I want to create two functions encrypt(message, key) and decrypt(ciphertext, key) using the Forge library in javascript, but I dont undestand the example code.

// generate a random key and IV
var key = forge.random.getBytesSync(16);
var iv = forge.random.getBytesSync(16);

// encrypt some bytes using CBC mode
// (other modes include: CFB, OFB, and CTR)
var cipher = forge.aes.createEncryptionCipher(key, 'CBC');
cipher.start(iv);
cipher.update(forge.util.createBuffer(someBytes));
cipher.finish();
var encrypted = cipher.output;
// outputs encrypted hex
console.log(encrypted.toHex());

// decrypt some bytes using CBC mode
// (other modes include: CFB, OFB, and CTR)
var cipher = forge.aes.createDecryptionCipher(key, 'CBC');
cipher.start(iv);
cipher.update(encrypted);
cipher.finish();
// outputs decrypted hex
console.log(cipher.output.toHex());

// generate a password-based 16-byte key
var salt = forge.random.getBytesSync(128);
var derivedKey = forge.pkcs5.pbkdf2('password', salt, numIterations, 16);

Where should I use my own key? Where can I choose 256 bit mode? Can you give me an easier example?

I want to create two functions encrypt(message, key) and decrypt(ciphertext, key) using the Forge library in javascript, but I dont undestand the example code.

// generate a random key and IV
var key = forge.random.getBytesSync(16);
var iv = forge.random.getBytesSync(16);

// encrypt some bytes using CBC mode
// (other modes include: CFB, OFB, and CTR)
var cipher = forge.aes.createEncryptionCipher(key, 'CBC');
cipher.start(iv);
cipher.update(forge.util.createBuffer(someBytes));
cipher.finish();
var encrypted = cipher.output;
// outputs encrypted hex
console.log(encrypted.toHex());

// decrypt some bytes using CBC mode
// (other modes include: CFB, OFB, and CTR)
var cipher = forge.aes.createDecryptionCipher(key, 'CBC');
cipher.start(iv);
cipher.update(encrypted);
cipher.finish();
// outputs decrypted hex
console.log(cipher.output.toHex());

// generate a password-based 16-byte key
var salt = forge.random.getBytesSync(128);
var derivedKey = forge.pkcs5.pbkdf2('password', salt, numIterations, 16);

Where should I use my own key? Where can I choose 256 bit mode? Can you give me an easier example?

• javascript
• encryption
• aes

• You can easily substitute your own key instead of the generated, and this example is as small as possible - it initializes the cipher, submits the input data and get the output data. As for increasing the key length (or using other cipher modes) it seems that you will have to look at other js crypto libraries. – Oleg Estekhin Commented Apr 27, 2014 at 5:21
• Just use a key that is 32 bytes long to use AES-256. – dlongley Commented Apr 27, 2014 at 5:57
• 1 Why did this question get voted down? Cryptography is a plex subject especially to the uninitiated. Forge is a good lib, but its documentation is not as accessible as some other crypto libs - for instance crypto-js - code.google./p/crypto-js – arcseldon Commented Oct 21, 2014 at 5:45
• For lower level examples, the nodejs subfolder contains some good mocha unit test coverage: github./digitalbazaar/forge/tree/master/nodejs/test – arcseldon Commented Oct 21, 2014 at 6:10

1 Answer 1

Where should I use my own key?

I haven't used that library but it seems pretty straight forward. Take this part at the top:

// generate a random key and IV
var key = forge.random.getBytesSync(16);

And put your key in like this:

// generate a random key and IV
var key = neverGuessMahKeyIs1234;

Do the same for the iv if you want.

Where can I choose 256 bit mode?

Ok, so first of all your dealing with symmetric encryption which has a key length of the desired size. Because it's symmetric, it's used on both the encrypting and decrypting ends, which is what the code that you posted seems to do. I say 'seems' because I'm trusting that the library's native functions are as you posted them. So, the code as you posted seems to use (as I showed above) 128 bits (16*8=128). If you want a random 256, then just use:

var key = forge.random.getBytesSync(32);

Or just make your own key that 256 bits long.