Crypto.js decrypt with key and iv (vector) in byte arrays

Question

I have to decrypt some strings which are AES encrypted.

Example encrypted string: 129212143036071008133136215105140171136216244116

I have a key, and a vector (iv) supplied to me in a byte-array format:

Key: [ 123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209 ]

Vector (iv): [ 146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136 ]

I should be able to decrypt the string and get:

Correct output: testtest

I'm trying to use Crypto.js but I can't find a way to use the supplied key and vector. I can't find a way to convert the byte-arrays to hex.

var encrypted = '129212143036071008133136215105140171136216244116';
var key = CryptoJS.enc.Hex.parse([ 123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209 ]);
var iv  = CryptoJS.enc.Hex.parse([ 146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136 ]);

var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv });

console.log('Output: '+decrypted.toString(CryptoJS.enc.Utf8)); //Should be "testtest"

I would be so grateful if anyone could show me how to decrypt the example string using the key and vector with Crypto.js OR any other js method.

Thanks so much for any help, Kind regards

Answer 1

I can't manage to decrypt your original string, but I can successful use it to encrypt and decrypt a new string. In your initial implementation, an error occurs in aes.js because it expects key and iv to be strings rather than arrays. I have corrected this code example below:

//var encrypted = '129212143036071008133136215105140171136216244116';

var key = CryptoJS.enc.Hex.parse(CryptoJS.lib.ByteArray([123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209]));
var iv = CryptoJS.enc.Hex.parse(CryptoJS.lib.ByteArray([146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136]));

var  message = 'testest'
var encrypted =  CryptoJS.AES.encrypt(message, key, {
  'iv': iv
});


var decrypted = CryptoJS.AES.decrypt(encrypted, key, {
  'iv': iv
});
document.write('Output: ' + decrypted.toString(CryptoJS.enc.Utf8)); //Should be "testtest"

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/components/pad-nopadding-min.js"></script>
<script src="https://greasyfork.org/scripts/6696-cryptojs-lib-bytearray/code/CryptoJSlibByteArray.js"></script>

Answer 2

I ended up using a .net ashx generic handler, to which i post the data over ssl, and the server-side decryption takes place using the simpleAES class. This class uses block-size as a parameter which seems to make the difference and using this approach I was able to decrypt all the strings i needed to.

More info about simpleAES here: https://github.com/huanlin/YetAnotherLibrary/blob/master/Source/Yalib/Cryptography/SimpleAes.cs

Thanks again for the help!

Answer 3

Bit of an old post, and I think the API has changed somewhat since then as it now uses WordArray rather than ByteArray.

But I was running into the same issue. Turns out, you can simply provide a base64-encoded string into decrypt(). So all you need to do is to create a base64-encoded string from your original message. I'm not sure what format your message is in now, but I'm going to assume it's a hex string.

var origCipher = "129212143036071008133136215105140171136216244116"; // is this supposed to be a hex string?
var origKey = [ 123, 217, 20, 11, 24, 26, 85, 45, 114, 184, 27, 162, 37, 115, 222, 209, 241, 24, 175, 144, 175, 53, 196, 29, 24, 23, 17, 218, 131, 226, 53, 209 ];
var origIV = [ 146, 66, 191, 151, 23, 3, 113, 119, 231, 131, 133, 112, 79, 32, 114, 136 ];

var key = CryptoJS.lib.WordArray.create(new UInt8Array(origKey));
var iv = CryptoJS.lib.WordArray.create(new UInt8Array(origIV));
var cipher = CryptoJS.enc.Base64.stringify(CryptoJS.enc.Hex.parse(origCipher));

var plain = CryptoJS.AES.decrypt(cipher, key, { iv: iv });
var plaintext = CryptoJS.enc.UTF8.stringify(plain);

Above code doesn't result in a correct result, though, so your input ciphertext is probably not a hex string.