Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Getting error of Invalid IV Length while using aes-256-cbc for encryption in node

Tags:

node.js

Code Sample is as follows:

  var crypto = require('crypto');
  var key = 'ExchangePasswordPasswordExchange';
  var  plaintext = '150.01';
  var iv = new Buffer(crypto.randomBytes(16))
  ivstring = iv.toString('hex');


  var cipher = crypto.createCipheriv('aes-256-cbc', key, ivstring)
  var  decipher = crypto.createDecipheriv('aes-256-cbc', key,ivstring);

  cipher.update(plaintext, 'utf8', 'base64');
  var encryptedPassword = cipher.final('base64');

Getting error of invalid IV length.

like image 418
Aniket B Avatar asked Feb 27 '17 12:02

Aniket B


People also ask

What is invalid IV length?

So your binary string is being interpreted as utf8 and is most likely becoming larger than 16 bytes during that conversion process (rather than smaller than 16 bytes) due to invalid utf8 character bytes being added. Modifying your code so that ivstring is always 16 characters in length should solve your issue.

What is IV length in AES?

The AES algorithm requires that the IV size must be 16 bytes (128 bits).

What is the block size of AES 256 bit IV?

The block size of AES is always 128 bits, so a 256 bit IV is not possible for most modes of operation. As already noted in a few answers, Rijndael can be configured with a block size of 256 bit, but Rijndael is not included in the standard runtime.

What is the IV size for CBC and AES?

So for CBC the IV must be the same as the blocksize, which in AES is always 128bit (regardless of the keysize). The benefit for security isn't as much considering the IV length, don't think that a longer IV must mean better security, the IV is not the key! The issue with IVs is more what/how you generate your IVs.

What is the maximum length of an AES key in Java?

java.security.InvalidKeyException: Invalid AES key length: 44 bytes at java.base/com.sun.crypto.provider.AESCrypt.init (AESCrypt.java:90) An AES key has to be 16 bytes long for AES 128 or 24 bytes or 32 bytes but not 44 bytes long. Are you sure that your key is not Base64 encoded and just needs to get decoded?

How many bytes is a 256 bit encryption key?

For example, your encryption key is meant to be 256 bits or 32 bytes. You have included 32 bytes of ASCII, but as a hexadecimal number it is only 16 bytes. What you want is: Notice that I had to double the length of the hex numbers in order to reach the proper key length for aes-256-cbc.


2 Answers

From https://github.com/nodejs/node/issues/6696#issuecomment-218575039 -

The default string encoding used by the crypto module changed in v6.0.0 from binary to utf8. So your binary string is being interpreted as utf8 and is most likely becoming larger than 16 bytes during that conversion process (rather than smaller than 16 bytes) due to invalid utf8 character bytes being added.

Modifying your code so that ivstring is always 16 characters in length should solve your issue.

var ivstring = iv.toString('hex').slice(0, 16);
like image 106
GPX Avatar answered Sep 24 '22 23:09

GPX


The above answer adds more overhead than needed, since you converted each byte to a hexidecimal representation that requires twice as many bytes all you need to do is generate half the number of bytes

  var crypto = require('crypto');
  var key = 'ExchangePasswordPasswordExchange';
  var  plaintext = '150.01';
  var iv = new Buffer(crypto.randomBytes(8))
  ivstring = iv.toString('hex');


  var cipher = crypto.createCipheriv('aes-256-cbc', key, ivstring)
  var  decipher = crypto.createDecipheriv('aes-256-cbc', key,ivstring);

  cipher.update(plaintext, 'utf8', 'base64');
  var encryptedPassword = cipher.final('base64');
like image 41
user618509 Avatar answered Sep 20 '22 23:09

user618509