Friday, May 17, 2024
Homepage · encryption
 Popular · Latest · Hot · Upcoming
194
rated 0 times [  200] [ 6]  / answers: 1 / hits: 6873  / 4 Years ago, thu, november 12, 2020, 12:00:00

https://cryptojs.gitbook.io/docs/ just said "CryptoJS supports AES-128, AES-192, and AES-256. It will pick the variant by the size of the key you pass in. If you use a passphrase, then it will generate a 256-bit key."


But what is default config like mode, padding, iv ? I notice there is a CipherOption for mode & padding


interface CipherHelper {

    encrypt(message: WordArray | string, key: WordArray | string, cfg?: CipherOption): CipherParams;

    decrypt(ciphertext: CipherParams | string, key: WordArray | string, cfg?: CipherOption): WordArray;

}

But I can't figure what the default value, e.g. it does not look like ECB mode by default.


My second question is how does it decide to use ace-128, aes-192, ase-256 based on the key I input, e.g. if I use a short string key like "my password" will it decide to use ace-128 then ? How ?


--- update ---


Except for the answer, I find cryptojs: How to generate AES passphrase is also helpful to understand the passphrase used in CryptoJS.


More From » encryption
 Answers
11

Your link to the CryptoJs-docs (https://cryptojs.gitbook.io/docs/) reveals the answers to your questions but we do have two scenarios.



  1. you are feeding the encrypt function with a passphrase or 2) you are giving an explicit key as input.


Scenario 1: you feed a password/passphrase like "myPassword" to the function:


CryptoJS.AES.encrypt("Message", "Secret Passphrase");

Now CryptoJs derives a 32 byte long encryption key for AES-256 and a 16 byte long initialization vector (iv) from the password, encrypts the "Message" using this key, iv in AES mode CBC and (default) padding Pkcs7.


Scenario 2: you feed a key to the function:


var key = CryptoJS.enc.Hex.parse("000102030405060708090a0b0c0d0e0f");

​var iv = CryptoJS.enc.Hex.parse("101112131415161718191a1b1c1d1e1f");

​var encrypted = CryptoJS.AES.encrypt("Message", key, { iv: iv });

Now CryptoJs takes the key for AES-128/192/256 depending on the key length (16/24/32 bytes) and the 16 byte long initialization vector (iv) from the password, encrypts the "Message" using this key, iv in AES mode CBC and (default) padding Pkcs7.


more options: You can use other modes or padding when using the options like this (key + iv derivation from passphrase, AES mode CFB and padding AnsiX923):


var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase", {

  mode: CryptoJS.mode.CFB,

  padding: CryptoJS.pad.AnsiX923

});

[#2315] Saturday, November 7, 2020, 4 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
mustafaericho
Add To Favorites
Follow
Total Points: 322
Total Questions: 103
Total Answers: 110
Location: Montenegro
Member since Thu, Jun 16, 2022
2 Years ago
mustafaericho questions
Mon, May 31, 21, 00:00, 3 Years ago
Sun, May 23, 21, 00:00, 3 Years ago
Sat, Feb 13, 21, 00:00, 3 Years ago
Sat, Jan 2, 21, 00:00, 3 Years ago
Tue, Apr 14, 20, 00:00, 4 Years ago
View All
;