sjcl
Stanford Javascript Crypto Library
Stanford Javascript Crypto Library
The SJCL docs provide the following code as an example for sha256:
var bitArray = sjcl.hash.sha256.hash("message");
var digest_sha256 = sjcl.codec.hex.fromBits(bitArray);
The digest in that example being equal to a 64-character hex string, when I was expecting a 16-character hex string (256 bits = 16 hex characters). What am I missing? How can I get a 16-character digest of the hash?
Source: (StackOverflow)
i am new in SJCL crypto library, i am doing the following for encrypting the plain text using 256 bit key in
var h = sjcl.codec.hex ;
salt = h.fromBits(sjcl.random.randomWords('10','0'));
var encryptedMessage = sjcl.encrypt(password,message,{count:2048,salt:salt,ks:256});
but i am unable to decrypt the same cipher , i want to know how to decrypt this cipher .
Source: (StackOverflow)
Thank you for your help.
I have a problem with sjcl library or cryptojs aes library.
Everytime i encrypt my file with aes the file size is * 2.
For example: When i upload a 4mb file then there is a 8mb file on my server.
I split the file on block which bytesize can be divided by 16.
Please help me
This is the way i encrypt the file:
var l_EncryptetData = CryptoJS.AES.encrypt(p_ChunkData, p_FileKey).toString();
And this is a example array with block sizes from the 4mb file:
0: 1572864
1: 1572864
2: 867005
length: 3
And the FileKey is a SHA-256 Hash
Source: (StackOverflow)
I am trying to implement the SJCL decryption of aes-128-ccm encrypted strings in Ruby. After reading a similar question I see that this should be supported in newer versions of the OpenSSL library, and so i have installed the development version from github to /opt
After doing this I don't see the aes-128-ccm cipher in the list when I run /opt/bin/openssl ciphers:
ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DH-RSA-DES-CBC-SHA:EXP-DH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5
But if I run /opt/bin/openssl enc -help 2>&1 I see "-aes-128-ccm":
-aes-128-cbc -aes-128-ccm -aes-128-cfb
-aes-128-cfb1 -aes-128-cfb8 -aes-128-ctr
-aes-128-ecb -aes-128-gcm -aes-128-ofb
-aes-128-xts -aes-192-cbc -aes-192-ccm
-aes-192-cfb -aes-192-cfb1 -aes-192-cfb8
-aes-192-ctr -aes-192-ecb -aes-192-gcm
-aes-192-ofb -aes-256-cbc -aes-256-ccm
-aes-256-cfb -aes-256-cfb1 -aes-256-cfb8
-aes-256-ctr -aes-256-ecb -aes-256-gcm
-aes-256-ofb -aes-256-xts -aes128
-aes192 -aes256 -bf
-bf-cbc -bf-cfb -bf-ecb
-bf-ofb -blowfish -camellia-128-cbc
-camellia-128-cfb -camellia-128-cfb1 -camellia-128-cfb8
-camellia-128-ecb -camellia-128-ofb -camellia-192-cbc
-camellia-192-cfb -camellia-192-cfb1 -camellia-192-cfb8
-camellia-192-ecb -camellia-192-ofb -camellia-256-cbc
-camellia-256-cfb -camellia-256-cfb1 -camellia-256-cfb8
-camellia-256-ecb -camellia-256-ofb -camellia128
-camellia192 -camellia256 -cast
-cast-cbc -cast5-cbc -cast5-cfb
-cast5-ecb -cast5-ofb -des
-des-cbc -des-cfb -des-cfb1
-des-cfb8 -des-ecb -des-ede
-des-ede-cbc -des-ede-cfb -des-ede-ofb
-des-ede3 -des-ede3-cbc -des-ede3-cfb
-des-ede3-cfb1 -des-ede3-cfb8 -des-ede3-ofb
-des-ofb -des3 -desx
-desx-cbc -gost89 -gost89-cnt
-id-aes128-CCM -id-aes128-GCM -id-aes192-CCM
-id-aes192-GCM -id-aes256-CCM -id-aes256-GCM
-idea -idea-cbc -idea-cfb
-idea-ecb -idea-ofb -rc2
-rc2-40-cbc -rc2-64-cbc -rc2-cbc
-rc2-cfb -rc2-ecb -rc2-ofb
-rc4 -rc4-40 -rc4-hmac-md5
-seed -seed-cbc -seed-cfb
-seed-ecb -seed-ofb
I reinstalled ruby 2.0.0p0 with rvm using the command: rvm reinstall 2.0.0 --with-openssl-dir=/opt (given in the aforementioned article). And then ran cipher = OpenSSL::Cipher.new('aes-128-ccm'). Which returned the following error:
unsupported cipher algorithm (aes-128-ccm)
My question is how can I add support for AES-128-CCM in Ruby / What am I doing wrong here?
Source: (StackOverflow)
Hi so lets assume that client-side has a key that is not transfered via the same channel as the encrypted data.
What I am trying to accomplish is to decrypt the result of Stanford Javascript Crypto Library (sjcl) in ruby. or for a generalisation in any other language that has a crypto library that has support for AES.
Here is what I am doing in javascript:
sjcl.encrypt('stack-password', 'overflow-secret')
And this is what I get in return:
{
"iv": "Tbn0mZxQcroWnq4g/Pm+Gg",
"v": 1,
"iter": 1000,
"ks": 128,
"ts": 64,
"mode": "ccm",
"adata": "",
"cipher": "aes",
"salt": "pMQh7m9Scds",
"ct": "H6JRpgSdEzKUw2qEO1+HwIzAdxGTgh0"
}
So what I'm actually asking is, which of these parameters I need(assuming the server already has the "stack-password" key) in order to decrypt the secret server-side, and which library should I use?
May be having AES decryption library is not enough?
Source: (StackOverflow)
I need to generate a secure 50 characters random string in the users browsers.
Looking at sjcl.prng I've got this so far:
$(document).ready(function () {
sjcl.random = new sjcl.prng(8);
sjcl.random.startCollectors();
$("body").on('mousemove', function() {
console.log(sjcl.random.getProgress(8));
if(sjcl.random.isReady(8) === 2) {
sjcl.random.stopCollectors();
console.log(sjcl.random.randomWords(5,8));
}
});
});
After moving the mouse around for a while I get a byte array like this: [-579285364, 1099191484, 94979086, -1572161987, -570940948].
But what I'm looking for is a 50 character alphanumeric string. My knowledge on this topic is limited and I'm looking for some help here.
Source: (StackOverflow)
I am working on a web application which must be able to encrypt data with ECC on the server side and decrypt it in the browser. The only library I have found that is capable of this in JS is SJCL. However, since ECC support in SJCL seems a bit abandoned at the moment, I have used a fork, which has key serialization support and a demo for easier understanding.
First, I generate an ECC key pair in JS:
keypair = sjcl.ecc.elGamal.generateKeys(384, 10);
document.writeln(JSON.stringify(keypair.pub.serialize()));
This outputs something like:
{"point":[1110230655,241884220,775655552,-849225963,-883815628,-1984298210,-736346431,1387519594,-1810604283,-1235638489,1333314084,-1219216530,614640565,-1148742381,1038670260,1013716131,758346573,1162278003,1232401864,-1948620456,533899535,-1478577959,1853846180,-1553049184],"curve":384}
Then I have tried to convert this public key to a format understandable by OpenSSL.
ar = [1110230655,241884220,775655552,-849225963,-883815628,-1984298210,-736346431,1387519594,-1810604283,-1235638489,1333314084,-1219216530,614640565,-1148742381,1038670260,1013716131,758346573,1162278003,1232401864,-1948620456,533899535,-1478577959,1853846180,-1553049184]
# ugly bit magic to somehow convert the above array into a proper byte array (in form of a string)
kstr = [(ar.map { |i| (i>=0)?('0'*(8-i.to_s(16).length)+i.to_s(16)):("%08X" % (2**32-1+i+1)) }*'').upcase].pack("H*")
# opening a public key generated with the openssl cli tool showed a structure like this:
algokey = OpenSSL::ASN1::ObjectId 'id-ecPublicKey'
algovalue = OpenSSL::ASN1::ObjectId 'secp384r1'
algo = OpenSSL::ASN1::Sequence.new [algokey,algovalue]
# for some reason OpenSSL seems to prepend 0x04 to all public keys
key = OpenSSL::ASN1::BitString.new "\x04#{kstr}"
root = OpenSSL::ASN1::Sequence.new [algo,key]
pub = OpenSSL::PKey.read(root.to_der)
Until this point, my code works fine. That is, it does not produce any exceptions.
However, when generating a shared secret with both libraries, I found that SJCL generated a 'tag' that was 96 bytes long, while OpenSSL emitted 48 bytes.
Turns out my problem is that SJCL does not use plain ECDH. It uses something that seems to be ECMQV based on a quick google search. Therefore, the 'tag' SJCL output was a point on the curve (x and y coordinates of a point, 2*48 bytes), while what OpenSSL output was a shared secret (x coordinate of a point, as dictated by ECDH).
My problem is that I don't know if there is any support for ECMQV in OpenSSL (there are some patent problems, if I'm correct). Even if there was, the ruby binding does not seem to support it.
So my actual questions:
- are my findings documented above correct?
- if yes, does anyone know any other ruby library which I could use instead of OpenSSL, that supports ECMQV?
Source: (StackOverflow)
I'm using SJCL, and it works fine with small ASCII strings.
But when I try to decode this piece of JSON (the result of the encryption of an HTML page) I get a "this is not JSON!" error.
The JSON has been produced by SJCL, and while I did encode it and decode it using LZW and base64 I don't get this error for small strings with the same workflow.
I tracked the error message origin to the decode function. I assume the regexes are failing but I don't understand why as this seems to be a perfectly formed JSON string to me.
However, I can be wrong as if I do a JavaScript eval on it it fails on a syntax error. But if I dump it in a file Python parse it fine.
Source: (StackOverflow)
I'm searching a javascript library that offers secure encryption. The client has to generate a key and all data uploaded to the server is encrypted, all data downloaded is decrypted. I need an authenticated encryption scheme, just CTR or CBC isn't enough.
I heard about sjcl, but it seems that sjcl only can encrypt the whole data at once. I didn't find a way to encrypt the data blockwise. Because the uploaded files can be very large, this approach isn't feasible. I need something like the java crypto interface with two methods update() and final().
I found the nodeJS crypto library that seems to do what I need, but I don't know how to use it on browser side.
I found google crypto-js, but this library doesn't seem to offer authenticated encryption but only the standard modes.
Is there a way to encrypt data blockwise with sjcl? To use the nodeJS crypto library on browser side? To use authenticated encryption with crypto-js? Or is there another secure javascript library that offers what I need?
Source: (StackOverflow)
I am trying to encrypt some text with sjcl (Stanford Javascript Crypto Library) in my Titanium (target: iOS and Android) project. I am using the simplest method, with no other options:
sjcl.encrypt("mypassword", "mytext");
The app just hangs on this line, I get no error or any helpful information. What am I missing?
Thanks!
Source: (StackOverflow)
In JavaScipt, doing this:
var numbers = new Array(1042147201, -1682263442, -1463053899, 1834416100)
sjcl.codec.base64.fromBits(numbers)
Return "Ph3ngZu6sm6oy5G1bVb35A==", but doing this in C#:
var numbers = new[] { 1042147201, -1682263442, -1463053899, 1834416100 };
var byteNumbers = new byte[numbers.Length * sizeof(int)];
Buffer.BlockCopy(numbers, 0, byteNumbers, 0, byteNumbers.Length);
Convert.ToBase64String(byteNumbers);
Return "gecdPm6yupu1kcuo5PdWbQ=="
Why is the result different and what do I have to do to get the same result like in JavaScipt?
Source: (StackOverflow)
I am new to encryption and i am trying to get some symmetric encryption usign AES256 going from a mobile app to a webpage through websockets.
I Encrypt the data using RNCryptor default settings
IOS CODE
NSString* message = @"testmessage";
NSData* pubData = [message dataUsingEncoding:NSUTF8StringEncoding];
NSData *encryptedData = [RNEncryptor encryptData:pubData
withSettings:kRNCryptorAES256Settings
password:@"test"
error:&error];
if(error) {
NSLog(@"Error encrypting %@", [error localizedDescription]);
}
NSString* encryptedString = [encryptedData base64Encoding];
NSLog(@"Sending message %@", encryptedString);
[self.session publishData:[encryptedString dataUsingEncoding:NSUTF8StringEncoding] onTopic:@"test12345"];
Here is the output going out over websockets
AgEBnXPPvAkJb7YVapwCVNd5SQw4JwqU7BfLsEXNZyKy9SazfJT8w16Y/hYY7aKxuz3Kuy2tAXXX/cHCc3PMhvG+fzSfrslRVMKvD6L+oWvXLg==
JAVASCRIPT CODE - I receive the message and i try to parse it and display it
function onMessageArrived(message) {
var rawData = base64.decode(message.payloadString);
var encryptionSalt = rawData.substr(2,8);
var hmacSalt = rawData.substr(10,8);
var iv = rawData.substr(18, 16);
var ciphertext = rawData.substr(34, rawData.length-34-32);
var hmac = rawData.substr(rawData.length-32, 32);
var password = "test";
var key = CryptoJS.PBKDF2(password, encryptionSalt, { keySize: 256 / 32, iterations: 10000});
var plaintextArray = CryptoJS.AES.decrypt(
{ ciphertext: CryptoJS.enc.Utf8.parse(ciphertext) },
CryptoJS.enc.Hex.parse(key),
{ iv: CryptoJS.enc.Latin1.parse(iv) }
);
showScreen('<span style="color: blue;">User: ' + CryptoJS.enc.Latin1.stringify(plaintextArray) + '</span>');
};
For some reason the code gets stuck on generating the key (maybe 10k iterations are too much for CryptoJS??? thats the iterations used on IOS )
I have tried a bunch of different things with this and the output is garbage im not actually getting the message decrypted. Any help would be greatly appreciated. If you are going to recommend SJCL please provide some code . RNCryptor uses its own message format. I use it because of the randomized iv it provides . Please recommend a different library if you know of any as well.
THanks for reading.
Source: (StackOverflow)
I'm using the SJCL library to encrypt/decrypt messages. The question I have is that I don't know which is used AES or SHA256
Here is my code:
var h = sjcl.codec.hex, count = 2048 ;
salt = h.fromBits(sjcl.random.randomWords('10','0'));
var key = h.fromBits( sjcl.misc.pbkdf2(somePassword, h.toBits(salt), count) ) ;
Next I can encrypt/decrypt like
var encMessage = sjcl.encrypt(key, message) ;
sjcl.decrypt(key, encMessage) ;
AES or SHA256 or something else ?
Source: (StackOverflow)
I want to encrypt some data in Javascript and after sending it the php server it could be decrypted.
I'm planig to use JS encryption library as SJCL : http://crypto.stanford.edu/sjcl/ . Up to now I can encrypt my data in JS and send it via ajax post.
my JS code lool like this.
sjcl.encrypt('a_key','secured_message');
My question is how do I decrypt my data in php. If it is possible show me how to do it with an example code. (note: SSL is not a option for me, and now I'm planning to use the KEY as generated random number per each request)
Thanks
Source: (StackOverflow)