Not able to decrypt the openSSL encrypted password using CryptoJS

Question

Not able to decrypt the openSSL encrypted password using CryptoJS

GoogleCodeExporter opened this issue 9 years ago · 7 comments

GoogleCodeExporter commented 9 years ago

What steps will reproduce the problem?
1.Encrypt using OpenSSL:
echo -n "Hello World" | openssl enc -a -nosalt -aes-256-cbc -p -K 
BBF2DEAD374654CBB32A917AFD2366568458966D4E432EA50AD491B4C49515BF -iv 
58A5C8CC233A21DE8D9890CF843A3AA9 -pass pass:ABC123 -e -base64
key=BBF2DEAD374654CBB32A917AFD2366568458966D4E432EA50AD491B4C49515BF
iv =58A5C8CC233A21DE8D9890CF843A3AA9
SkcuPuz7/nelTfCbCisuKA==
2.Decrypt using CryptoJS:    var encrypted = 
{"ct":"SkcuPuz7/nelTfCbCisuKA==","iv":"58A5C8CC233A21DE8D9890CF843A3AA9","s":"",
"key":"BBF2DEAD374654CBB32A917AFD2366568458966D4E432EA50AD491B4C49515BF"};
3.var decrypted = CryptoJS.AES.decrypt(JsonFormatter.stringify(encrypted), 
"ABC123", { format: JsonFormatter });
4.alert(decrypted.toString(CryptoJS.enc.Utf8));


What is the expected output? What do you see instead?
The expected output should be "Hello World" But i see empty value instead

What version of the product are you using? On what operating system?
I tried both 3.0.2 and 3.1.2. In 3.1.2 it is showing the malformed UTF-8 error.

Please provide any additional information below.

Original issue reported on code.google.com by chintani...@gmail.com on 18 Jun 2013 at 3:32

Answer 1 · 2015-06-18T20:13:26.000Z

A number of problems here. First, in the openssl command, you provide a 
password even though you've already provided both a key and IV. I don't think 
the password even comes into play anymore. Second, the input to a formatter's 
stringify method must be a cipher params object, which your object isn't. If 
your whole JSON object was one long string, then you could convert it to a 
cipher params object with JsonFormatter.parse.

Original comment by Jeff.Mott.OR on 18 Jun 2013 at 4:05

Answer 2 · 2015-06-18T20:13:26.000Z

Thanks Jeff. i am getting empty value if i follow your suggestion. Can you 
please correct me where i am getting it wrong.

var decrypted = 
CryptoJS.AES.decrypt(JsonFormatter.parse(JsonFormatter.stringify(encrypted)), 
"ABC123", { format: JsonFormatter });
console.log(decrypted.toString(CryptoJS.enc.Utf8));

Original comment by chintani...@gmail.com on 18 Jun 2013 at 4:53

Answer 3 · 2015-06-18T20:13:26.000Z

var encrypted = 
JsonFormatter.parse('{"ct":"SkcuPuz7/nelTfCbCisuKA==","iv":"58A5C8CC233A21DE8D98
90CF843A3AA9"}');
var key = 
CryptoJS.enc.Hex.parse('BBF2DEAD374654CBB32A917AFD2366568458966D4E432EA50AD491B4
C49515BF');

var decrypted = CryptoJS.AES.decrypt(encrypted, key, { iv: encrypted.iv });

alert(decrypted.toString(CryptoJS.enc.Utf8));

Original comment by Jeff.Mott.OR on 18 Jun 2013 at 5:30

Answer 4 · 2015-06-18T20:13:26.000Z

wow..thanks a lot. really appreciate your quick response.

Original comment by chintani...@gmail.com on 18 Jun 2013 at 5:32

Answer 5 · 2015-06-18T20:13:26.000Z

Original comment by Jeff.Mott.OR on 19 Jun 2013 at 12:25

Changed state: Invalid

Answer 6 · 2015-06-18T20:13:26.000Z

Hi Jeff,
We are getting some unique problem for a specific client.
The problem is we are using cryptography for password encryption and we are 
successfull in doing this But when we try to decrypt the password it is not 
returning the exact value what we have given instead it is giving the value as 
encypted string. For eg:
Password is "ABC" -> encrypted to "77464646==" and when we are trying to 
decrypt ("77464646==") we are getting output as "77464646==".

Please help me in this.

Regards,
Naresh Yakkala.

Original comment by nareshya...@gmail.com on 13 Aug 2013 at 7:27

Answer 7 · 2015-06-18T20:13:26.000Z

Hi, Naresh. It's almost impossible to see the problem without seeing the code 
you're using. Also, consider posting in the discussion group rather than 
posting to a closed issue.

Original comment by Jeff.Mott.OR on 13 Aug 2013 at 6:49