Why did node.js use Crypto.js to encrypt, but fails to decrypt?

Question

I used json to encrypt the values. However, I tried to decrypt the value again, but it was unsuccessful. The value is empty.

node.js source

import CryptoJS from 'crypto-js';

const EncryptHex = (string, chip) => {
  let result = '';
  try {
    const key = CryptoJS.enc.Hex.parse(STORE_KEY);
    if (chip === 'AES') {
      const iv = CryptoJS.lib.WordArray.create([0x00, 0x00, 0x00, 0x00]);
      result = CryptoJS.AES.encrypt(string, key, {
        iv: iv,
        mode: CryptoJS.mode.CBC,
      });
      result = result.ciphertext.toString(CryptoJS.enc.Hex);
      DecryptHex(result, 'AES', STORE_KEY);
    } else {
      result = CryptoJS.HmacSHA256(string, key).toString(CryptoJS.enc.Hex);
    }
    return result;
  } catch (error) {
    throw error;
  }
};

const DecryptHex = (string, chip, skey) => {
  let result = '';
  const key = CryptoJS.enc.Hex.parse(skey);
  const iv = CryptoJS.lib.WordArray.create([0x00, 0x00, 0x00, 0x00]);
  try {
    const array = CryptoJS.enc.Hex.parse(string);
    if (chip === 'AES') {
      result = CryptoJS.AES.decrypt(array, key, {
        iv: iv,
        mode: CryptoJS.mode.CBC,
      }).toString();
      console.log('$$$$');
      console.log('result : ', result);
      console.log('$$$$');
    } else {
      result = array;
    }
    return result;
  } catch (error) {
    throw error;
  }
};

log value

$$$$
result :  
$$$$

What is the reason? How can I solve this problem?

Terry Lennox · Accepted Answer

There are a couple of things we need to do, number 1, get the right key length, this should be either 128,192, or 256 bits long.

In this code I'm using a 256 bit key. Don't use this in production :)

Also, if you use the format: CryptoJS.format.Hex when decrypting, it will accept a hex encoded ciphertext.

This should encrypt and then decrypt a test message:

// Using a 256-bit key to ensure we use AES-256
STORE_KEY = "7246b9b8171743cd9cf285367a2fd5ad";

const EncryptHex = (string, chip, skey) => {
    let result = '';
    try {
        const key = CryptoJS.enc.Hex.parse(skey);
        if (chip === 'AES') {
            const iv = CryptoJS.lib.WordArray.create([0x00, 0x00, 0x00, 0x00]);
            result = CryptoJS.AES.encrypt(string, key, {
                iv: iv,
                mode: CryptoJS.mode.CBC,
            });
            result = result.ciphertext.toString(CryptoJS.enc.Hex);
        } else {
            result = CryptoJS.HmacSHA256(string, key).toString(CryptoJS.enc.Hex);
        }
        return result;
    } catch (error) {
        throw error;
    }
};

const DecryptHex = (encryptedStringHex, chip, skey) => {
    let result = '';
    const key = CryptoJS.enc.Hex.parse(skey);
    const iv = CryptoJS.lib.WordArray.create([0x00, 0x00, 0x00, 0x00]);
    try {
        const array = CryptoJS.enc.Hex.parse(encryptedStringHex);
        if (chip === 'AES') {
            result = CryptoJS.AES.decrypt(encryptedStringHex, key, {
                iv: iv,
                format: CryptoJS.format.Hex,
                mode: CryptoJS.mode.CBC,
            }).toString(CryptoJS.enc.Utf8);
            console.log('$$$$');
            console.log('result : ', result);
            console.log('$$$$');
        } else {
            result = array;
        }
        return result;
    } catch (error) {
        throw error;
    }
};

let encrypted = EncryptHex("A good story cannot be devised; it has to be distilled", "AES", STORE_KEY);
console.log("Encrypted data:", encrypted);

console.log("Decrypted data:");
DecryptHex(encrypted, "AES", STORE_KEY);

Why did node.js use Crypto.js to encrypt, but fails to decrypt?

Answers (2)

Related Questions