Geek Answers Handbook

CryptoJS and Key Length / IV

I have a question about AES key and IV length.

First of all, if, for example, I use the drugs OpenSSL and openssl_encrypt() , I can clearly see this key for 256-bit AES should be 32 , and IV will give a warning if it differs from 16 bytes. I can understand it, and everything is in order.

However, in the CryptoJS library CryptoJS key and length IV are upset. This is an example:

 var text = "test", key = "us5N0PxHAWuIgb0/Qc2sh5OdWBbXGady", iv = "zAvR2NI87bBx746n"; key = CryptoJS.enc.Base64.parse(key); iv = CryptoJS.enc.Base64.parse(iv); crypted = CryptoJS.AES.encrypt(text, key, { iv: iv });

where the key is 32 , IV 16 . CryptoJS requires parsing it, and after CryptoJS.enc.Base64.parse() I get 48 and 24 bytes, respectively. I expect that these values ​​will be truncated to the required 256-bit AES length , and further expansion to n bytes will be irrelevant, so the resulting encrypted text will be the same.

But this is not really happening. When I go to CryptoJS.AES.encrypt () for a larger key and even IV, it produces different output. So my question is: why? What is the difference between the CryptoJS library and OpenSSL ?

+5
source share
1 answer

Looks like I have.

If you use custom key and IV when using CryptoJS , make sure that (assuming CryptoJS.enc.Base64.parse() indicates the HEX string that is used in CryptoJS.AES.encrypt() ).

Taking this example with the Base64 and iv key (length = 22), which CryptoJS is encrypted as AES-256 :

 var message = "some_secret_message"; var key = "6Le0DgMTAAAAANokdEEial"; //length=22 var iv = "mHGFxENnZLbienLyANoi.e"; //length=22 key = CryptoJS.enc.Base64.parse(key); //key is now e8b7b40e031300000000da247441226a, length=32 iv = CryptoJS.enc.Base64.parse(iv); //iv is now 987185c4436764b6e27a72f2fffffffd, length=32 var cipherData = CryptoJS.AES.encrypt(message, key, { iv: iv }); var data = CryptoJS.AES.decrypt(cipherData, key, { iv: iv }); //data contains "some_secret_message"

The key length is 32 bytes for the AES-256 . (16 bytes if you want to get AES-128 . If more, CryptoJS will switch to a longer key length). Otherwise, when decrypting, you will receive an empty message. Example:

 var message = "some_secret_message"; var key = "6Le0DgMTAAAAANokdEEial1"; //length=23 var iv = "mHGFxENnZLbienLyANoi.e"; //length=22 key = CryptoJS.enc.Base64.parse(key); // length = 17 bytes //key is now e8b7b40e031300000000da247441226a5d, length=34 (hex encoded) iv = CryptoJS.enc.Base64.parse(iv); // length = 16 bytes //iv is now 987185c4436764b6e27a72f2fffffffd, length=32 (hex encoded) var cipherData = CryptoJS.AES.encrypt(message, key, { iv: iv }); var data = CryptoJS.AES.decrypt(cipherData, key, { iv: iv }); //data contains "" - an empty string

Also, from what I see, only a valid result has only x % 8 == 0 bytes of this use.

The length of IV should be 22 bytes (when encoding Base64), and when converting using CryptoJS.enc.Base64.parse() you will get 16 bytes (32 hexadecimal encoding), which is max for AES-256 block size. More than it will be truncated.

 var message = "some_secret_message"; var key = "6Le0DgMTAAAAANokdEEial"; //length=22 var iv = "mHGFxENnZLbienLyANoi.e"; //length=22 key = CryptoJS.enc.Base64.parse(key); // length=16 bytes //key is now e8b7b40e031300000000da247441226a5d, length=32 (hex encoded) iv = CryptoJS.enc.Base64.parse(iv); // length=16 bytes //iv is now 987185c4436764b6e27a72f2fffffffd, length=32 (hex encoded) var cipherData = CryptoJS.AES.encrypt(message, key, { iv: iv }); var key = "6Le0DgMTAAAAANokdEEial"; //length=22 var iv = "mHGFxENnZLbienLyANoi.e123"; //length=25 key = CryptoJS.enc.Base64.parse(key); // length = 16 bytes //key is now e8b7b40e031300000000da247441226a5d, length=32 (hex encoded) iv = CryptoJS.enc.Base64.parse(iv); // length = 18 bytes //iv is now 987185c4436764b6e27a72f2fffffffded76, length=36 (hex encoded) var data = CryptoJS.AES.decrypt(cipherData, key, { iv: iv }); //data contains "some_secret_message", so additional "123" in IV is irrelevant.
+5
source

More articles:


All Articles