Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Golang AES-CBC 256 to decrypt using CryptoJS

Been working for days trying to get Golang AES-CBC to CryptoJS working (or vice-versa), I fixed most of the errors but not getting decryption even though i have confirmed the key, iv, ciphertext is the same on both ends.

There must be someone who knows, there is no working example anywhere on the net for this...

//golang

    if a == "test64bytes" {
        output = "AAAAAAAABBBBBBBBCCCCCCCCDDDDDDDDAAAAAAAABBBBBBBBCCCCCCCCDDDDDDDD"
    }
    // encrypt ajax response
    iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
    ciphertext := []byte(output)
    ckey := decodeBase64(string(PLAINkey[0:32]))

    c, err := aes.NewCipher(ckey)
    cfbdec := cipher.NewCBCDecrypter(c, iv)
    plaintext := make([]byte, len(ciphertext))
    cfbdec.CryptBlocks(plaintext, ciphertext)
    crypt := string(encodeBase64(plaintext))
    fmt.Fprintf(res, "%v", crypt)

    fmt.Println(encodeBase64(ckey))
    fmt.Println(encodeBase64(iv))
    fmt.Println(crypt)

// javascript

    if (xmlhttp.readyState==4 && xmlhttp.status==200)
                    {
                        var enc = {};
                        enc["key"] = CryptoJS.enc.Base64.parse(keyseed.substring(0,32));
                        enc["iv"] = CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==");
                        enc["ciphertext"] = CryptoJS.enc.Base64.parse(xmlhttp.responseText);
                        enc["salt"] = "";
                        console.log("RESPONSE:", xmlhttp.responseText, atob(xmlhttp.responseText));
                                      // check i'm using same data
                        console.log(CryptoJS.enc.Base64.stringify(enc["key"]));
                        console.log(CryptoJS.enc.Base64.stringify(enc["iv"]));
                        console.log(CryptoJS.enc.Base64.stringify(enc["ciphertext"]));
                        var options = { keySize: 256 / 8, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: enc["iv"] };
                        de = CryptoJS.AES.decrypt(enc, enc["key"], options);
                        document.getElementById(target).innerHTML = de.toString();
                        console.log(de.toString(CryptoJS.enc.Utf8));
                        console.log("DECRYPTION FINISHED");
                    }
like image 761
user2562301 Avatar asked Apr 29 '14 19:04

user2562301


1 Answers

After methodically trying all possible AES configurations I can now decrypt my text..

...using a blank iv ("AAAAAAAAAAAAAAAAAAAAAA==") for this example. If you use a different one it will become the first block of plaintext when encrypting...

Go > CryptoJS

// Go

plaintext := []byte("THIS NEEDS TO BE MULTIPLE OF BLOCK LENGTH (16) I THINK")
// encrypt ajax response
iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
ckey := decodeBase64(string(PLAINkey[0:32]))

c, err := aes.NewCipher(ckey)
cfbdec := cipher.NewCBCEncrypter(c, iv)
ciphertext := make([]byte, len(plaintext))
cfbdec.CryptBlocks(ciphertext, plaintext)
crypt := string(encodeBase64(ciphertext))
fmt.Fprintf(res, "%v", crypt)

// JavaScript Ajax

if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
    var symkey = keyseed.substring(0,32);
    var cipherParams = CryptoJS.lib.CipherParams.create({ ciphertext: CryptoJS.enc.Base64.parse(xmlhttp.responseText) });
    var options = { mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.NoPadding, iv: CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==") };
    de = CryptoJS.AES.decrypt(cipherParams, CryptoJS.enc.Base64.parse(symkey), options);
    document.getElementById(target).innerHTML = de.toString(CryptoJS.enc.Utf8);
    console.log("DECRYPTION FINISHED");
}
like image 138
user2562301 Avatar answered Oct 12 '22 06:10

user2562301