pggdt / crypto-js

Automatically exported from code.google.com/p/crypto-js
0 stars 0 forks source link

CryptoJS.PBKDF2 creates different keys. #55

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
I try to encrypt a string with this code.

var salt = CryptoJS.lib.WordArray.random(128 / 8);
var key = CryptoJS.PBKDF2("pin", salt, { keySize: 128 / 32, iterations: 4 });
var iv = CryptoJS.lib.WordArray.random(128 / 8);
var cprEncrypt = CryptoJS.AES.encrypt("1234567890", key, { 'iv': iv });
var decrypt = CryptoJS.AES.decrypt(cprEncrypt, key, { 'iv': iv });
var ddd = decrypt.toString(CryptoJS.enc.Utf8);
localStorage.setItem("salt", salt);
localStorage.setItem("iv", iv);
localStorage.setItem("cpr", cprEncrypt); 

Here i can encrypt and decrypt without any problems but when i try to decrypt 
it on another page the calculated key is different from the first key. 

What is the expected output? What do you see instead?
When the salt an iv is:
Salt: "3b096777309e8b63d425233452ec23ba"
Iv: "ebfdfc2ba50553e1314a7a6755617193"
I calculate the key to "46b5315c1251d6ccf725864ec60a0878" on the first page. 
But when i calculate the key agian on a another page like this with the salt.

var salt = localStorage.getItem("salt");
var iv = localStorage.getItem("iv");
var cprEncrypt = localStorage.getItem("cpr");
var key = CryptoJS.PBKDF2("pin", salt, { keySize: 128 / 32, iterations: 4 });

var decrypt = CryptoJS.AES.decrypt(cprEncrypt, key, { 'iv': iv }); 

i get "d1233ea30770498c0b5231942c0c25db" and then i can't decrypt.

Shouldn't i be able to calculate the same key if i use the same "pin", salt and 
keySize?

What version of the product are you using? On what operating system?
CryptoJS v3.0.2, firefox 15 on windows 7

Original issue reported on code.google.com by mikkelse...@gmail.com on 15 Oct 2012 at 8:27

GoogleCodeExporter commented 8 years ago
When you first create the salt, it's a WordArray object. Then when you save it 
to local storage, it's converted to a string of hex digits. To get the original 
WordArray back, you'll have to parse the hex.

Example:

var salt = CryptoJS.enc.Hex.parse( localStorage.getItem("salt") );

Also, there's a discussion group for usage questions 
(https://groups.google.com/forum/?fromgroups#!forum/crypto-js). An "issue" is 
supposed to be for bug reports or enhancement requests.

Original comment by Jeff.Mott.OR on 15 Oct 2012 at 8:40

GoogleCodeExporter commented 8 years ago
Very sorry about that i will take my future questions there!

Now i get the right key but i still can't decrypt should i do something like 
this cprEntrypt also.

var salt = CryptoJS.enc.Hex.parse(localStorage.getItem("salt"));
var iv = CryptoJS.enc.Hex.parse(localStorage.getItem("iv"));
var cprEncrypt = localStorage.getItem("cpr");

var key = CryptoJS.PBKDF2("pin", salt, { keySize: 128 / 32, iterations: 4 });

var decrypt = CryptoJS.AES.decrypt(cprEncrypt, key, { 'iv': iv });

Thanks for the quick response.

Original comment by mikkelse...@gmail.com on 15 Oct 2012 at 9:56

GoogleCodeExporter commented 8 years ago
My bad was missing the aes script in the manifest file to my html5 offline page.

Thanks for the help!! And once agian sorry about the misplacing of the thread.

Original comment by mikkelse...@gmail.com on 15 Oct 2012 at 12:32

GoogleCodeExporter commented 8 years ago

Original comment by Jeff.Mott.OR on 15 Oct 2012 at 11:42