Given Final Block not properly padded while AES decryption

Question

First, I\'ll tell what is my primary goal. I\'m going to use AES to encrypt some content in the client side, then use RSA public key to encrypt the important AES specs and s

Answer 1

Since you want to use RSA and did already implement it, there is no need to use a password derivation. Create a random key and random iv:

var key = CryptoJS.lib.WordArray.random(16); // 128bit
var iv = CryptoJS.lib.WordArray.random(16);  // 128bit
var encrypted = CryptoJS.AES.encrypt(message, key, { iv: iv }); // CBC/PKCS#7 is default

Then you send iv.toString(Crypto.enc.Base64), encrypted.ciphertext.toString(Crypto.enc.Base64) and "RSAencrypt(key)" to the server, decode the base64 encoded iv and ciphertext, decrypt the RSA ciphertext to get the AES key and combine all of them to decrypt the ciphertext.

---

Your original problem probably lies in the sizes that you use. CryptoJS has an internal representation which consists of 4 bytes per word. That is why you need to divide by 32 for example to get a 128-bit hash:

var key128Bits = CryptoJS.PBKDF2(pass, salt, { keySize: 128/32 });

The WordArray on the other hand works only on bytes which is why you divide by 8:

var key = CryptoJS.lib.WordArray.random(128/8);