You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
I'm trying to use the aes-256-cbc-hmac-sha1 algorithm with the crypto module.
Here's a code snippet showing what I'm trying to do:
// adapted from http://stackoverflow.com/a/6046913varcrypto=require('crypto');vardata="I am the clear text data";console.log('Original cleartext: '+data);// //// WORKS// var algorithm = 'aes-128-cbc';// var keyBuffer = crypto.randomBytes(16);// var ivBuffer = crypto.randomBytes(16);// DOES NOT WORKvaralgorithm='aes-256-cbc-hmac-sha1';varkeyBuffer=crypto.randomBytes(32);varivBuffer=crypto.randomBytes(16);// var algorithm = 'aes-256-cfb8'; // ok// var keyBuffer = crypto.randomBytes(32);// var ivBuffer = crypto.randomBytes(16);// var algorithm = 'aes-128-cbc-hmac-sha1'; // fail// var keyBuffer = crypto.randomBytes(16);// var ivBuffer = crypto.randomBytes(16);varclearEncoding='utf8';varcipherEncoding='hex';varcipher=crypto.createCipheriv(algorithm,keyBuffer,ivBuffer);varcipherChunks=[];cipherChunks.push(cipher.update(data,clearEncoding,cipherEncoding));cipherChunks.push(cipher.final(cipherEncoding));console.log('ciphertext',cipherChunks.join(''));vardecipher=crypto.createDecipheriv(algorithm,keyBuffer,ivBuffer);varplainChunks=[];//// all at once// var encrypted = cipherChunks.join('');// plainChunks.push(decipher.update(encrypted, cipherEncoding, clearEncoding));//// in piecesfor(vari=0;i<cipherChunks.length;i++){plainChunks.push(decipher.update(cipherChunks[i],cipherEncoding,clearEncoding));}plainChunks.push(decipher.final(clearEncoding));// var pt = plainChunks.join('');varpt='';for(i=0;i<plainChunks.length;i++)pt+=plainChunks[i].toString(clearEncoding);console.log("UTF8 plaintext deciphered: "+pt);console.log('GOOD with '+algorithm+'?',pt===data);
The algorithms without an included HMAC work, but the HMAC ones don't. It fails on the decipher.update step. Full output:
Original cleartext: I am the clear text data
ciphertext 364ddcface495bcc4e7c8c895443143a632a98d0942b8c844d53db7d770fabca
crypto.js:279
var ret = this._binding.update(data, inputEncoding);
^
TypeError: error:00000000:lib(0):func(0):reason(0)
at Decipheriv.Cipher.update (crypto.js:279:27)
at Object.<anonymous> (../../code/../app/crypto-example.js:44:29)
at Module._compile (module.js:456:26)
at Object.Module._extensions..js (module.js:474:10)
at Module.load (module.js:356:32)
at Function.Module._load (module.js:312:12)
at Function.Module.runMain (module.js:497:10)
at startup (node.js:119:16)
at node.js:906:3
I can't find any examples of this algorithm, so maybe I'm just doing something wrong. But the way it works with 'aes-256-cfb8', but not with 'aes-256-cbc-hmac-sha1', suggests there's a bug.
Thank you!
The text was updated successfully, but these errors were encountered:
Encryption (sort of) works, but since 'aes-256-cbc-hmac-sha1' is a (composite) AEAD cipher, it's necessary to extract the authentication tag after encryption and provide it again before decryption.
I implemented this for GCM (a non-composite AEAD mode) in pull request #6317. However the OpenSSL API used there does not work for composite ciphers. I investigated it back in the day and arrived at the conclusion that it was not possible to do given the possibilities of the exposed OpenSSL crypto API. I will recheck and make sure I didn't miss anything!
(Also posted on StackOverflow - http://stackoverflow.com/questions/23527007 - but this seems like a bug, so belongs here.)
I'm trying to use the aes-256-cbc-hmac-sha1 algorithm with the crypto module.
Here's a code snippet showing what I'm trying to do:
The algorithms without an included HMAC work, but the HMAC ones don't. It fails on the decipher.update step. Full output:
I can't find any examples of this algorithm, so maybe I'm just doing something wrong. But the way it works with 'aes-256-cfb8', but not with 'aes-256-cbc-hmac-sha1', suggests there's a bug.
Thank you!
The text was updated successfully, but these errors were encountered: