cryptojs: How to generate AES passphrase

Question

I want to generate a 256bit password for my AES encryption. When I check the password after the encryption it is different from my initial password. What am I doing wrong? Or i

Answer 1

I found the solution. You can define your own key using var encrypted = CryptoJS.AES.encrypt("Message", key, { iv: iv });

So my source code is:

key=CryptoJS.enc.Hex.parse(Generate_key());
iv=CryptoJS.enc.Hex.parse(Generate_key());
var encrypted = CryptoJS.AES.encrypt("Message", key, { iv: iv });

Answer 2

Encryption is done with a key, which is a set of binary bits, not a password, which implies a human-readable string.

To go from a password to a key, one can use a Password Based Key Derivation Function, such as PBKDF2. Crypto-JS already has a PBKDF2 function built-in, i.e.

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/pbkdf2.js"></script>
<script>
    var salt = CryptoJS.lib.WordArray.random(128/8);

    var key128Bits = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 128/32 });
    var key256Bits = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 256/32 });
    var key512Bits = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 512/32 });

    var key512Bits1000Iterations = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 512/32, iterations: 1000 });
</script>

In general, use as high an iteration count as you can get away with.

Salt should be a random value, as in the example above; you'll need, of course, to store that value along with the iteration count in order to get the same key given the same passphrase.