How to decrypt AES ECB using crypto-js

|▌冷眼眸甩不掉的悲伤 提交于 2019-12-05 15:54:08

The example below returns the desired output using AES and ECB.

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>
    <script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/rollups/aes.js"></script>
    <script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/components/mode-ecb.js"></script>
    <script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js"></script>


    <script>
        var encrypted = '3ad77bb40d7a3660a89ecaf32466ef97',
            key = CryptoJS.enc.Hex.parse('2b7e151628aed2a6abf7158809cf4f3c'),
            cipherParams = CryptoJS.lib.CipherParams.create({
                ciphertext: CryptoJS.enc.Hex.parse(encrypted)         
            });

        var decrypted3 = CryptoJS.AES.decrypt(cipherParams, key, {mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.NoPadding });
        document.write("<br /> dec3: " + CryptoJS.enc.Hex.stringify(decrypted3));
    </script>
</body>
</html>

The only real differences is creating a cypherParams object using CryptoJS.lib.CipherParams.create(). According to the official docs a cypherParams object "gives you access to all the parameters used during encryption" including key, iv, salt and the original cypherText. Basically all the info needed to decrypt it. In our case we needed to convert the encrypted data to cypherParam with only the cypherText property. Incidentally the cypherParam can be stringified using standard formats, which is how it is communicated to other systems.

Regarding the padding, as I understand it Pkcs7 is an extension of Pkcs5 and should work for any cypher created using Pkcs5. When I tried the code sample above without the NoPadding option (defaulting to Pkcs7) it didn't work, but I can't tell what was used in creating that encrypted data. At least that AES Test Vectors page you linked to doesn't tell us.

Gave up with ECB, tried various permutations with CBC, and got one to work. It also seems that it is OK to send the IV in plain text from client to server.

Here is the version which correctly outputs "6bc1bee22e409f96e93d7e117393172a". Shock.

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>
<script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/rollups/aes.js"></script>
<!--script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/components/mode-cbc.js"></script-->
<script src="http://crypto-js.googlecode.com/svn/tags/3.1/build/components/pad-nopadding.js"></script>
<script>
    var key = CryptoJS.enc.Hex.parse('2b7e151628aed2a6abf7158809cf4f3c');
    var iv = CryptoJS.enc.Hex.parse('000102030405060708090A0B0C0D0E0F');
    var data = CryptoJS.enc.Hex.parse('7649abac8119b246cee98e9b12e9197d');      

    var encrypted = {};
    encrypted.key=key;
    encrypted.iv=iv;
    encrypted.ciphertext = data;

    var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: iv, padding: CryptoJS.pad.NoPadding });

    document.write("<br /> dec3: " + CryptoJS.enc.Hex.stringify(decrypted));
</script>
</body>
</html>

This a working and updated answer, with updated CDN links and a function that converts the resultant decrypted data into plaintext.

<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    </head>
    <body>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/core.js"></script>

    <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/cipher-core.js"></script>

    <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/aes.js"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/mode-ecb.js"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/pad-nopadding.js"></script>


    <script>
    var encrypted = 'B655564D4428C56E7F9E44D81770CFDBC3FB0FCEA8FFDF7CC936FFE6C7A595A0FE085FAA65796C4C24D0862FAF56CAA1880DCD281A891DD1E999F953F2B669291B41B486E0FEC5E11BE7B7348703665081E4FF79F815C35803506468548F3C5EE13B5783A0E22D91E08CB1897E4D135DA8C4E650A1D51FFDDD210311A0835FD8E8EE08CC968F8A0B0EF811554872A093',
    key = CryptoJS.enc.Hex.parse('844AF9144552AFAE26A9C45FD5882718'),
    cipherParams = CryptoJS.lib.CipherParams.create({
        ciphertext: CryptoJS.enc.Hex.parse(encrypted)
    });

    var decrypted3 = CryptoJS.AES.decrypt(cipherParams, key, 
    {mode: CryptoJS.mode.ECB, 
        padding: CryptoJS.pad.NoPadding });
       document.write("<br />" + hex2a(CryptoJS.enc.Hex.stringify(decrypted3)));
    function hex2a(hexx) {
    var hex = hexx.toString();//force conversion
    var str = '';
    for (var i = 0; i < hex.length; i += 2)
        str += String.fromCharCode(parseInt(hex.substr(i, 2), 16));
    return str;
}
</script>
</body>
</html>
标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!