Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include an FAQ regarding PHP/mCrypt #19

Open
ricmoo opened this issue Oct 4, 2016 · 2 comments
Open

Include an FAQ regarding PHP/mCrypt #19

ricmoo opened this issue Oct 4, 2016 · 2 comments
Labels
enhancement

Comments

@ricmoo
Copy link
Owner

ricmoo commented Oct 4, 2016

See #16 for more details.

Basically, mCrypt is an old library for PHP which has legacy support for modes of operation which are no longer recommended, but whose names collide with official algorithms.

I just need to add an FAQ to the README to explain that to interoperate with mCrypt, you must use its NOFB to be equivalent to the official (and the method used in aes-js) OFB algorithm. There is also no equivalent to mCrypt's OFB in aes-js.
@ben-ekw
Copy link

ben-ekw commented May 24, 2023
edited
Loading

Since CBC is safer than CTR, I've been trying to understand your PKCS#7 padding example. Would that allow for CBC encryption of arbitrary-length text?

// An example 128-bit key
var key = [ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 ];

// The initialization vector (must be 16 bytes)
var iv = [ 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34,35, 36 ];

// Convert text to bytes
var text = 'Text may be any length you wish, padded with PKCS#7.';
var textBytes = aesjs.utils.utf8.toBytes(text);

var aesCbc = new aesjs.ModeOfOperation.cbc(key, iv);
var encryptedBytes = aesCbc.encrypt(aesjs.padding.pkcs7.pad(textBytes));

// ... what would be the decrypt process?

@ben-ekw
Copy link

ben-ekw commented May 24, 2023

Never mind, I figured it out:

var text = "Text may be any length you wish (will be padded with PKCS#7).";

// An example 128-bit key
var key = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16];

// The initialization vector (must be 16 bytes)
var iv = [21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36];

// CBC instance
var aesCbc = new aesjs.ModeOfOperation.cbc(key, iv);

// encrypt
var textBytes = aesjs.utils.utf8.toBytes(text);
var encryptedBytes = aesCbc.encrypt(aesjs.padding.pkcs7.pad(textBytes));
var encryptedHex = aesjs.utils.hex.fromBytes(encryptedBytes);
console.log("encrypted string", encryptedHex);

// decrypt
var encryptedBytes = aesjs.utils.hex.toBytes(encryptedHex);
var aesCbc = new aesjs.ModeOfOperation.cbc(key, iv);
var decryptedBytes = aesCbc.decrypt(encryptedBytes);
var decryptedText = aesjs.utils.utf8.fromBytes(aesjs.padding.pkcs7.strip(decryptedBytes));
console.log("decrypted string", decryptedText);

Any recommendations for generating a secure key and iv?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ricmoo @ben-ekw