Been working for days trying to get Golang AES-CBC to CryptoJS working (or vice-versa), I fixed most of the errors but not getting decryption even though i have confirmed the key, iv, ciphertext is the same on both ends.
There must be someone who knows, there is no working example anywhere on the net for this...
//golang
if a == "test64bytes" {
output = "AAAAAAAABBBBBBBBCCCCCCCCDDDDDDDDAAAAAAAABBBBBBBBCCCCCCCCDDDDDDDD"
}
// encrypt ajax response
iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
ciphertext := []byte(output)
ckey := decodeBase64(string(PLAINkey[0:32]))
c, err := aes.NewCipher(ckey)
cfbdec := cipher.NewCBCDecrypter(c, iv)
plaintext := make([]byte, len(ciphertext))
cfbdec.CryptBlocks(plaintext, ciphertext)
crypt := string(encodeBase64(plaintext))
fmt.Fprintf(res, "%v", crypt)
fmt.Println(encodeBase64(ckey))
fmt.Println(encodeBase64(iv))
fmt.Println(crypt)
// javascript
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
var enc = {};
enc["key"] = CryptoJS.enc.Base64.parse(keyseed.substring(0,32));
enc["iv"] = CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==");
enc["ciphertext"] = CryptoJS.enc.Base64.parse(xmlhttp.responseText);
enc["salt"] = "";
console.log("RESPONSE:", xmlhttp.responseText, atob(xmlhttp.responseText));
// check i'm using same data
console.log(CryptoJS.enc.Base64.stringify(enc["key"]));
console.log(CryptoJS.enc.Base64.stringify(enc["iv"]));
console.log(CryptoJS.enc.Base64.stringify(enc["ciphertext"]));
var options = { keySize: 256 / 8, mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: enc["iv"] };
de = CryptoJS.AES.decrypt(enc, enc["key"], options);
document.getElementById(target).innerHTML = de.toString();
console.log(de.toString(CryptoJS.enc.Utf8));
console.log("DECRYPTION FINISHED");
}
After methodically trying all possible AES configurations I can now decrypt my text..
...using a blank iv ("AAAAAAAAAAAAAAAAAAAAAA==") for this example. If you use a different one it will become the first block of plaintext when encrypting...
Go > CryptoJS
// Go
plaintext := []byte("THIS NEEDS TO BE MULTIPLE OF BLOCK LENGTH (16) I THINK")
// encrypt ajax response
iv := decodeBase64("AAAAAAAAAAAAAAAAAAAAAA==")
ckey := decodeBase64(string(PLAINkey[0:32]))
c, err := aes.NewCipher(ckey)
cfbdec := cipher.NewCBCEncrypter(c, iv)
ciphertext := make([]byte, len(plaintext))
cfbdec.CryptBlocks(ciphertext, plaintext)
crypt := string(encodeBase64(ciphertext))
fmt.Fprintf(res, "%v", crypt)
// JavaScript Ajax
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
var symkey = keyseed.substring(0,32);
var cipherParams = CryptoJS.lib.CipherParams.create({ ciphertext: CryptoJS.enc.Base64.parse(xmlhttp.responseText) });
var options = { mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.NoPadding, iv: CryptoJS.enc.Base64.parse("AAAAAAAAAAAAAAAAAAAAAA==") };
de = CryptoJS.AES.decrypt(cipherParams, CryptoJS.enc.Base64.parse(symkey), options);
document.getElementById(target).innerHTML = de.toString(CryptoJS.enc.Utf8);
console.log("DECRYPTION FINISHED");
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With