3

I want to create two functions encrypt(message, key) and decrypt(ciphertext, key) using the Forge library in javascript, but I dont undestand the example code.

// generate a random key and IV
var key = forge.random.getBytesSync(16);
var iv = forge.random.getBytesSync(16);

// encrypt some bytes using CBC mode
// (other modes include: CFB, OFB, and CTR)
var cipher = forge.aes.createEncryptionCipher(key, 'CBC');
cipher.start(iv);
cipher.update(forge.util.createBuffer(someBytes));
cipher.finish();
var encrypted = cipher.output;
// outputs encrypted hex
console.log(encrypted.toHex());

// decrypt some bytes using CBC mode
// (other modes include: CFB, OFB, and CTR)
var cipher = forge.aes.createDecryptionCipher(key, 'CBC');
cipher.start(iv);
cipher.update(encrypted);
cipher.finish();
// outputs decrypted hex
console.log(cipher.output.toHex());

// generate a password-based 16-byte key
var salt = forge.random.getBytesSync(128);
var derivedKey = forge.pkcs5.pbkdf2('password', salt, numIterations, 16);

Where should I use my own key? Where can I choose 256 bit mode? Can you give me an easier example?

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Art Grc
  • 453
  • 2
  • 8
  • 14
  • You can easily substitute your own key instead of the generated, and this example is as small as possible - it initializes the cipher, submits the input data and get the output data. As for increasing the key length (or using other cipher modes) it seems that you will have to look at other [js crypto libraries](http://stackoverflow.com/questions/793812/javascript-aes-encryption). – Oleg Estekhin Apr 27 '14 at 05:21
  • Just use a key that is 32 bytes long to use AES-256. – dlongley Apr 27 '14 at 05:57
  • 1
    Why did this question get voted down? Cryptography is a complex subject especially to the uninitiated. Forge is a good lib, but its documentation is not as accessible as some other crypto libs - for instance crypto-js - https://code.google.com/p/crypto-js/ – arcseldon Oct 21 '14 at 05:45
  • For lower level examples, the nodejs subfolder contains some good mocha unit test coverage: https://github.com/digitalbazaar/forge/tree/master/nodejs/test – arcseldon Oct 21 '14 at 06:10

1 Answers1

2

Where should I use my own key?

I haven't used that library but it seems pretty straight forward. Take this part at the top:

// generate a random key and IV
var key = forge.random.getBytesSync(16);

And put your key in like this:

// generate a random key and IV
var key = neverGuessMahKeyIs1234;

Do the same for the iv if you want.

Where can I choose 256 bit mode?

Ok, so first of all your dealing with symmetric encryption which has a key length of the desired size. Because it's symmetric, it's used on both the encrypting and decrypting ends, which is what the code that you posted seems to do. I say 'seems' because I'm trusting that the library's native functions are as you posted them. So, the code as you posted seems to use (as I showed above) 128 bits (16*8=128). If you want a random 256, then just use:

var key = forge.random.getBytesSync(32);

Or just make your own key that 256 bits long.

stackuser
  • 869
  • 16
  • 34
  • again, this is where crypto-js is so convenient - CryptoJS supports AES-128, AES-192, and AES-256. It will pick the variant by the size of the key you pass in. If you use a passphrase, then it will generate a 256-bit key. – arcseldon Oct 21 '14 at 06:35
  • Just a quick note: forge also supports AES-128, AES-192, and AES-256 and will pick the variant based on the size of the key you pass in. If you want to use a password-derived key, forge provides APIs for that, such as forge.pkcs5.pbkdf2. – dlongley Mar 20 '15 at 21:54