809303", key, { iv: iv });
var decryptedWA = CryptoJS.AES.decrypt(encryptedCP, key, { iv: iv});
var encryptedBase64 = encryptedCP.toString(); // Short for: encryptedCP.ciphertext.toString(CryptoJS.enc.Base64);
var decryptedUtf8 = decryptedWA.toString(CryptoJS.enc.Utf8); // Avoid the Base64 detour.
// Alternatively: CryptoJS.enc.Utf8.stringify(decryptedWA);
console.log("Ciphertext (Base64) : " + encryptedBase64)
console.log("Decrypted data (Utf8): " + decryptedUtf8);
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.js"></script>
Note that the CBC-mode and PKCS7-padding are implicitly used, which are the default parameters of CryptoJS [4], so it is not necessary to specify them explicitly.
Update:
If the ciphertext is a string or a WordArray, a CipherParams-object must be created from it, because the decrypt-method expects an object of this type [5]. The entirety of all data encapsulated by the CipherParams-object can be most easily taken from its definition [6]. In the current case at least the ciphertext must be specified as WordArray. Optionally a formatter can be specified which determines the formatting strategy of toString() (if used):
var key = CryptoJS.enc.Utf8.parse('ds8am3wys3pd75nf0ggtvajw2k3uny92'); // Use Utf8-Encoder.
var iv = CryptoJS.enc.Utf8.parse('jm8lgqa3j1d0ajus'); // Use Utf8-Encoder
var ciphertext = CryptoJS.enc.Base64.parse('dIwykUwOomuWcdw/QX/Aig=='); // Use Base64-Encoder.
var encryptedCP = CryptoJS.lib.CipherParams.create({
ciphertext: ciphertext,
formatter: CryptoJS.format.OpenSSL // Optional, but required for encryptedCP.toString()
});
var decryptedWA = CryptoJS.AES.decrypt(encryptedCP, key, { iv: iv});
var encryptedBase64 = encryptedCP.toString(); // Short for: encryptedCP.ciphertext.toString(CryptoJS.enc.Base64);
var decryptedUtf8 = decryptedWA.toString(CryptoJS.enc.Utf8); // Avoid the Base64 detour.
// Alternatively: CryptoJS.enc.Utf8.stringify(decryptedWA);
console.log("Ciphertext (Base64) : " + encryptedBase64)
console.log("Decrypted data (Utf8): " + decryptedUtf8);
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.js"></script>
Related
I have a TCP server that is receiving information via direct IP. I am receiving this information encrypted in AES-128-CBC.(hex byte buffer) I then turn the buffer into a string of hex bytes with no spaces. "originalMsg"
I get passed the IV, the encrypted message, and I have the key hardcoded. I still can't get the message to decrypt correctly. I will usually get a completely different decryption or an empty string. I am assuming one or more of my variables is in the wrong format?
I have zero experience with cryptology before this week but this is my task. So, I apologize if the problem is something miniscule.
I am receiving the data from my colleague from C language. I have a fear that CryptoJS isn't compatible with the data I am being passed? Any help is much appreciated.
code.js
const CryptoJS = require("crypto-js");
var originalMsg = "5303F15FB8317A010300000000000001F3E0C003E24340E4E4"
var encrypted = "00000003C4302B119E7BB9C36655F6BCDF251808C6748A11949A89309AD17600F6164FF45CDC"
var key = "242E389B1672B4ECEA92FE7466DF3A52"
var iv = "0000E34500FF0000000000FF00000000"
var decryptData2 = function(encryptedData) {
var C = CryptoJS;
var Key = CryptoJS.enc.Hex.parse("242E389B1672B4ECEA92FE7466DF3A52")
var IV = CryptoJS.enc.Hex.parse("0000E34500FF0000000000FF00000000")
// I have tried
var decryptedText = C.AES.decrypt(encryptedData, Key, {
iv: IV,
mode: C.mode.CBC,
padding: C.pad.Pkcs7
});
return decryptedText.toString(CryptoJS.enc.Utf8);
}
var result = decryptData2(CryptoJS.enc.Hex.parse("00000003C4302B119E7BB9C36655F6BCDF251808C6748A11949A89309AD17600F6164FF45CDC"))
console.log(result);
Edit:
Updated iv and encrypted variables
//old vars
encrypted ="00000003C4302B119E7BB9C36655F6BCDF251808C6748A11949A89309AD17600F6164FF45CDC"
iv = "02C4100000E34500FF0000000000FF00"
It's always good to rely on sample data because that helps a lot in finding a working solution. Below you find a sample program that is been able to decrypt the message.
Some remarks how it works:
a) I'm converting all given data to Crypto-JS word arrays to be compatible with the cryptography methods:
var key = CryptoJS.enc.Hex.parse("242E389B1672B4ECEA92FE7466DF3A52");
b) to see what encrypted data I should use for decryption I'm first encrypting the originalMsg and get this output:
ciphertext: 2b119e7bb9c36655f6bcdf251808c6748a11949a89309ad17600f6164ff45cdc
c.txt exp: 00000003c4302b119e7bb9c36655f6bcdf251808c6748a11949a89309ad17600f6164ff45cdc
The first line is the encrypted "originalMsg", the second line is the data you identified as "encrypted" - see the difference ? As I earlier commented the encrypted value is 6 bytes too long (it has to be multiples of 16, your "encrypted" is 38 bytes long).
c) trying to decrypt needs an input in base64 encoding (there are other ways, this way is the most convenient way for me to use it here) so first I'm encoding the word array "encrypted" to (Base64 encoded) "encryptedBase64" and present the string to the aesCbcDecrypt function. As the data is too long there is no output.
var encryptedBase64 = CryptoJS.enc.Base64.stringify(encrypted);
var decrypted = aesCbcDecrypt(key, iv, encryptedBase64);
console.log("decrypted: " + decrypted);
result:
decrypted:
d) now I'm cutting off the first 6 bytes (12 hex "characters") from encrypted and use the remaining data for the same decryption function:
var encrypted2 = CryptoJS.enc.Hex.parse("2B119E7BB9C36655F6BCDF251808C6748A11949A89309AD17600F6164FF45CDC");
console.log("encrypted2 length: " + encrypted2.sigBytes);
var encrypted2Base64 = CryptoJS.enc.Base64.stringify(encrypted2);
var decrypted2 = aesCbcDecrypt(key, iv, encrypted2Base64);
console.log("decrypted2: " + decrypted2);
console.log("orig.Msg : " + originalMsgHex);
result:
decrypted2: 5303f15fb8317a010300000000000001f3e0c003e24340e4e4
orig.Msg : 5303F15FB8317A010300000000000001F3E0C003E24340E4E4
The decrypted2 value is now equal to the originalMsg.
If you like to see the code running in an online compiler - here is the link: https://repl.it/#javacrypto/SoCryptoJsDecrypt#index.js
I leave it up to you to put this information together to get a programmatically solution as this should only explain how to get the dercrypted data.
complete output:
key length: 16
iv length: 16
ciphertext: 2b119e7bb9c36655f6bcdf251808c6748a11949a89309ad17600f6164ff45cdc
c.txt exp: 00000003c4302b119e7bb9c36655f6bcdf251808c6748a11949a89309ad17600f6164ff45cdc
encrypted length: 38
decrypted:
encrypted2 length: 32
decrypted2: 5303f15fb8317a010300000000000001f3e0c003e24340e4e4
orig.Msg : 5303F15FB8317A010300000000000001F3E0C003E24340E4E4
Security warning: the code does have no exception handling and is for educational purpose only.
complete code:
const CryptoJS = require("crypto-js");
var originalMsgHex = "5303F15FB8317A010300000000000001F3E0C003E24340E4E4";
var originalMsg = CryptoJS.enc.Hex.parse(originalMsgHex);//("5303F15FB8317A010300000000000001F3E0C003E24340E4E4");
var encrypted = CryptoJS.enc.Hex.parse("00000003C4302B119E7BB9C36655F6BCDF251808C6748A11949A89309AD17600F6164FF45CDC");
var key = CryptoJS.enc.Hex.parse("242E389B1672B4ECEA92FE7466DF3A52");
var iv = CryptoJS.enc.Hex.parse("0000E34500FF0000000000FF00000000");
console.log("key length: " + key.sigBytes);
console.log("iv length: " + iv.sigBytes);
// encryption of originalMsg
var ciphertext = aesCbcEncrypt(key, iv, originalMsg);
console.log("ciphertext: " + ciphertext);
console.log("c.txt exp: " + encrypted);
// decryption of encryption fails due to wrong length (not multiple of 16)
console.log("encrypted length: " + encrypted.sigBytes); // result: 38
// prepare encrypted for decryption by base64encoding
var encryptedBase64 = CryptoJS.enc.Base64.stringify(encrypted);
var decrypted = aesCbcDecrypt(key, iv, encryptedBase64);
console.log("decrypted: " + decrypted);
// cutting off the first 6 bytes from encrypted
var encrypted2 = CryptoJS.enc.Hex.parse("2B119E7BB9C36655F6BCDF251808C6748A11949A89309AD17600F6164FF45CDC");
console.log("encrypted2 length: " + encrypted2.sigBytes);
var encrypted2Base64 = CryptoJS.enc.Base64.stringify(encrypted2);
var decrypted2 = aesCbcDecrypt(key, iv, encrypted2Base64);
console.log("decrypted2: " + decrypted2);
console.log("orig.Msg : " + originalMsgHex);
function aesCbcEncrypt(keyF, ivF, data) {
const cipher = CryptoJS.AES.encrypt(data, keyF,
{
iv: ivF,
padding: CryptoJS.pad.Pkcs7,
mode: CryptoJS.mode.CBC
});
return cipher.ciphertext;
}
function aesCbcDecrypt(keyF, ivF, ciphertext) {
const cipher = CryptoJS.AES.decrypt(ciphertext, keyF,
{
iv: ivF,
padding: CryptoJS.pad.Pkcs7,
mode: CryptoJS.mode.CBC
});
return cipher;
}
I have the next code in PHP:
$plain = 'some string to encode';
$key = '01234567891234567890123456789012';
$cipherSuite = 'aes-128-cbc';
$iv = null; // I have to use null, I know it's not safe
$result = #openssl_encrypt($plain, $cipherSuite, $key, null, $iv); // Suppress warning of an empty IV
dd($result); // result is 9VK02Mt8IaS+Bng8SbqhCVXUc5TteHKqt3y/EbaJZ1w=
I'm trying to encode the same in online tool - https://www.devglan.com/online-tools/aes-encryption-decryption. Tool says that key must be 16 byte, so I use just half of key - 0123456789123456
It returns exact same result as PHP. Please note that IV is empty.
I need to do the same encryption (and than decription) in JS using Crypto-js
const CryptoJS = require('crypto-js');
var key = CryptoJS.lib.WordArray.create('01234567891234567890123456789012');
var iv = CryptoJS.lib.WordArray.create('');
//var iv = null;
// var iv = CryptoJS.enc.Hex.parse("");
// var iv = CryptoJS.enc.Base64.parse('');
let cfg = {
mode: CryptoJS.mode.CBC,
keySize: 128,
iv: iv
};
const body = 'some string to encode';
const encryptedBody = CryptoJS.AES.encrypt(body, key, cfg).toString();
console.log( encryptedBody );
// result is VYCEPSx9nmb0FJGf1RiU/daL5nIk/qaJZU82jrlGQws=
Similar example at https://jsfiddle.net/pj76d5ov/
Result in JS is different with PHP. Is there a way to use CryptoJS without IV ?
If I use the key as a string, CryptoJS generates IV based on my key, so I have to use WordArray type.
Then I tried to change iv to some values, but it doesn't help. Setting iv to false or null, or not sending iv at all gives an error.
In the PHP code AES-128 is specified. Therefore PHP implicitly truncates the 32 bytes key to the first 16 bytes. In the CryptoJS code only this 16 bytes key may be used.
Furthermore, key and IV are converted most easily with the CryptoJS encoders into a WordArray.
A possible CryptoJS implementation is:
var key = CryptoJS.enc.Utf8.parse('0123456789123456');
var iv = CryptoJS.enc.Hex.parse('00000000000000000000000000000000');
let cfg = {
mode: CryptoJS.mode.CBC,
keySize: 128,
iv: iv
};
const body = 'some string to encode';
const encryptedBody = CryptoJS.AES.encrypt(body, key, cfg).toString();
console.log( encryptedBody ); // result is 9VK02Mt8IaS+Bng8SbqhCVXUc5TteHKqt3y/EbaJZ1w=
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
A static IV is insecure, but you already know that.
I have the following PHP code that uses openssl_encrypt() function to encrypt a message. Here is the code:
$ciphering = "AES-128-CTR";
$options = 0;
$encryption_iv = '5192001995060634';
$encryption_key = "TasKagitMakas";
function encrypt ($string) {
global $ciphering, $options, $encryption_iv, $encryption_key;
$encryption = openssl_encrypt($string, $ciphering,
$encryption_key, $options, $encryption_iv);
$encryption = strtr(base64_encode($encryption), '+/=', '-_,');
return $encryption;
}
I was trying to reverse the process above and get the Javascript implementation using CryptoJS. Here's what I came up with:
var str = "bzB5UVNBclRHbWhlQUs4aHJoMHVxR1BJNEF1Sk9BRkpvbEpBRDFnVmg0MEx4RGtqWllvdUIrSW0vZGY3eG1KMVd2b2JxRFlOTnJ6N2FnPT0,";
str = str.split("-").join("+");
str = str.split("_").join("/");
str = str.split(",").join("=");
var encrypted = CryptoJS.enc.Base64.parse(str);
var encryptedStr = encrypted.toString(CryptoJS.enc.Utf8);
var key = "TasKagitMakas";
var iv = "5192001995060634";
var decrypted = CryptoJS.AES.decrypt(encryptedStr, key, {iv: iv, mode: CryptoJS.mode.CTR});
console.log(decrypted.toString(CryptoJS.enc.Utf8));
This code gives me a blank output, just nothing. What am I doing wrong here? How can I correct my implementation?
PHP code:
openssl_encrypt pads the key with zero values until the specified key length is reached, i.e. the key TasKagitMakas is expanded to TasKagitMakas\0\0\0.
$options = 0 means that the ciphertext is implicitly Base64 encoded. Since the ciphertext is explicitly Base64 encoded again afterwards, it is Base64 encoded twice in total. This is unnecessary and should be changed, for example, with $options = OPENSSL_RAW_DATA.
For a stream cipher mode like CTR openssl_encrypt automatically disables the default PKCS7 padding.
JavaScript code:
Since it was Base64 encoded twice in the PHP code, it is necessary to Base64 decode twice in the JavaScript code. This step is of course only necessary for the unchanged PHP code.
Key and IV must be parsed into a WordArray with the Utf8 Encoder. The extended key must be used.
CryptoJS.AES.decrypt expects the ciphertext as CipherParams object.
Unlike PHP, CryptoJS does not automatically disable the default PKCS7 padding for a stream cipher mode, i.e. it must be explicitly disabled.
The following JavaScript code decrypts the ciphertext:
var str = "bzB5UVNBclRHbWhlQUs4aHJoMHVxR1BJNEF1Sk9BRkpvbEpBRDFnVmg0MEx4RGtqWllvdUIrSW0vZGY3eG1KMVd2b2JxRFlOTnJ6N2FnPT0,";
str = str.split("-").join("+");
str = str.split("_").join("/");
str = str.split(",").join("=");
var encrypted = CryptoJS.enc.Base64.parse(str); // Base64 decode twice (as long as this happens in the PHP code)
var encrypted = encrypted.toString(CryptoJS.enc.Utf8);
var encrypted = CryptoJS.enc.Base64.parse(encrypted);
var key = CryptoJS.enc.Utf8.parse("TasKagitMakas\0\0\0"); // Expand the key and use the Utf8 encoder
var iv = CryptoJS.enc.Utf8.parse("5192001995060634"); // Use the Utf8 encoder
var decrypted = CryptoJS.AES.decrypt(
{
ciphertext: encrypted // Pass teh ciphertext as CipherParams object
},
key,
{
iv: iv,
mode: CryptoJS.mode.CTR,
padding: CryptoJS.pad.NoPadding // Disable the PKCS7 padding
});
console.log(decrypted.toString(CryptoJS.enc.Utf8));
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
with the output:
399002 Örnek2 Öğrenci student#ug.bilkent.edu.tr Team1 6
I am trying to encrypt and decrypt some random data using AES. I can successfully encrypt data using the following code,
function padString(source) {
var paddingChar = 'x';
var size = 16;
var padLength = size - source.length;
for (var i = 0; i < padLength; i++) source += paddingChar;
return source;
}
var key = CryptoJS.enc.Hex.parse('dassdadsasad');
var iv = CryptoJS.enc.Hex.parse('fedcba9876543210');
var message = "0x72648174091c3f7cd41773f636ca9a15756798";
var padMsg = padString(message);
var encrypted = CryptoJS.AES.encrypt(padMsg, key, {
iv: iv,
padding: CryptoJS.pad.NoPadding,
mode: CryptoJS.mode.CBC
});
but when I try to decrypt it,
var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
iv: iv,
padding: CryptoJS.pad.NoPadding,
mode: CryptoJS.mode.CBC
});
I get the incorrect output for decryption instead of getting back my plain text.
Here is the output for instance,
Message: "0x72648174091c3f7cd41773f636ca9a15756798" 40
Padded message: "0x72648174091c3f7cd41773f636ca9a15756798" 40
Encrypted: 8qCjEtSLhchErbhJu8jo/xy8T5T1eSAFazuWLKwKdAW9F0ZUjJLlZw==
Encrypted text: f2a0a312d48b85c844adb849bbc8e8ff1cbc4f94f57920056b3b962cac0a7405bd1746548c92e567
Decrypted c748c55c0212d1688e79de5f00379eb0d802789501e6cbab3e6255b902eaa528a40d32123bcd0ce1
Can someone please tell me what am I doing wrong or if I am missing something ?
Here is the live demonstration, https://jsfiddle.net/4zb9hrxb/267/
Your key is invalid:
var key = CryptoJS.enc.Hex.parse('dassdadsasad');
does not make much sense in the first place since s does not exist in hexadecimal notation. Either specify a 256 bit key as hex, like this:
key = CryptoJS.enc.Hex.parse("123456789012345678901234567890ab");
(note: only hexadecimal characters) or let CryptoJS derive the key from a passphrase:
var key = 'dassdadsasad';
either follow what phihag said, or you can use some key derivation function such as, PBKDF2 to derive key from passphrase (as phihag suggested).
consider this for example,
import pbkdf2,
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/pbkdf2.js"></script>
and generate key as follows,
var passphrase = "dassdadsasad"
var keySize = 256;
var iterations = 100;
var salt = CryptoJS.lib.WordArray.random(128/8);
var key = CryptoJS.PBKDF2(passphrase, salt, {
keySize: keySize/32,
iterations: iterations
});
there is a very good example available here,
http://www.adonespitogo.com/articles/encrypting-data-with-cryptojs-aes/
I need to encrypt a sting with javascript using AES CBC no pad, pass the IV and encrypted data as HEX over HTTP, then decrypt with javascript on the server side.
The decryption function works, in that I can correctly decrypt data ecrypted using hurlant AS3 libraries correctly. However, the below encryption is not working - the result cannot be decrypted using the decrypt function, nor can it be decrypted using the hurant demo at: http://crypto.hurlant.com/demo/
Instead of the actual data, I am using "1234" as the message in this example.
I have searched and found no documentation for any of this library or its functions, beyond the quickstart guide which only has trivial cases, so everything is by trial and error. I have tried hundreds of variations of the below.
Example generated IV as Hex: "15ae89d17f632d21f0cda04734d38694"
Example generated encrypte data as HEX: "44ddf295"
Example message: "15ae89d17f632d21f0cda04734d3869444ddf295"
Can anyone see what is wrong in my encrypt() function?
// this function doesnt work - the resultant message (which is
// IV+Ecypted text all as HEX cannot be decrypted.
function encrypt() {
var key = CryptoJS.enc.Hex.parse('48656c6c6f2c20576f726c6421888888');
var IVLEN = 16; // Im guessing this is 16 bytes.
var iv= CryptoJS.lib.WordArray.random(IVLEN);
var encrypted;
var message;
encrypted = CryptoJS.AES.encrypt("1234", key, { iv: iv, padding: CryptoJS.pad.NoPadding, mode: CryptoJS.mode.CBC });
message = CryptoJS.enc.Hex.stringify(iv) + CryptoJS.enc.Hex.stringify(encrypted.ciphertext);
var test = decrypt(message); // throws a malformed UTF-8 exception
alert (test); // should alert "1234"
return message;
}
// this function works perfectly with data generated using HURLANT crypto libs.
function decrypt(data) {
var key = CryptoJS.enc.Hex.parse('48656c6c6f2c20576f726c6421888888');
var ivHexStr, iv;
var encMessageHexStr;
var IVLEN = 32; // This is 16 bytes, as one byte is 2 Hex chars.
var encrypted = {};
var decrypted;
var result;
ivHexStr = data.substring(0,IVLEN);
encMessageHexStr = data.substring(IVLEN);
iv = CryptoJS.enc.Hex.parse(ivHexStr);
encrypted.key = key;
encrypted.iv = iv;
encrypted.ciphertext = CryptoJS.enc.Hex.parse(encMessageHexStr);
decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv, padding: CryptoJS.pad.NoPadding, mode: CryptoJS.mode.CBC });
result = CryptoJS.enc.Utf8.stringify(decrypted);
return(result);
}; //decrypt()
With CBC mode padding is required. Neither CFB or OFB need padding.
CryptoJS supports the following modes:
CBC (the default)
CFB
CTR
OFB
ECB
And CryptoJS supports the following padding schemes:
Pkcs7 (the default)
Iso97971
AnsiX923
Iso10126
ZeroPadding
NoPadding