search

bitwiseshiftleft / sjcl

Stanford Javascript Crypto Library
http://bitwiseshiftleft.github.com/sjcl/
Other
7.18k stars 987 forks source link

PBKDF2 - not getting expected results #356

Open ggo98 opened 6 years ago

ggo98 commented 6 years ago

Hello, I have a "small" problem and hope you can tell me what I'm doing wrong.

I'm trying to use PBKDF2 with the following parameters: password = mypassss salt = 3132333435363738 (hexa) iterations = 1000 output size = 64 (bytes)

the sjcl PBKDF2 returns this: 1BCC0C9FD4162DFA21B5DF5E00DFA1DD25524898662C45E6C410D9B84DA2B7933579E947839DD976A90BC86BF75983B3F98BA1CEF5403FAF7EC13B4762F104EF

The other tests I've made return this: 2819F0D35E15C7881CA443C8BF7F188234692ED90F064897A08B9CE507B41F09F3F11A79B05E179FA25AD022C749ACF3F21DDC91322A58637585681CE8CD2AEC

the other tests have been made with: https://asecuritysite.com/encryption/PBKDF2z Rfc2898DeriveBytes (.NET + C#) BCryptDeriveKeyPBKDF2 (windows API, C++) (and other tools)

Here is my code, which must probably be wrong:

    var hmacSHA1 = function (key) {
        var hasher = new sjcl.misc.hmac(key, sjcl.hash.sha1);
        this.encrypt = function () {
            return hasher.encrypt.apply(hasher, arguments);
        };
    };

    var password = sjcl.codec.hex.toBits('6D79706173737373');
    var passwordSalt = sjcl.codec.hex.toBits('3132333435363738');
    var derivedKey = sjcl.misc.pbkdf2(
        "mypassss",
        //password,
        passwordSalt, 1000, 512, hmacSHA1);
    var hexKey = sjcl.codec.hex.fromBits(derivedKey);
    ret = sjcl.codec.hex.fromBits(derivedKey);
    alert(ret);

Thank you, best regards, Olivier

mornevdw commented 5 years ago

I had the same but found that the sha1 lib is not included in the default build, so passing that results in 'undefined' which forces the use of sha256. I simply added sha1 to my build. Might be the same issue for you.

ggo98 commented 5 years ago

Hello Morne, thank you very much for this information.I really appreciate.I'm gonna try it. Thanks again,kind regards,Olivier gg.

  From: Morne van der Westhuizen <notifications@github.com>

To: bitwiseshiftleft/sjcl sjcl@noreply.github.com Cc: ggo98 ggo98@yahoo.com; Author author@noreply.github.com Sent: Wednesday, December 12, 2018 9:41 AM Subject: Re: [bitwiseshiftleft/sjcl] PBKDF2 - not getting expected results (#356)

I had the same but found that the sha1 lib is not included in the default build, so passing that results in 'undefined' which forces the use of sha256. I simply added sha1 to my build. Might be the same issue for you.— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

EbrahimMajdey commented 5 years ago

I had similar issue does anyone find a fix, I am using SHA1 with BCryptDeriveKeyPBKDF2 (windows API, C++)