Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CryptoJS's PBKDF2 output differs from Node.js' require("crypto").pbkdf2 #42

Closed
GoogleCodeExporter opened this issue Apr 3, 2015 · 4 comments
Closed

CryptoJS's PBKDF2 output differs from Node.js' require("crypto").pbkdf2 #42

GoogleCodeExporter opened this issue Apr 3, 2015 · 4 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

What steps will reproduce the problem?
Details of the problem can be found in this stackoverflow.com question: 
http://stackoverflow.com/questions/11268307/should-all-implementations-of-pbkdf2
-generate-the-the-same-key-from-identical-in

What is the expected output? What do you see instead?
CryptoJS's pbkdf2 output should match that of Node.js crypto.pbkdf2.

What version of the product are you using? On what operating system?
CryptoJS v3.0.2 on Windows 7 x64

Original issue reported on code.google.com by da...@vervestudios.co on 29 Jun 2012 at 8:59
@GoogleCodeExporter
Copy link
Author 

You'll have to fill me in on some details of NodeJS to diagnose the issue.

How does NodeJS convert strings to bits? Latin1? UTF-8?

Does NodeJS have you specify the key length in bits, bytes, or words?

What does your generateSalt function return?

Original comment by Jeff.Mott.OR on 29 Jun 2012 at 9:18

@GoogleCodeExporter
Copy link
Author 

Looks like I figured it out.

In the rolled up PBKDF2.js script in "CryptoJS v3.0.2.zip" 
`CryptoJS.enc.Base64` is `undefined`; this was probably intended, but not 
something I noticed.

I was comparing node's Base64 encoded output to CryptoJS's hex output.

Another caveat was that the keySizes aren't compatible between CryptoJS and 
node.js. Node needs `keySize * 4` in order to output an identical key. I'm not 
familiar with what's going on under the hood in either case; but I'll just 
assume that's intended.

Node.js's PBKDF2's documentation is pretty scarce; it does, however, say its 
"key" parameter is named `keylen`.

FYI: Node.js's crypto library is just a wrapper around some OpenSSL functions.

Original comment by da...@vervestudios.co on 29 Jun 2012 at 9:36

@GoogleCodeExporter
Copy link
Author 

CryptoJS measures key sizes in 32-bit words, and NodeJS measures key sizes in 
8-bit bytes. That's why you needed to multiply by 4.

Original comment by Jeff.Mott.OR on 30 Jun 2012 at 12:31

@GoogleCodeExporter
Copy link
Author

Original comment by Jeff.Mott.OR on 30 Jun 2012 at 10:45

  • Changed state: Invalid

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter