Closed GoogleCodeExporter closed 8 years ago
During working on I noticed that my description is mostly wrong.
In fact using padding on decrypt isn't useless. And just using this option
doesn't reproduces the error at all.
I still trying to figure out what the actual problem is... just a bit
over-worked.
Original comment by johannes...@gmail.com
on 27 May 2014 at 5:09
Ok, my big mistake was to pass an encoding object created by
CryptoJS.enc.Hex.parse() to decrypt method. But the method requires as
parameter an object with a "ciphertext" property:
CryptoJS.AES.decrypt({ ciphertext: encrypted_message }, key)
This is not well documented.
However I think there is a problem with the ZeroPadding option. If you pass
something without a "ciphertext" property to the decrypt function and specify
"padding: CryptoJS.pad.ZeroPadding" the script do endless processing. Use of
"NoPadding" or default padding just results in an empty decryption object.
Original comment by johannes...@gmail.com
on 27 May 2014 at 9:43
I tried to mention this behavior in the Cipher Input section
(https://code.google.com/p/crypto-js/#The_Cipher_Input). "For the ciphertext,
the cipher algorithms accept either strings or instances of
CryptoJS.lib.CipherParams. A CipherParams object represents a collection of
parameters such as the IV, a salt, and the raw ciphertext itself."
I'd imagine that many parts, not just the padding, wouldn't work correctly if
it received the wrong kind of input, but that would have to fall under the
umbrella of "undefined behavior." Loosely typed languages such as JavaScript
will let you pass in any random thing, so unfortunately that leaves it entirely
up to you to make sure you pass in the right thing.
Original comment by Jeff.Mott.OR
on 27 May 2014 at 11:42
Original issue reported on code.google.com by
johannes...@gmail.com
on 27 May 2014 at 2:49