3

CryptoJS is said to be OpenSSL compatible what can be noticed running the demo.

Now I want to implement the same behavior using the OpenSSL EVP API: chipher a string using a passphrase and exchange the result with CryptoJS which must be able to decrypt it (knowing the passphrase).

My doubt is about the standard way to exchange the iv (which I see as the key of CryptoJS and OpenSSL compatibility).

How am I supposed to send the iv along with the ciphered message?

PS: Please do not concern about client-side encryption/decryption because I am comfortable with the use case.

Update

Ciphering with OpenSSL command line tool

$ echo "Hello World" | openssl enc -aes-256-cbc -pass pass:"Secret Passphrase" -e -base64

U2FsdGVkX18Z8dTy1NR6/gm+9IxmbuT8iCblIjvV76E=

Deciphering with CryptoJS

var de = CryptoJS.AES.decrypt("U2FsdGVkX18Z8dTy1NR6/gm+9IxmbuT8iCblIjvV76E=","Secret Passphrase",{keySize: 256/32});

de.toString(CryptoJS.enc.Utf8); // output: Hello World

In my use case I want to cipher using the EVP API instead of openssl command line tool. I am missing how to "package" the ciphered text, iv and salt altogether in one string as it was on "U2FsdGVkX18Z8dTy1NR6/gm+9IxmbuT8iCblIjvV76E="

Update 2

I took the Saju Pillai example as start point.

Update 3

My problem is about "interchangeability" of the ciphered text. I am getting the following parts

  • key : 79A38D896D90DBFE5E151A326602BC3A4A9081F3F9BEAC08EF058B96BA51CF19
  • iv : 76614325D3DA73698DDD220431AE298E00000000000000000000000000000000
  • cipher text: QfCKTtVPlDcTOhC5ylwKFQ==

I am looking to send a single string to the client which must be able to decipher the string and get the parts required to the decryption process (it is exactly what I observe between CryptoJS and OpenSSL)

PauloASilva
  • 1,000
  • 1
  • 7
  • 19
  • The IV is a public parameter. You can send it with the encrypted message. Be sure the MAC covers *both* the IV and Message. Or, you can do like TLS and derive it from the master secret and keep it secret. There's arguments for/against handling the IV as public and as secret. I think wikipedia lists a few of them. Personally, I send it in the plaintext with the message. – jww Jun 16 '14 at 12:40
  • OK, I just looked at the public interface in the reference you cited. This library is very limited. Without key agreement, its *really* hard (impossible?) to do things correctly. If you don't have the agreement schemes, then `key = PBKDF2(password)` always derives to the same key. That's not going to work - you need a unique key for every connection. Connections cannot share the same key. – jww Jun 16 '14 at 12:50
  • Show us some code. We need to see how you are doing things like preparing a message before sending on the wire. – jww Jun 16 '14 at 13:13
  • @jww Sorry, comments are tricky. Please refer to the Question update. Thanks a bunch – PauloASilva Jun 16 '14 at 13:24
  • OK. there's a lot to it, and this should get you started. OpenSSL derives a key and IV from the password, and it does it in a non-standard way. To read about the `openssl enc` command, see OpenSSL's [`enc(1)`](http://www.openssl.org/docs/apps/enc.html) docs. To see *how* OpenSSL is doing it, see the source code for the `enc` program in `/apps/enc.c`. – jww Jun 16 '14 at 13:37
  • @jww thanks to pointing me the way. Do you have any clue about how OpenSSL (and CryptoJS, by the way) do this? If it is non-standard, what is the standard? – PauloASilva Jun 16 '14 at 13:45
  • You might try starting here: [Openssl password to key?](https://stackoverflow.com/questions/9488919/openssl-password-to-key). Or, look at the CryptoJS source code. Google is also helpful: [openssl enc "-k" "EVP_BytesToKey" site:stackoverflow.com](https://www.google.com/#q=openssl+enc+%22-k%22+%22EVP_BytesToKey%22+site%3Astackoverflow.com) – jww Jun 16 '14 at 13:50
  • @jww I did update (Update 3) the question. I am not sure whether we were talking about the same problem. I was studying the enc.c and I could not figure out how and where they are dealing with the "packaging" of ciphered text, iv and salt in a single string. – PauloASilva Jun 17 '14 at 08:33

0 Answers0