Better AES?

[ganlvtech]

• https://stackoverflow.com/questions/27677236/encryption-in-javascript-and-decryption-with-php/27678978#27678978
• https://stackoverflow.com/questions/27220297/what-are-the-aes-parameters-used-and-steps-performed-internally-by-crypto-js-whi/27250883#27250883

CryptoJS uses the non-standardized OpenSSL KDF for key derivation (EvpKDF) with MD5 as the hashing algorithm and 1 iteration.

When I try to write a client in php. The decryption is not so easy. See my code.

Do you want to change the crypto.js non-standard key to a key and a constant iv (e.g. 101112131415161718191a1b1c1d1e1f).

Then I can remove the evpKDF function and decrypt happily.

[Anduin2017]

Low priority.

[ganlvtech]

The given aesKey is a hex string, but the code here don't use it as a bytestring.

https://github.com/AiursoftWeb/Kahla.App/blob/12f7f82e118974d7e126bfe92ec199bbe9a8161d/src/app/Controllers/talking.component.ts#L175

There should be a hexStringToByteString method, or the server should give a key that contains all available chars.

[Anduin2017]

You wanna fix it?

[ganlvtech]

This may cause backward compatibiliy problem. Should we need a transition from one to another

[xxyzz]

This issue is irrelevant to this repository and should be closed. We don't have enough resource to support any third-party apps for now. You are welcome to work on Android or iOS apps, you can also contribute to the current projects(Kahla.APP and Kahla).

[Anduin2017]

We may support Kahla extends development later. Some features like:

• chat bot
• auto response plugin
• Kahla based notifier
• or any ideas from community

This issue has low priority. May be fixed in further upgrades later.