Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

i want to know how aes create key and iv from salt and passphrase #502

Open
ghost opened this issue Sep 7, 2024 · 5 comments
Open

i want to know how aes create key and iv from salt and passphrase #502

ghost opened this issue Sep 7, 2024 · 5 comments

Comments

@ghost
Copy link

ghost commented Sep 7, 2024

from the doc var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase");

encrypted.key

"74eb593087a982e2a6f5dded54ecd96d1fd0f3d44a58728cdcd40c55227522223 ";

encrypted.iv
"7781157e2629b094f0e3dd48c4d786115";

encrypted.salt
"7a25f9132ec6a8b34";

encrypted.ciphertext
"73e54154a15d1beeb509d9e12f1e462a0";

encrypted
"U2FsdGVkX1+iX5Ey7GqLND5UFUoV0b7rUJ2eEvHkYqA=";

i have no idea how to get key and iv, then i ask chatgpt, it give me some code

// Define passphrase and salt
const passphrase = 'your-passphrase';
const salt = CryptoJS.enc.Hex.parse('your-salt-in-hex'); // Salt should be in a suitable format

// Derive key and IV using PBKDF2
const keySize = 256 / 32; // Key size in words
const ivSize = 128 / 32; // IV size in words
const iterations = 1000; // Number of iterations

// Derive key
const key = CryptoJS.PBKDF2(passphrase, salt, {
keySize: keySize + ivSize, // Total size for key and IV
iterations: iterations
});

// Extract key and IV
const derivedKey = CryptoJS.lib.WordArray.create(key.words.slice(0, keySize)); // Extract key
const iv = CryptoJS.lib.WordArray.create(key.words.slice(keySize)); // Extract IV

but when i input the passphrase and salt in chatgpt code. it does not create the same key as that in encrypted.key and encrypted.iv. plèase help me to understand how to get key and iv

@nikhiltekwani09
Copy link

@fancy45daddy were you able to figure this out
I also want the same information to write the code in native module

@grandmastergainz
Copy link

grandmastergainz commented Sep 24, 2024 via email

@nikhiltekwani09
Copy link

I m not sure right now, till I have the complete information which @fancy45daddy is requesting

@Aobanana-chan
Copy link

I am trying to decrypt encrypted content using a backend in a different language, and I solved this problem today. When you enter the Secret Passphrase, crypto-js consistently uses AES-256-CBC for encryption.
The first 16 bytes of the encrypted content are related to the Salt. The first 8 bytes are a verification flag, which is fixed as 'Salted__', and the next 8 bytes are the actual Salt.
Then, crypto-js simulates the OpenSSL EVP_bytesToKey function (evpkdf) and performs an MD5 hash on the Key and Salt. For the specific implementation, please refer to the compute function in evpkdf.js. This calculates a 48-byte data output, where the first 32 bytes are the key and the last 16 bytes are the IV.

@adamgogogo
Copy link

I am trying to decrypt encrypted content using a backend in a different language, and I solved this problem today. When you enter the Secret Passphrase, crypto-js consistently uses AES-256-CBC for encryption. The first 16 bytes of the encrypted content are related to the Salt. The first 8 bytes are a verification flag, which is fixed as 'Salted__', and the next 8 bytes are the actual Salt. Then, crypto-js simulates the OpenSSL EVP_bytesToKey function (evpkdf) and performs an MD5 hash on the Key and Salt. For the specific implementation, please refer to the compute function in evpkdf.js. This calculates a 48-byte data output, where the first 32 bytes are the key and the last 16 bytes are the IV.

that works~ very appreciated!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants