I am encrypting something previously encoded in base64.
The steps are:
1. Encode the plain (readable) text in base64
2. Encrypt the base64 encoded text with DES/CBC/PKCS7PADDING using CryptoJS
3. Encode again in base64 the information obtained in step 2
This is my code in Javascript:
function encryptDesCbcPkcs7Padding(message, key) {
var keyHex = CryptoJS.enc.Utf8.parse(key);
var iv = new Uint8Array(0);
var ivHex = CryptoJS.enc.Hex.parse(CryptoJS.enc.Utf8.parse(iv).toString(CryptoJS.enc.Hex));
var encrypted = CryptoJS.DES.encrypt(message, keyHex, { iv: ivHex, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 });
return encrypted;//.toString(CryptoJS.enc.Utf8);
}
var plainText = "hola";
console.log("Plain text: ", plainText);
var base64Coded = window.btoa(plainText);
console.log("Base64 coded text: ", base64Coded);
var encrypted = encryptDesCbcPkcs7Padding(base64Coded, "12345678");
console.log("Encrypted: ", encrypted);
var finalEncrypted = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
console.log("Final encrypted: ", finalEncrypted);
alert("Final encrypted: " + finalEncrypted);
With this code I get the information encryped with the previous steps.
Problem: I can't make the reverse steps. What am I doing wrong?
These is the code I use for the reverse:
function decryptDesCbcPkcs7Padding(message, key) {
var keyHex = CryptoJS.enc.Utf8.parse(key);
var iv = new Uint8Array(0);
var ivHex = CryptoJS.enc.Hex.parse(CryptoJS.enc.Utf8.parse(iv).toString(CryptoJS.enc.Hex));
var decrypted = CryptoJS.DES.decrypt(message, keyHex, { iv: ivHex, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 });
return decrypted.toString(CryptoJS.enc.Utf8);
}
var base64Decoded = CryptoJS.enc.Base64.parse(finalEncrypted).toString();
console.log("Base64 decoded", base64Decoded);
var decrypted = decryptDesCbcPkcs7Padding(base64Decoded, "12345678");
console.log("Decrypted: ", decrypted);
var finalDecrypted = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
console.log("Final encrypted: ", finalEncrypted);
alert("Final encrypted: " + finalEncrypted);
I can't make this code work, what am I doing wrong?
I am encrypting something previously encoded in base64.
The steps are:
1. Encode the plain (readable) text in base64
2. Encrypt the base64 encoded text with DES/CBC/PKCS7PADDING using CryptoJS
3. Encode again in base64 the information obtained in step 2
This is my code in Javascript:
function encryptDesCbcPkcs7Padding(message, key) {
var keyHex = CryptoJS.enc.Utf8.parse(key);
var iv = new Uint8Array(0);
var ivHex = CryptoJS.enc.Hex.parse(CryptoJS.enc.Utf8.parse(iv).toString(CryptoJS.enc.Hex));
var encrypted = CryptoJS.DES.encrypt(message, keyHex, { iv: ivHex, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 });
return encrypted;//.toString(CryptoJS.enc.Utf8);
}
var plainText = "hola";
console.log("Plain text: ", plainText);
var base64Coded = window.btoa(plainText);
console.log("Base64 coded text: ", base64Coded);
var encrypted = encryptDesCbcPkcs7Padding(base64Coded, "12345678");
console.log("Encrypted: ", encrypted);
var finalEncrypted = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
console.log("Final encrypted: ", finalEncrypted);
alert("Final encrypted: " + finalEncrypted);
With this code I get the information encryped with the previous steps.
Problem: I can't make the reverse steps. What am I doing wrong?
These is the code I use for the reverse:
function decryptDesCbcPkcs7Padding(message, key) {
var keyHex = CryptoJS.enc.Utf8.parse(key);
var iv = new Uint8Array(0);
var ivHex = CryptoJS.enc.Hex.parse(CryptoJS.enc.Utf8.parse(iv).toString(CryptoJS.enc.Hex));
var decrypted = CryptoJS.DES.decrypt(message, keyHex, { iv: ivHex, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7 });
return decrypted.toString(CryptoJS.enc.Utf8);
}
var base64Decoded = CryptoJS.enc.Base64.parse(finalEncrypted).toString();
console.log("Base64 decoded", base64Decoded);
var decrypted = decryptDesCbcPkcs7Padding(base64Decoded, "12345678");
console.log("Decrypted: ", decrypted);
var finalDecrypted = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
console.log("Final encrypted: ", finalEncrypted);
alert("Final encrypted: " + finalEncrypted);
I can't make this code work, what am I doing wrong?
Share Improve this question asked May 26, 2016 at 17:42 Jonathan RojasJonathan Rojas 231 gold badge1 silver badge6 bronze badges 6-
The whole two lines for the IV part don't make any sense at all.
ivmust be a string inCryptoJS.enc.Utf8.parse(iv), but it is a Uint8Array. Then you're encoding it with hex only to immediately decode it with hex. This doesn't make sense. Then the IV has to be 128 bit long for CBC mode, but you're trying to use an empty IV for some reason. – Artjom B. Commented May 26, 2016 at 17:47 - 2 Also check the last two console/alert prints: maybe you wanted to print finalDecrypted? – sal Commented May 26, 2016 at 17:48
- @ArtjomB. I tried to put it as an empy IV. In java language I initialize it with new byte[8], I tried to do the same thing in JavaScript. (Empty or zeroIV): IvParameterSpec zeroIv = new IvParameterSpec(new byte[8]); – Jonathan Rojas Commented May 26, 2016 at 17:57
-
Then use
var ivHex = CryptoJS.lib.WordArray.create([0, 0]);Binary data is represented as 32-bit words and you need two of them. Remember that it is not secure to use a fixed IV value. The IV doesn't need to be secret, it only needs to be unpredictable. So you should always generate a random IV and send it along with the ciphertext. – Artjom B. Commented May 26, 2016 at 18:01 - Thanks @ArtjomB. I made the change that you suggested. But the information obtained in the reverse is still not the same. "finalDecrypted" variable should get "hola" again in the reverse – Jonathan Rojas Commented May 26, 2016 at 18:08
1 Answer
Reset to default 4There are many problems with the encodings in your code in addition to copy-paste errors. Here is the fixed code.
function encryptDesCbcPkcs7Padding(message, key) {
var keyWords = CryptoJS.enc.Utf8.parse(key);
var ivWords = CryptoJS.lib.WordArray.create([0, 0]);
var encrypted = CryptoJS.DES.encrypt(message, keyWords, { iv: ivWords});
return encrypted;//.toString(CryptoJS.enc.Utf8);
}
var plainText = "hola";
console.log("Plain text: ", plainText);
var base64Coded = window.btoa(plainText);
console.log("Base64 coded text: ", base64Coded);
var encrypted = encryptDesCbcPkcs7Padding(base64Coded, "12345678");
console.log("Encrypted: ", encrypted);
var finalEncrypted = CryptoJS.enc.Base64.stringify(encrypted.ciphertext);
console.log("Final encrypted: ", finalEncrypted);
alert("Final encrypted: " + finalEncrypted);
function decryptDesCbcPkcs7Padding(message, key) {
var keyWords = CryptoJS.enc.Utf8.parse(key);
var ivWords = CryptoJS.lib.WordArray.create([0, 0]);
var decrypted = CryptoJS.DES.decrypt({ciphertext: message}, keyWords, { iv: ivWords });
return decrypted.toString(CryptoJS.enc.Utf8);
}
var base64Decoded = CryptoJS.enc.Base64.parse(finalEncrypted);
console.log("Base64 decoded", base64Decoded);
var decrypted = decryptDesCbcPkcs7Padding(base64Decoded, "12345678");
console.log("Decrypted: ", decrypted);
var finalDecrypted = CryptoJS.enc.Base64.parse(decrypted.toString(CryptoJS.enc.Utf8)).toString(CryptoJS.enc.Utf8);
console.log("Final decrypted: ", finalDecrypted);
alert("Final decrypted: " + finalDecrypted);<script src="https://cdn.rawgit./CryptoStore/crypto-js/3.1.2/build/rollups/tripledes.js"></script>