8

I have to decrypt some strings which are AES encrypted.

Example encrypted string: 129212143036071008133136215105140171136216244116

I have a key, and a vector (iv) supplied to me in a byte-array format:

Key: [ 123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209 ]

Vector (iv): [ 146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136 ]

I should be able to decrypt the string and get:

Correct output: testtest

I'm trying to use Crypto.js but I can't find a way to use the supplied key and vector. I can't find a way to convert the byte-arrays to hex.

var encrypted = '129212143036071008133136215105140171136216244116';
var key = CryptoJS.enc.Hex.parse([ 123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209 ]);
var iv  = CryptoJS.enc.Hex.parse([ 146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136 ]);

var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv });

console.log('Output: '+decrypted.toString(CryptoJS.enc.Utf8)); //Should be "testtest"

I would be so grateful if anyone could show me how to decrypt the example string using the key and vector with Crypto.js OR any other js method.

Thanks so much for any help, Kind regards

Community
  • 1
  • 1
Mbmahs
  • 111
  • 1
  • 1
  • 5
  • See http://stackoverflow.com/a/311179/152640 or http://stackoverflow.com/a/9855338/152640 for the byte-array to hex from the related so questions – mothmonsterman Nov 11 '15 at 22:07
  • There is really something wrong with your ciphertext. All characters are 0 through 9, so it's probably not hex-encoded, because AES ciphertexts are really noisy and there really should be some characters in the A through F range. Plus, the ciphertext length is invalid if one would assume CBC mode and Hex-encoding. – Artjom B. Nov 11 '15 at 22:42

3 Answers3

4

Bit of an old post, and I think the API has changed somewhat since then as it now uses WordArray rather than ByteArray.

But I was running into the same issue. Turns out, you can simply provide a base64-encoded string into decrypt(). So all you need to do is to create a base64-encoded string from your original message. I'm not sure what format your message is in now, but I'm going to assume it's a hex string.

var origCipher = "129212143036071008133136215105140171136216244116"; // is this supposed to be a hex string?
var origKey = [ 123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209 ];
var origIV = [ 146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136 ];

var key = CryptoJS.lib.WordArray.create(new UInt8Array(origKey));
var iv = CryptoJS.lib.WordArray.create(new UInt8Array(origIV));
var cipher = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Hex.parse(origCipher));

var plain = CryptoJS.AES.decrypt(cipher, key, { iv: iv });
var plaintext = CryptoJS.enc.UTF8.stringify(plain);

Above code doesn't result in a correct result, though, so your input ciphertext is probably not a hex string.

oisyn
  • 1,306
  • 5
  • 14
2

I can't manage to decrypt your original string, but I can successful use it to encrypt and decrypt a new string. In your initial implementation, an error occurs in aes.js because it expects key and iv to be strings rather than arrays. I have corrected this code example below:

//var encrypted = '129212143036071008133136215105140171136216244116';

var key = CryptoJS.enc.Hex.parse(CryptoJS.lib.ByteArray([123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209]));
var iv = CryptoJS.enc.Hex.parse(CryptoJS.lib.ByteArray([146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136]));

var  message = 'testest'
var encrypted =  CryptoJS.AES.encrypt(message, key, {
  'iv': iv
});


var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  'iv': iv
});
document.write('Output: ' + decrypted.toString(CryptoJS.enc.Utf8)); //Should be "testtest"
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/pad-nopadding-min.js"></script>
<script src="https://greasyfork.org/scripts/6696-cryptojs-lib-bytearray/code/CryptoJSlibByteArray.js"></script>
Alex
  • 21,273
  • 10
  • 61
  • 73
  • Thank you for your answer. It really helped, but unfortunately I couldn't get it to decrypt the strings i have to decrypt. I found a non-js solution - se my answer below. I think your answer is correct, as you showed me how to convert the byte-arrays to hex, So thank you so much! – Mbmahs Nov 12 '15 at 22:30
  • See what you did there... overrode the `var encrypted` and then encrypted decrypted your way. deserves a down vote though not doing that. – jeet.chanchawat Feb 16 '17 at 09:47
  • @jeet.chanchawat, as mentioned in the post I couldn't decrypt original string, and therefore gave a encrypt/decrypt example instead. I agree with you that this is confusing and have therefore commented out the first assignment. I will also try to get this snippet working again, i noticed is its failing at the moment. – Alex Feb 16 '17 at 14:53
  • How is this an accepted answer? I'm running in the exact same issue. The problem is, I don't have access to the object returned by encrypt(), I only have the bytes (in the form of a base64 string). I can't convert to utf-8 because it's not a utf-8 string, so that doesn't help either. Why does it not accept a WordArray or ByteArray? – oisyn Dec 21 '20 at 14:18
  • Ah, just found the answer! Posting a separate answer below. – oisyn Dec 21 '20 at 14:24
2

I ended up using a .net ashx generic handler, to which i post the data over ssl, and the server-side decryption takes place using the simpleAES class. This class uses block-size as a parameter which seems to make the difference and using this approach I was able to decrypt all the strings i needed to.

More info about simpleAES here: https://github.com/huanlin/YetAnotherLibrary/blob/master/Source/Yalib/Cryptography/SimpleAes.cs

Thanks again for the help!

Mbmahs
  • 111
  • 1
  • 1
  • 5