Code Sample is as follows:
var crypto = require('crypto');
var key = 'ExchangePasswordPasswordExchange';
var plaintext = '150.01';
var iv = new Buffer(crypto.randomBytes(16))
ivstring = iv.toString('hex');
var cipher = crypto.createCipheriv('aes-256-cbc', key, ivstring)
var decipher = crypto.createDecipheriv('aes-256-cbc', key,ivstring);
cipher.update(plaintext, 'utf8', 'base64');
var encryptedPassword = cipher.final('base64');
Getting error of invalid IV length.
So your binary string is being interpreted as utf8 and is most likely becoming larger than 16 bytes during that conversion process (rather than smaller than 16 bytes) due to invalid utf8 character bytes being added. Modifying your code so that ivstring is always 16 characters in length should solve your issue.
The AES algorithm requires that the IV size must be 16 bytes (128 bits).
The block size of AES is always 128 bits, so a 256 bit IV is not possible for most modes of operation. As already noted in a few answers, Rijndael can be configured with a block size of 256 bit, but Rijndael is not included in the standard runtime.
So for CBC the IV must be the same as the blocksize, which in AES is always 128bit (regardless of the keysize). The benefit for security isn't as much considering the IV length, don't think that a longer IV must mean better security, the IV is not the key! The issue with IVs is more what/how you generate your IVs.
java.security.InvalidKeyException: Invalid AES key length: 44 bytes at java.base/com.sun.crypto.provider.AESCrypt.init (AESCrypt.java:90) An AES key has to be 16 bytes long for AES 128 or 24 bytes or 32 bytes but not 44 bytes long. Are you sure that your key is not Base64 encoded and just needs to get decoded?
For example, your encryption key is meant to be 256 bits or 32 bytes. You have included 32 bytes of ASCII, but as a hexadecimal number it is only 16 bytes. What you want is: Notice that I had to double the length of the hex numbers in order to reach the proper key length for aes-256-cbc.
From https://github.com/nodejs/node/issues/6696#issuecomment-218575039 -
The default string encoding used by the crypto module changed in v6.0.0 from binary to utf8. So your binary string is being interpreted as utf8 and is most likely becoming larger than 16 bytes during that conversion process (rather than smaller than 16 bytes) due to invalid utf8 character bytes being added.
Modifying your code so that ivstring
is always 16 characters in length should solve your issue.
var ivstring = iv.toString('hex').slice(0, 16);
The above answer adds more overhead than needed, since you converted each byte to a hexidecimal representation that requires twice as many bytes all you need to do is generate half the number of bytes
var crypto = require('crypto');
var key = 'ExchangePasswordPasswordExchange';
var plaintext = '150.01';
var iv = new Buffer(crypto.randomBytes(8))
ivstring = iv.toString('hex');
var cipher = crypto.createCipheriv('aes-256-cbc', key, ivstring)
var decipher = crypto.createDecipheriv('aes-256-cbc', key,ivstring);
cipher.update(plaintext, 'utf8', 'base64');
var encryptedPassword = cipher.final('base64');
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With