Can't decrypt string with CryptoJS

I'm trying to encode/decode data using CryptoJS, as a preliminar test for the code I want to develop. This is the code I'm using for encrypting:

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script>
var message = "Secret Message";
var key = CryptoJS.enc.Hex.parse('36ebe205bcdfc499a25e6923f4450fa8');
var iv  = CryptoJS.enc.Hex.parse('be410fea41df7162a679875ec131cf2c');

// Encription. Works ok
var encrypted = CryptoJS.AES.encrypt(
        message,key,
        {
            iv: iv,
            mode: CryptoJS.mode.CBC,
            padding: CryptoJS.pad.Pkcs7
        }
    );
console.log('encrypted:'+encrypted.ciphertext.toString());
<script>

This is the first test I use for decrypting. It works OK, returning 3f0e590d2617dc7007b89350bd590409

// Decription. Works ok with "encrypted" parameter
var decrypted = CryptoJS.AES.decrypt(
        encrypted,key,
        {
            iv: iv,
            mode: CryptoJS.mode.CBC,
            padding: CryptoJS.pad.Pkcs7
        }
    );
console.log('decrypted:'+decrypted.toString(CryptoJS.enc.Utf8));

Let's notice that encrypted parameter is the results from the previous call to CryptoJS.AES.encrypt. It's an object.

The problem I have is when I try to decrypt directly the string:

// Decription. It fails with manual data
var manual_data = CryptoJS.enc.Hex.parse('3f0e590d2617dc7007b89350bd590409');
var decrypted = CryptoJS.AES.decrypt(
        manual_data,key,
        {
            iv: iv,
            mode: CryptoJS.mode.CBC,
            padding: CryptoJS.pad.Pkcs7
        }
    );
console.log('decrypted, by hand:'+decrypted.toString(CryptoJS.enc.Utf8));

It returns an "empty" object (an empty string in the above example). It seems like there is some data that CryptoJS.AES.decrypt needs which is stored into the encrypted object of the first example but missing from the wordarray of the second example.

Does anybody knows why is this happening?

Answers:

Answer

I have been messing with this a while and I think I have found your problem. The main problem is this line encrypted.ciphertext.toString(). What you want is just encrypted.toString().

The toString function is defined for this object by CryptoJS and it returns the encrypted message that can be sent around safely. So if we change that we will have something like this:

var encrypted = CryptoJS.AES.encrypt(
  message,
  key,
  {
    iv: iv,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7
  }
);
console.log('            encrypted: '+encrypted.toString());

This will output Pw5ZDSYX3HAHuJNQvVkECQ== instead of 3f0e590d2617dc7007b89350bd590409. The reason your second function is working is because it doesn't use encrypted.ciphertext.toString() it just uses the actual object so no changes on that one. For the last one we will have the change the wrong text you were using to the new text that is returned without the ciphertext part but we also have to remove the CryptoJS.enc.Hex.parse. I don't really know what you were doing here but I can investigate if you meant something by that.

var manual_data = 'Pw5ZDSYX3HAHuJNQvVkECQ==';
var decrypted = CryptoJS.AES.decrypt(
  manual_data,
  key,
  {
    iv: iv,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7
  }
);
console.log('   decrypted, by hand: '+decrypted.toString(CryptoJS.enc.Utf8));

This should log the right stuff.

I have even created a JSBin for this. It is my first time using JSBin so I hope I did it right.

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.