initaldk / crypto-js

Automatically exported from code.google.com/p/crypto-js
0 stars 0 forks source link

Crypto.JS PBKDF2 Results Differnt then .Net Rfc2898DeriveBytes #137

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Using the same Salt and Secret Phrase for both C# and Crypto.js (Lets just 
use a SessionID ans an example to make is simple)

2. Java Code:
var salt = CryptoJS.SHA256("<%=Session.SessionID%>");
var key256Bits = CryptoJS.PBKDF2("<%=Session.SessionID%>", salt, { keySize: 256 
/ 32 });
$("#TextBox3").val(key128Bits.toString(CryptoJS.enc.Base64));

3. C# Code
SHA256 sha = SHA256.Create();
Rfc2898DeriveBytes ByteMake = new Rfc2898DeriveBytes(Session.SessionID, 
sha.ComputeHash(UTF8Encoding.UTF8.GetBytes(Session.SessionID)));
TextBox2.Text = Convert.ToBase64String(ByteMake.GetBytes(32));

What is the expected output? What do you see instead?
I would expect the results to be identical in each text box.

What version of the product are you using? On what operating system?
Crypto.js - Version 3.1.2
Asp.net 4.5 
Windows Server 2012 R2

Please provide any additional information below.

Original issue reported on code.google.com by coldfiredragon on 30 Jul 2014 at 8:45

GoogleCodeExporter commented 8 years ago
So your settings are incorrect. Here is some working code that does work:

var salt = "i8HteZLJHxnvCPlO" //base64 encoded string
var key = "abc123"

C# code
 Rfc2898DeriveBytes maker = new Rfc2898DeriveBytes(key, 12, 1000);
 byte[] key = maker.GetBytes(16);

Javascript code
 var parsedSalt = cryptoJS.enc.Base64.parse(salt);
 var parsedKey = cryptoJS.PBKDF2(key, parsedSalt, keySize: 128/32, iterations: 1000})

Original comment by heis...@gmail.com on 9 Dec 2014 at 6:32