Difference between CryptoJS.enc.Base64.stringify() and normal Base64 encryption - javascript

I'm trying to encrypt the following hash to base64:
6bb984727b8c8c8017207e54b63976dc42ea9d24ad33bd5feeaa66869b650096
It's needed to access the API of a website. The website shows an example script in JavaScript using the CryptoJS.enc.Base64.stringify() method to encrypt the hash.
The result with this method is
a7mEcnuMjIAXIH5Utjl23ELqnSStM71f7qpmhptlAJY=
However, every online base64 encryption tool I tried gives me the following result:
NmJiOTg0NzI3YjhjOGM4MDE3MjA3ZTU0YjYzOTc2ZGM0MmVhOWQyNGFkMzNiZDVmZWVhYTY2ODY5YjY1MDA5Ng==
I need to create the encoded string in C++. I've also already tried 4 different base64encode implementations (OpenSSL and custom codes), but also there I get the above result and the API always answers my string is not correctly encoded.
So where is the difference, and does somebody know a C++ implementation for CryptoJS.enc.Base64.stringify()?

Let's call
a = "6bb984727b8c8c8017207e54b63976dc42ea9d24ad33bd5feeaa66869b650096";
b = "a7mEcnuMjIAXIH5Utjl23ELqnSStM71f7qpmhptlAJY=";
c = "NmJiOTg0NzI3YjhjOGM4MDE3MjA3ZTU0YjYzOTc2ZGM0MmVhOWQyNGFkMzNiZDVmZWVhYTY2ODY5YjY1MDA5Ng==";
Both conversions are correct, but depend on what you actually want.
For example the following two equations hold
toBase64FromBytes(toBytesFromUtf8(a)) == c
toBase64FromBytes(toBytesFromHex(a)) == b
It's a bad idea to trust some kind of online calculator, because they usually don't disclose how they encode stuff, so you will get arbitrary results. If you program it yourself, you get the expected results if you follow the documentation.
I suspect you got a by printing a hash or encryption result to the console like this:
console.log(result.toString()); // a
Most result objects in CryptoJS are WordArray types. When you call the toString() function on such an object, you get a Hex-encoded string of that binary object.
If you print result.toString(CryptoJS.enc.Base64) then you get the Base64-encoded string of the binary result.
If you take a and directly encode it to Base64, then it is probably assumed that a is already a string (e.g. UTF-8 encoded). An online calculator doesn't know that it is Hex-encoded.

Related

Python encode() vs JSON.stringify() before sending data over the network?

In Python, when sending a POST request to an API endpoint, we need to encode() the data, that encodes it using UTF-8 and bytes type is assigned to the resulting Object. Why exactly do we need to encode it before sending?
What if we send it without encoding it? What would happen if we send it as a Unicode string instead of converting it to UTF-8?
In JavaScript, we do something similar like JSON.stringify(). Does this serve the same purpose as encode()? Why exactly do we need to use stringify() in a POST request?
I know the overall working of character encodings, but I cannot find any article that explains it deeply as to why exactly we use JSON.stringify()/JSON.parse() in JS and encode()/decode() in Python. Can we not send data without using these functions? Can anyone explain by comparing these four functions?

CryptoJS.enc.Base64.parse vs Base64.decodeBase64, what's the difference?

Want to understand how these two are different? Or they are same?
var key2 = CryptoJS.enc.Base64.parse(apiKey);
&
byte[] decodedBase64APIKeyByteArray = Base64.decodeBase64(apiKey);
I have gone through the APIs of both but seems like both are doing conversions but my question is would the conversion be same for same input?
Will the output for both would be same?
Both decode normal base64 with the default base64 alphabet including possible padding characters at the end.
There are a few differences however.
Documentation: The commons-codec one is at least somewhat documented.
The input: The commons-codec allows base64 and removes line endings and such (required for e.g. MIME decoding). A quick look at the CryptoJS code shows that it requires base64 without whitespace. So the Java based decoder allows different forms of input.
The implementation: The CryptoJS parsing brings tears to my eyes, and not of joy. It has terrible performance, if just on how it handles the base 64 without streaming. It even is stupid enough to use an indexOf to lookup possible padding characters up front, which is both woefully bad and non-performant. Apache's implementation is only slightly better. Both should only be used for relatively small amounts of data.
The output: The CryptoJS returns a word-array while the commons-codec one returns a byte array. For keys this doesn't matter much, as Java usually expects a byte array for SecretKeySpec while CryptoJS directly uses a word array as key.

Decode Base64 string

I am currently working on a custom SAPUI5 app. I would like to make a service call, which expects the Guid in a different format than it is currently available.
An example:
Available (base64): QvLAUUzUCZbhAAAAjSS2iA==
As it should be (hexadecimal): 42F2C0514CD40996E10000008D24B688
I have not found an online decoder, which could produce the desired result, however, I was able to encode the guid 42F2C0514CD40996E10000008D24B to QvLAUUzUCZbhAAAAjss2iA== with the SAP ABAP standard function module HTTP_BASE64_ENCODE. With the usual online encoders, however, I got a different result.
How can I decode the encoded guid with JavaScript so that it has the desired format?
The string is in hexadecimal format you will have to convert it.
First you convert the string to binary (atob > charCodeAt) and then using the toString(16) you get the hex.
I will not post the code, since its already explained
Decode Base64 to Hexadecimal string with javascript

Convert a long text to a number (like hash, md5) that will get me same result in PHP and JS

I am trying to convert a small paragraph into a sequence of numbers (and maybe chars) like the md5 does.
I tried md5() in PHP and http://www.myersdaily.org/joseph/javascript/md5.js using JS but I get different result.
I do not know why this is happening, but can you suggest me a way to convert the text to a sequence of chars and numbers (to save them in DB) that will give me the same output? I do not mind if the output is not crypto.
Thank you
I would use the base64 encode/decode. Check out the link for the php http://php.net/manual/en/function.base64-encode.php and here is a link with some examples for javascript Base64 encoding and decoding in client-side Javascript
If you don't need crypto convert them into Hexadecimal value.
For example "Stack" will be 537461636B.
If you want to easily encrypt them, just use xor. This cannot give you different results in any possible language.
in PHP I found this function here PHP convert string to hex and hex to string
in JS I found some code here http://snipplr.com/view/52975/

using regexp on raw binary data

I'm embedding JavaScript in my C++ app (via V8) and I get some raw binary data which I want to pass to JavaScript. Now, in the JavaScript, I plan to do some regular expressions on the data.
When using just the standard JavaScript String object for my data, everything is quite straight-forward. However, as far as I understand it, it uses an UTF16 representation and expects the data to be valid Unicode. But I have arbitrary data (might contain '\0' and other raw data - although it is just text for the most part).
How should I handle this? I searched a bit around and maybe ArrayBuffer or something like this is the object I need to store my raw data. However, I didn't found how to do the usual regular expression methods on that object. (Basically I need RegExp.test and RegExp.exec).
I just checked out the Node.js code and it seems as if they support binary data and just put it into a string via v8::String::NewFromOneByte. See here and here. So that would answer my question (i.e., I can just use String), wouldn't it? Any downsides?
(I still don't see why my question is bad. Please explain the downvote.)
From all my current tests, it seems like it works just as expected with normal String.
You can even specify that in JavaScript directly, e.g.
var s = "\x00\x01\x02\x03"
and regular expressions on that string work like expected.
On the C++ side, if you want to get your binary data into a JS String object:
v8::Local<v8::String> jsBinary(const uint8_t* data, uint32_t len) {
assert(int(len) >= 0);
return String::NewFromOneByte(v8::Isolate::GetCurrent(), data, String::kNormalString, len);
}

Categories

Resources