AES CBC: JavaScript/CryptoJS Encrypt -> Golang DecryptHow can I encrypt a string with AES-128-CBC algorithm in Javascript?Create GUID / UUID in JavaScript?How do JavaScript closures work?What is the most efficient way to deep clone an object in JavaScript?How do I remove a property from a JavaScript object?Which equals operator (== vs ===) should be used in JavaScript comparisons?How do I include a JavaScript file in another JavaScript file?What does “use strict” do in JavaScript, and what is the reasoning behind it?How to check whether a string contains a substring in JavaScript?How do I remove a particular element from an array in JavaScript?For-each over an array in JavaScript?

Use of さ as a filler

Establishing isomorphisms between polynomial quotient rings

Is there an academic word that means "to split hairs over"?

Given 0s on Assignments with suspected and dismissed cheating?

Do Grothendieck universes matter for an algebraic geometer?

What is the correct pentalobe screwdriver size for a Macbook Air Model A1370?

Is Valonqar prophecy unfulfilled?

Why does SSL Labs now consider CBC suites weak?

How do I adjust encounters to challenge my lycanthrope players without negating their cool new abilities?

How about space ziplines

Can my Serbian girlfriend apply for a UK Standard Visitor visa and stay for the whole 6 months?

Were any of the books mentioned in this scene from the movie Hackers real?

Was the dragon prowess intentionally downplayed in S08E04?

Under what charges was this character executed in Game of Thrones, The Bells?

Will heating of KClO3 be considered disproportionation?

Did galley captains put corks in the mouths of slave rowers to keep them quiet?

Who commanded or executed this action in Game of Thrones S8E5?

Why did the metro bus stop at each railway crossing, despite no warning indicating a train was coming?

Why didn't the Avengers use this object earlier?

How can I add a .pem private key fingerprint entry to known_hosts before connecting with ssh?

Offered a new position but unknown about salary?

Polynomial division: Is this trick obvious?

A case where Bishop for knight isn't a good trade

Holding rent money for my friend which amounts to over $10k?



AES CBC: JavaScript/CryptoJS Encrypt -> Golang Decrypt


How can I encrypt a string with AES-128-CBC algorithm in Javascript?Create GUID / UUID in JavaScript?How do JavaScript closures work?What is the most efficient way to deep clone an object in JavaScript?How do I remove a property from a JavaScript object?Which equals operator (== vs ===) should be used in JavaScript comparisons?How do I include a JavaScript file in another JavaScript file?What does “use strict” do in JavaScript, and what is the reasoning behind it?How to check whether a string contains a substring in JavaScript?How do I remove a particular element from an array in JavaScript?For-each over an array in JavaScript?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








0















Note: This is only for personal use and learning, I am not trying to roll my own encryption for public use.



I need to AES256 encrypt a string, however my current attempts end up with a string like Salted__Vέ��|��l��ʼ8XCQlY server side when it is hex decoded. It should rather be a valid utf8 base64 string when hex-decoded, which can then be decoded to the original string. This is similar to the solution offered here, however the salt was not the actual problem (despite the answer being accepted) and I have not been able to suppress the salt op by hex decoding the iv before use (as it suggested). Is there a way to do this?



I've tried several different methods and always end up in a similar spot. My latest attempt is such:



encrypt.js






// CryptoJS.pad.NoPadding=pad:function(),unpad:function();

const SECRET = '394812730425442A472D2F423F452848';
const iv = crypto.getRandomValues(new Uint8Array(16)); 

function enc(plainText) 
 var b64 = CryptoJS.AES.encrypt(plainText, SECRET, 
 	iv,
 mode: CryptoJS.mode.CBC,
 // padding: CryptoJS.pad.NoPadding
 ).toString();

 // Don't need?
 //var e64 = CryptoJS.enc.Base64.parse(b64);
 //var eHex = e64.toString(CryptoJS.enc.Hex);
 console.log("b64::", b64);

 return b64;


enc("SUPA_SECRET");

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





Now we take the b64 result and paste it into the JS_GEN variable in the server side golang decrypt:



decrypt.go



(golang decrypt playground)



package main

import (
 "crypto/aes"
 "crypto/cipher"
 "encoding/base64"
 "encoding/hex"
 "fmt"
)

func main() 
 JS_GEN := "U2FsdGVkX1+CA3LZTXePlgoGqL8VkdgiDgUenZhH4kc="
 SECRET := "394812730425442A472D2F423F452848"
 //msg := "SUPER_SECRET"

 res, err := DecryptCBC(SECRET, JS_GEN)
 if err != nil 
 fmt.Println(err)
 

 fmt.Println("res::", res)


func DecryptCBC(secret string, target string) (string, error) 
 nilString := ""
 key, _ := hex.DecodeString(secret)
 //ciphertext, err := base64.URLEncoding.DecodeString(target)

 // Decode base64 string
 ciphertext, err := base64.StdEncoding.DecodeString(target)
 if err != nil 
 return nilString, err
 

 // Create new cipher block
 block, err := aes.NewCipher(key)
 if err != nil 
 return nilString, err
 

 // The IV needs to be unique, but not secure. Therefore it's common to
 // include it at the beginning of the ciphertext.
 if len(ciphertext) < aes.BlockSize 
 panic("ciphertext too short")
 
 iv := ciphertext[:aes.BlockSize]
 ciphertext = ciphertext[aes.BlockSize:]

 // CBC mode always works in whole blocks.
 if len(ciphertext)%aes.BlockSize != 0 
 panic("ciphertext is not a multiple of the block size")
 
 mode := cipher.NewCBCDecrypter(block, iv)

 // CryptBlocks can work in-place if the two arguments are the same.
 mode.CryptBlocks(ciphertext, ciphertext)
 fmt.Println("ciphertext::", ciphertext)

 // Output: exampleplaintext
 return string(ciphertext), nil



The output will be something like:



ciphertext:: [136 227 244 124 124 92 162 254 1 147 235 213 8 136 129 150]
res:: ���||�������


What am I doing wrong?



EDIT: I've removed hex encode/decode from the process.






javascript go encryption aes cryptojs







share|improve this question
























  • You are not even passing the data inside text to base64.StdEncoding.DecodeString() at the end of decrypt()

    – Abdullah
    Mar 23 at 2:59











  • @Abdullah thanks, that was an oversight. I've cleaned up and updated all the code and the question to be directed at what I think is the problem now.

    – DjH
    Mar 23 at 14:12












  • For AES256 use a 256 bit key. Your are using a 128 bit key in Go and (if I'm reading this right) a different 512 bit key in JS, which is non-sense. Also, hex encoding the cipher text after base64 encoding is redundant and wasteful. Choose one (base64 is preferable because the result is shorter).

    – Peter
    Mar 23 at 14:40












  • @Peter I've removed the hex encoding, it's just something that was in every example I saw. Now as for the keys... how am I using different ones? They should both be using the same secret as the key (394812730425442A472D2F423F452848)

    – DjH
    Mar 23 at 15:23











  • In the original question you decoded that string in Go but encoded it in JS. Now it seems you are using it as-is in JS. It's hard to help you if you keep changing the problem significantly.

    – Peter
    Mar 23 at 16:03

















0















Note: This is only for personal use and learning, I am not trying to roll my own encryption for public use.



I need to AES256 encrypt a string, however my current attempts end up with a string like Salted__Vέ��|��l��ʼ8XCQlY server side when it is hex decoded. It should rather be a valid utf8 base64 string when hex-decoded, which can then be decoded to the original string. This is similar to the solution offered here, however the salt was not the actual problem (despite the answer being accepted) and I have not been able to suppress the salt op by hex decoding the iv before use (as it suggested). Is there a way to do this?



I've tried several different methods and always end up in a similar spot. My latest attempt is such:



encrypt.js






// CryptoJS.pad.NoPadding=pad:function(),unpad:function();

const SECRET = '394812730425442A472D2F423F452848';
const iv = crypto.getRandomValues(new Uint8Array(16)); 

function enc(plainText) 
 var b64 = CryptoJS.AES.encrypt(plainText, SECRET, 
 	iv,
 mode: CryptoJS.mode.CBC,
 // padding: CryptoJS.pad.NoPadding
 ).toString();

 // Don't need?
 //var e64 = CryptoJS.enc.Base64.parse(b64);
 //var eHex = e64.toString(CryptoJS.enc.Hex);
 console.log("b64::", b64);

 return b64;


enc("SUPA_SECRET");

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





Now we take the b64 result and paste it into the JS_GEN variable in the server side golang decrypt:



decrypt.go



(golang decrypt playground)



package main

import (
 "crypto/aes"
 "crypto/cipher"
 "encoding/base64"
 "encoding/hex"
 "fmt"
)

func main() 
 JS_GEN := "U2FsdGVkX1+CA3LZTXePlgoGqL8VkdgiDgUenZhH4kc="
 SECRET := "394812730425442A472D2F423F452848"
 //msg := "SUPER_SECRET"

 res, err := DecryptCBC(SECRET, JS_GEN)
 if err != nil 
 fmt.Println(err)
 

 fmt.Println("res::", res)


func DecryptCBC(secret string, target string) (string, error) 
 nilString := ""
 key, _ := hex.DecodeString(secret)
 //ciphertext, err := base64.URLEncoding.DecodeString(target)

 // Decode base64 string
 ciphertext, err := base64.StdEncoding.DecodeString(target)
 if err != nil 
 return nilString, err
 

 // Create new cipher block
 block, err := aes.NewCipher(key)
 if err != nil 
 return nilString, err
 

 // The IV needs to be unique, but not secure. Therefore it's common to
 // include it at the beginning of the ciphertext.
 if len(ciphertext) < aes.BlockSize 
 panic("ciphertext too short")
 
 iv := ciphertext[:aes.BlockSize]
 ciphertext = ciphertext[aes.BlockSize:]

 // CBC mode always works in whole blocks.
 if len(ciphertext)%aes.BlockSize != 0 
 panic("ciphertext is not a multiple of the block size")
 
 mode := cipher.NewCBCDecrypter(block, iv)

 // CryptBlocks can work in-place if the two arguments are the same.
 mode.CryptBlocks(ciphertext, ciphertext)
 fmt.Println("ciphertext::", ciphertext)

 // Output: exampleplaintext
 return string(ciphertext), nil



The output will be something like:



ciphertext:: [136 227 244 124 124 92 162 254 1 147 235 213 8 136 129 150]
res:: ���||�������


What am I doing wrong?



EDIT: I've removed hex encode/decode from the process.






javascript go encryption aes cryptojs







share|improve this question
























  • You are not even passing the data inside text to base64.StdEncoding.DecodeString() at the end of decrypt()

    – Abdullah
    Mar 23 at 2:59











  • @Abdullah thanks, that was an oversight. I've cleaned up and updated all the code and the question to be directed at what I think is the problem now.

    – DjH
    Mar 23 at 14:12












  • For AES256 use a 256 bit key. Your are using a 128 bit key in Go and (if I'm reading this right) a different 512 bit key in JS, which is non-sense. Also, hex encoding the cipher text after base64 encoding is redundant and wasteful. Choose one (base64 is preferable because the result is shorter).

    – Peter
    Mar 23 at 14:40












  • @Peter I've removed the hex encoding, it's just something that was in every example I saw. Now as for the keys... how am I using different ones? They should both be using the same secret as the key (394812730425442A472D2F423F452848)

    – DjH
    Mar 23 at 15:23











  • In the original question you decoded that string in Go but encoded it in JS. Now it seems you are using it as-is in JS. It's hard to help you if you keep changing the problem significantly.

    – Peter
    Mar 23 at 16:03













0












0








0








Note: This is only for personal use and learning, I am not trying to roll my own encryption for public use.



I need to AES256 encrypt a string, however my current attempts end up with a string like Salted__Vέ��|��l��ʼ8XCQlY server side when it is hex decoded. It should rather be a valid utf8 base64 string when hex-decoded, which can then be decoded to the original string. This is similar to the solution offered here, however the salt was not the actual problem (despite the answer being accepted) and I have not been able to suppress the salt op by hex decoding the iv before use (as it suggested). Is there a way to do this?



I've tried several different methods and always end up in a similar spot. My latest attempt is such:



encrypt.js






// CryptoJS.pad.NoPadding=pad:function(),unpad:function();

const SECRET = '394812730425442A472D2F423F452848';
const iv = crypto.getRandomValues(new Uint8Array(16)); 

function enc(plainText) 
 var b64 = CryptoJS.AES.encrypt(plainText, SECRET, 
 	iv,
 mode: CryptoJS.mode.CBC,
 // padding: CryptoJS.pad.NoPadding
 ).toString();

 // Don't need?
 //var e64 = CryptoJS.enc.Base64.parse(b64);
 //var eHex = e64.toString(CryptoJS.enc.Hex);
 console.log("b64::", b64);

 return b64;


enc("SUPA_SECRET");

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





Now we take the b64 result and paste it into the JS_GEN variable in the server side golang decrypt:



decrypt.go



(golang decrypt playground)



package main

import (
 "crypto/aes"
 "crypto/cipher"
 "encoding/base64"
 "encoding/hex"
 "fmt"
)

func main() 
 JS_GEN := "U2FsdGVkX1+CA3LZTXePlgoGqL8VkdgiDgUenZhH4kc="
 SECRET := "394812730425442A472D2F423F452848"
 //msg := "SUPER_SECRET"

 res, err := DecryptCBC(SECRET, JS_GEN)
 if err != nil 
 fmt.Println(err)
 

 fmt.Println("res::", res)


func DecryptCBC(secret string, target string) (string, error) 
 nilString := ""
 key, _ := hex.DecodeString(secret)
 //ciphertext, err := base64.URLEncoding.DecodeString(target)

 // Decode base64 string
 ciphertext, err := base64.StdEncoding.DecodeString(target)
 if err != nil 
 return nilString, err
 

 // Create new cipher block
 block, err := aes.NewCipher(key)
 if err != nil 
 return nilString, err
 

 // The IV needs to be unique, but not secure. Therefore it's common to
 // include it at the beginning of the ciphertext.
 if len(ciphertext) < aes.BlockSize 
 panic("ciphertext too short")
 
 iv := ciphertext[:aes.BlockSize]
 ciphertext = ciphertext[aes.BlockSize:]

 // CBC mode always works in whole blocks.
 if len(ciphertext)%aes.BlockSize != 0 
 panic("ciphertext is not a multiple of the block size")
 
 mode := cipher.NewCBCDecrypter(block, iv)

 // CryptBlocks can work in-place if the two arguments are the same.
 mode.CryptBlocks(ciphertext, ciphertext)
 fmt.Println("ciphertext::", ciphertext)

 // Output: exampleplaintext
 return string(ciphertext), nil



The output will be something like:



ciphertext:: [136 227 244 124 124 92 162 254 1 147 235 213 8 136 129 150]
res:: ���||�������


What am I doing wrong?



EDIT: I've removed hex encode/decode from the process.






javascript go encryption aes cryptojs







share|improve this question
















Note: This is only for personal use and learning, I am not trying to roll my own encryption for public use.



I need to AES256 encrypt a string, however my current attempts end up with a string like Salted__Vέ��|��l��ʼ8XCQlY server side when it is hex decoded. It should rather be a valid utf8 base64 string when hex-decoded, which can then be decoded to the original string. This is similar to the solution offered here, however the salt was not the actual problem (despite the answer being accepted) and I have not been able to suppress the salt op by hex decoding the iv before use (as it suggested). Is there a way to do this?



I've tried several different methods and always end up in a similar spot. My latest attempt is such:



encrypt.js






// CryptoJS.pad.NoPadding=pad:function(),unpad:function();

const SECRET = '394812730425442A472D2F423F452848';
const iv = crypto.getRandomValues(new Uint8Array(16)); 

function enc(plainText) 
 var b64 = CryptoJS.AES.encrypt(plainText, SECRET, 
 	iv,
 mode: CryptoJS.mode.CBC,
 // padding: CryptoJS.pad.NoPadding
 ).toString();

 // Don't need?
 //var e64 = CryptoJS.enc.Base64.parse(b64);
 //var eHex = e64.toString(CryptoJS.enc.Hex);
 console.log("b64::", b64);

 return b64;


enc("SUPA_SECRET");

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





Now we take the b64 result and paste it into the JS_GEN variable in the server side golang decrypt:



decrypt.go



(golang decrypt playground)



package main

import (
 "crypto/aes"
 "crypto/cipher"
 "encoding/base64"
 "encoding/hex"
 "fmt"
)

func main() 
 JS_GEN := "U2FsdGVkX1+CA3LZTXePlgoGqL8VkdgiDgUenZhH4kc="
 SECRET := "394812730425442A472D2F423F452848"
 //msg := "SUPER_SECRET"

 res, err := DecryptCBC(SECRET, JS_GEN)
 if err != nil 
 fmt.Println(err)
 

 fmt.Println("res::", res)


func DecryptCBC(secret string, target string) (string, error) 
 nilString := ""
 key, _ := hex.DecodeString(secret)
 //ciphertext, err := base64.URLEncoding.DecodeString(target)

 // Decode base64 string
 ciphertext, err := base64.StdEncoding.DecodeString(target)
 if err != nil 
 return nilString, err
 

 // Create new cipher block
 block, err := aes.NewCipher(key)
 if err != nil 
 return nilString, err
 

 // The IV needs to be unique, but not secure. Therefore it's common to
 // include it at the beginning of the ciphertext.
 if len(ciphertext) < aes.BlockSize 
 panic("ciphertext too short")
 
 iv := ciphertext[:aes.BlockSize]
 ciphertext = ciphertext[aes.BlockSize:]

 // CBC mode always works in whole blocks.
 if len(ciphertext)%aes.BlockSize != 0 
 panic("ciphertext is not a multiple of the block size")
 
 mode := cipher.NewCBCDecrypter(block, iv)

 // CryptBlocks can work in-place if the two arguments are the same.
 mode.CryptBlocks(ciphertext, ciphertext)
 fmt.Println("ciphertext::", ciphertext)

 // Output: exampleplaintext
 return string(ciphertext), nil



The output will be something like:



ciphertext:: [136 227 244 124 124 92 162 254 1 147 235 213 8 136 129 150]
res:: ���||�������


What am I doing wrong?



EDIT: I've removed hex encode/decode from the process.






// CryptoJS.pad.NoPadding=pad:function(),unpad:function();

const SECRET = '394812730425442A472D2F423F452848';
const iv = crypto.getRandomValues(new Uint8Array(16)); 

function enc(plainText) 
 var b64 = CryptoJS.AES.encrypt(plainText, SECRET, 
 	iv,
 mode: CryptoJS.mode.CBC,
 // padding: CryptoJS.pad.NoPadding
 ).toString();

 // Don't need?
 //var e64 = CryptoJS.enc.Base64.parse(b64);
 //var eHex = e64.toString(CryptoJS.enc.Hex);
 console.log("b64::", b64);

 return b64;


enc("SUPA_SECRET");

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





// CryptoJS.pad.NoPadding=pad:function(),unpad:function();

const SECRET = '394812730425442A472D2F423F452848';
const iv = crypto.getRandomValues(new Uint8Array(16)); 

function enc(plainText) 
 var b64 = CryptoJS.AES.encrypt(plainText, SECRET, 
 	iv,
 mode: CryptoJS.mode.CBC,
 // padding: CryptoJS.pad.NoPadding
 ).toString();

 // Don't need?
 //var e64 = CryptoJS.enc.Base64.parse(b64);
 //var eHex = e64.toString(CryptoJS.enc.Hex);
 console.log("b64::", b64);

 return b64;


enc("SUPA_SECRET");

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





javascript go encryption aes cryptojs




javascript go encryption aes cryptojs






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 23 at 15:51







DjH

















asked Mar 22 at 21:30









DjHDjH

412421




412421












  • You are not even passing the data inside text to base64.StdEncoding.DecodeString() at the end of decrypt()

    – Abdullah
    Mar 23 at 2:59











  • @Abdullah thanks, that was an oversight. I've cleaned up and updated all the code and the question to be directed at what I think is the problem now.

    – DjH
    Mar 23 at 14:12












  • For AES256 use a 256 bit key. Your are using a 128 bit key in Go and (if I'm reading this right) a different 512 bit key in JS, which is non-sense. Also, hex encoding the cipher text after base64 encoding is redundant and wasteful. Choose one (base64 is preferable because the result is shorter).

    – Peter
    Mar 23 at 14:40












  • @Peter I've removed the hex encoding, it's just something that was in every example I saw. Now as for the keys... how am I using different ones? They should both be using the same secret as the key (394812730425442A472D2F423F452848)

    – DjH
    Mar 23 at 15:23











  • In the original question you decoded that string in Go but encoded it in JS. Now it seems you are using it as-is in JS. It's hard to help you if you keep changing the problem significantly.

    – Peter
    Mar 23 at 16:03

















  • You are not even passing the data inside text to base64.StdEncoding.DecodeString() at the end of decrypt()

    – Abdullah
    Mar 23 at 2:59











  • @Abdullah thanks, that was an oversight. I've cleaned up and updated all the code and the question to be directed at what I think is the problem now.

    – DjH
    Mar 23 at 14:12












  • For AES256 use a 256 bit key. Your are using a 128 bit key in Go and (if I'm reading this right) a different 512 bit key in JS, which is non-sense. Also, hex encoding the cipher text after base64 encoding is redundant and wasteful. Choose one (base64 is preferable because the result is shorter).

    – Peter
    Mar 23 at 14:40












  • @Peter I've removed the hex encoding, it's just something that was in every example I saw. Now as for the keys... how am I using different ones? They should both be using the same secret as the key (394812730425442A472D2F423F452848)

    – DjH
    Mar 23 at 15:23











  • In the original question you decoded that string in Go but encoded it in JS. Now it seems you are using it as-is in JS. It's hard to help you if you keep changing the problem significantly.

    – Peter
    Mar 23 at 16:03
















You are not even passing the data inside text to base64.StdEncoding.DecodeString() at the end of decrypt()

– Abdullah
Mar 23 at 2:59





You are not even passing the data inside text to base64.StdEncoding.DecodeString() at the end of decrypt()

– Abdullah
Mar 23 at 2:59













@Abdullah thanks, that was an oversight. I've cleaned up and updated all the code and the question to be directed at what I think is the problem now.

– DjH
Mar 23 at 14:12






@Abdullah thanks, that was an oversight. I've cleaned up and updated all the code and the question to be directed at what I think is the problem now.

– DjH
Mar 23 at 14:12














For AES256 use a 256 bit key. Your are using a 128 bit key in Go and (if I'm reading this right) a different 512 bit key in JS, which is non-sense. Also, hex encoding the cipher text after base64 encoding is redundant and wasteful. Choose one (base64 is preferable because the result is shorter).

– Peter
Mar 23 at 14:40






For AES256 use a 256 bit key. Your are using a 128 bit key in Go and (if I'm reading this right) a different 512 bit key in JS, which is non-sense. Also, hex encoding the cipher text after base64 encoding is redundant and wasteful. Choose one (base64 is preferable because the result is shorter).

– Peter
Mar 23 at 14:40














@Peter I've removed the hex encoding, it's just something that was in every example I saw. Now as for the keys... how am I using different ones? They should both be using the same secret as the key (394812730425442A472D2F423F452848)

– DjH
Mar 23 at 15:23





@Peter I've removed the hex encoding, it's just something that was in every example I saw. Now as for the keys... how am I using different ones? They should both be using the same secret as the key (394812730425442A472D2F423F452848)

– DjH
Mar 23 at 15:23













In the original question you decoded that string in Go but encoded it in JS. Now it seems you are using it as-is in JS. It's hard to help you if you keep changing the problem significantly.

– Peter
Mar 23 at 16:03





In the original question you decoded that string in Go but encoded it in JS. Now it seems you are using it as-is in JS. It's hard to help you if you keep changing the problem significantly.

– Peter
Mar 23 at 16:03












2 Answers
2






active

oldest

votes


















0














You seem to be using CBC mode in JavaScript (default), but CFB in golang. Try with NewCBCDecrypter instead.






share|improve this answer























  • Thanks for the suggestion, I've updated the decrypt code to use NewCBCDecrypter, this did not fix it. I've also updated the question to what I believe the problem is, that is the JS encryption is salting the hex string it produces, resulting in invalid b64 when decoded.

    – DjH
    Mar 23 at 14:11


















0














I'm still not totally sure why previous attempts have failed. It could have been one of many the different ways the encryption was implemented and/or configured on both server and client.



I've finally found what I was looking for. A simple implementation that just works out of the box. Here we will just use crypto-js and go-openssl.



client.js






const msg = "SUPA_SECRET"
const key = "394812730425442A472D2F423F452848";
const encrypted = CryptoJS.AES.encrypt(msg, key);

console.log(encrypted.toString());

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





server.go



package main

import (
 "fmt"
 "github.com/Luzifer/go-openssl"
)

func main() 
 encrypted := "ENCRYPTED_STRING_HERE"
 secret := "394812730425442A472D2F423F452848"

 o := openssl.New()

 dec, err := o.DecryptBytes(secret, []byte(encrypted), openssl.DigestMD5Sum)
 if err != nil 
 fmt.Printf("An error occurred: %sn", err)
 

 fmt.Printf("Decrypted text: %sn", string(dec))




// OUTPUT:
// Decrypted text: SUPA_SECRET





share|improve this answer

























  • Does this use 128-AES-cbc by default in JavaScript if we dont pass any parameter to this CryptoJS.AES.encrypt(msg, key);

    – msk
    Apr 18 at 12:29











  • I honestly don't know. Would need to dig into the docs/codebase

    – DjH
    Apr 18 at 12:32











  • Any idea how? if we have to pass cbc mode for encryption and decryption

    – msk
    Apr 18 at 12:34











Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55308051%2faes-cbc-javascript-cryptojs-encrypt-golang-decrypt%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























2 Answers
2






active

oldest

votes








2 Answers
2






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














You seem to be using CBC mode in JavaScript (default), but CFB in golang. Try with NewCBCDecrypter instead.






share|improve this answer























  • Thanks for the suggestion, I've updated the decrypt code to use NewCBCDecrypter, this did not fix it. I've also updated the question to what I believe the problem is, that is the JS encryption is salting the hex string it produces, resulting in invalid b64 when decoded.

    – DjH
    Mar 23 at 14:11















0














You seem to be using CBC mode in JavaScript (default), but CFB in golang. Try with NewCBCDecrypter instead.






share|improve this answer























  • Thanks for the suggestion, I've updated the decrypt code to use NewCBCDecrypter, this did not fix it. I've also updated the question to what I believe the problem is, that is the JS encryption is salting the hex string it produces, resulting in invalid b64 when decoded.

    – DjH
    Mar 23 at 14:11













0












0








0







You seem to be using CBC mode in JavaScript (default), but CFB in golang. Try with NewCBCDecrypter instead.






share|improve this answer













You seem to be using CBC mode in JavaScript (default), but CFB in golang. Try with NewCBCDecrypter instead.







share|improve this answer












share|improve this answer



share|improve this answer










answered Mar 23 at 11:49









yachooryachoor

7841616




7841616












  • Thanks for the suggestion, I've updated the decrypt code to use NewCBCDecrypter, this did not fix it. I've also updated the question to what I believe the problem is, that is the JS encryption is salting the hex string it produces, resulting in invalid b64 when decoded.

    – DjH
    Mar 23 at 14:11

















  • Thanks for the suggestion, I've updated the decrypt code to use NewCBCDecrypter, this did not fix it. I've also updated the question to what I believe the problem is, that is the JS encryption is salting the hex string it produces, resulting in invalid b64 when decoded.

    – DjH
    Mar 23 at 14:11
















Thanks for the suggestion, I've updated the decrypt code to use NewCBCDecrypter, this did not fix it. I've also updated the question to what I believe the problem is, that is the JS encryption is salting the hex string it produces, resulting in invalid b64 when decoded.

– DjH
Mar 23 at 14:11





Thanks for the suggestion, I've updated the decrypt code to use NewCBCDecrypter, this did not fix it. I've also updated the question to what I believe the problem is, that is the JS encryption is salting the hex string it produces, resulting in invalid b64 when decoded.

– DjH
Mar 23 at 14:11













0














I'm still not totally sure why previous attempts have failed. It could have been one of many the different ways the encryption was implemented and/or configured on both server and client.



I've finally found what I was looking for. A simple implementation that just works out of the box. Here we will just use crypto-js and go-openssl.



client.js






const msg = "SUPA_SECRET"
const key = "394812730425442A472D2F423F452848";
const encrypted = CryptoJS.AES.encrypt(msg, key);

console.log(encrypted.toString());

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





server.go



package main

import (
 "fmt"
 "github.com/Luzifer/go-openssl"
)

func main() 
 encrypted := "ENCRYPTED_STRING_HERE"
 secret := "394812730425442A472D2F423F452848"

 o := openssl.New()

 dec, err := o.DecryptBytes(secret, []byte(encrypted), openssl.DigestMD5Sum)
 if err != nil 
 fmt.Printf("An error occurred: %sn", err)
 

 fmt.Printf("Decrypted text: %sn", string(dec))




// OUTPUT:
// Decrypted text: SUPA_SECRET





share|improve this answer

























  • Does this use 128-AES-cbc by default in JavaScript if we dont pass any parameter to this CryptoJS.AES.encrypt(msg, key);

    – msk
    Apr 18 at 12:29











  • I honestly don't know. Would need to dig into the docs/codebase

    – DjH
    Apr 18 at 12:32











  • Any idea how? if we have to pass cbc mode for encryption and decryption

    – msk
    Apr 18 at 12:34















0














I'm still not totally sure why previous attempts have failed. It could have been one of many the different ways the encryption was implemented and/or configured on both server and client.



I've finally found what I was looking for. A simple implementation that just works out of the box. Here we will just use crypto-js and go-openssl.



client.js






const msg = "SUPA_SECRET"
const key = "394812730425442A472D2F423F452848";
const encrypted = CryptoJS.AES.encrypt(msg, key);

console.log(encrypted.toString());

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





server.go



package main

import (
 "fmt"
 "github.com/Luzifer/go-openssl"
)

func main() 
 encrypted := "ENCRYPTED_STRING_HERE"
 secret := "394812730425442A472D2F423F452848"

 o := openssl.New()

 dec, err := o.DecryptBytes(secret, []byte(encrypted), openssl.DigestMD5Sum)
 if err != nil 
 fmt.Printf("An error occurred: %sn", err)
 

 fmt.Printf("Decrypted text: %sn", string(dec))




// OUTPUT:
// Decrypted text: SUPA_SECRET





share|improve this answer

























  • Does this use 128-AES-cbc by default in JavaScript if we dont pass any parameter to this CryptoJS.AES.encrypt(msg, key);

    – msk
    Apr 18 at 12:29











  • I honestly don't know. Would need to dig into the docs/codebase

    – DjH
    Apr 18 at 12:32











  • Any idea how? if we have to pass cbc mode for encryption and decryption

    – msk
    Apr 18 at 12:34













0












0








0







I'm still not totally sure why previous attempts have failed. It could have been one of many the different ways the encryption was implemented and/or configured on both server and client.



I've finally found what I was looking for. A simple implementation that just works out of the box. Here we will just use crypto-js and go-openssl.



client.js






const msg = "SUPA_SECRET"
const key = "394812730425442A472D2F423F452848";
const encrypted = CryptoJS.AES.encrypt(msg, key);

console.log(encrypted.toString());

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





server.go



package main

import (
 "fmt"
 "github.com/Luzifer/go-openssl"
)

func main() 
 encrypted := "ENCRYPTED_STRING_HERE"
 secret := "394812730425442A472D2F423F452848"

 o := openssl.New()

 dec, err := o.DecryptBytes(secret, []byte(encrypted), openssl.DigestMD5Sum)
 if err != nil 
 fmt.Printf("An error occurred: %sn", err)
 

 fmt.Printf("Decrypted text: %sn", string(dec))




// OUTPUT:
// Decrypted text: SUPA_SECRET





share|improve this answer















I'm still not totally sure why previous attempts have failed. It could have been one of many the different ways the encryption was implemented and/or configured on both server and client.



I've finally found what I was looking for. A simple implementation that just works out of the box. Here we will just use crypto-js and go-openssl.



client.js






const msg = "SUPA_SECRET"
const key = "394812730425442A472D2F423F452848";
const encrypted = CryptoJS.AES.encrypt(msg, key);

console.log(encrypted.toString());

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





server.go



package main

import (
 "fmt"
 "github.com/Luzifer/go-openssl"
)

func main() 
 encrypted := "ENCRYPTED_STRING_HERE"
 secret := "394812730425442A472D2F423F452848"

 o := openssl.New()

 dec, err := o.DecryptBytes(secret, []byte(encrypted), openssl.DigestMD5Sum)
 if err != nil 
 fmt.Printf("An error occurred: %sn", err)
 

 fmt.Printf("Decrypted text: %sn", string(dec))




// OUTPUT:
// Decrypted text: SUPA_SECRET





const msg = "SUPA_SECRET"
const key = "394812730425442A472D2F423F452848";
const encrypted = CryptoJS.AES.encrypt(msg, key);

console.log(encrypted.toString());

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>





const msg = "SUPA_SECRET"
const key = "394812730425442A472D2F423F452848";
const encrypted = CryptoJS.AES.encrypt(msg, key);

console.log(encrypted.toString());

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>






share|improve this answer














share|improve this answer



share|improve this answer








edited Mar 23 at 18:06

























answered Mar 23 at 17:54









DjHDjH

412421




412421












  • Does this use 128-AES-cbc by default in JavaScript if we dont pass any parameter to this CryptoJS.AES.encrypt(msg, key);

    – msk
    Apr 18 at 12:29











  • I honestly don't know. Would need to dig into the docs/codebase

    – DjH
    Apr 18 at 12:32











  • Any idea how? if we have to pass cbc mode for encryption and decryption

    – msk
    Apr 18 at 12:34

















  • Does this use 128-AES-cbc by default in JavaScript if we dont pass any parameter to this CryptoJS.AES.encrypt(msg, key);

    – msk
    Apr 18 at 12:29











  • I honestly don't know. Would need to dig into the docs/codebase

    – DjH
    Apr 18 at 12:32











  • Any idea how? if we have to pass cbc mode for encryption and decryption

    – msk
    Apr 18 at 12:34
















Does this use 128-AES-cbc by default in JavaScript if we dont pass any parameter to this CryptoJS.AES.encrypt(msg, key);

– msk
Apr 18 at 12:29





Does this use 128-AES-cbc by default in JavaScript if we dont pass any parameter to this CryptoJS.AES.encrypt(msg, key);

– msk
Apr 18 at 12:29













I honestly don't know. Would need to dig into the docs/codebase

– DjH
Apr 18 at 12:32





I honestly don't know. Would need to dig into the docs/codebase

– DjH
Apr 18 at 12:32













Any idea how? if we have to pass cbc mode for encryption and decryption

– msk
Apr 18 at 12:34





Any idea how? if we have to pass cbc mode for encryption and decryption

– msk
Apr 18 at 12:34

















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55308051%2faes-cbc-javascript-cryptojs-encrypt-golang-decrypt%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

Image
Pages using ISBN magic linksMbegu za lughaKamusiIsimu nenoKiarabukitabulughaKiswahilialfabetimaanaufafanuzimanenomuhtasarisarufividahizoalfabeti Kamusi Kutoka Wikipedia, kamusi elezo huru Jump to navigation Jump to search Kamusi za Kiswahili Kamusi ya Kiswahili-Kiswahili (kamusi wahidiya) Kamusi ya Kiswahili - Kiingereza (kamusi thania) Kamusi (kutoka neno la Kiarabu قاموس qamus ) ni kitabu ambacho kinaorodhesha maneno ya lugha yaliyokusanywa kutoka kwa watumiaji wa lugha fulani, kwa mfano lugha ya Kiswahili. Maneno hupangwa kwa mtindo wa alfabeti, hutoa maana, asili na ufafanuzi wa utumizi wa maneno na jinsi yanavyotumika au yanavyotamkwa. [1] Yaliyomo 1 Aina za kamusi 2 Muundo wa kamusi 2.1 1. Utangulizi wa kamusi 2.2 2. Matini ya kamusi 2.3 3. Sherehe ya kamusi 3 Faida za kamusi 4 Dhima ya picha katika kamusi 5 Marejeo 6 Tazama pia 7 Viungo vya nje Aina za kamusi | Kuna aina mbalimbali za kamusi ambazo ni: Kamusi wahidiya yaani ya l
Read more

SQL error code 1064 with creating Laravel foreign keysForeign key constraints: When to use ON UPDATE and ON DELETEDropping column with foreign key Laravel error: General error: 1025 Error on renameLaravel SQL Can't create tableLaravel Migration foreign key errorLaravel php artisan migrate:refresh giving a syntax errorSQLSTATE[42S01]: Base table or view already exists or Base table or view already exists: 1050 Tableerror in migrating laravel file to xampp serverSyntax error or access violation: 1064:syntax to use near 'unsigned not null, modelName varchar(191) not null, title varchar(191) not nLaravel cannot create new table field in mysqlLaravel 5.7:Last migration creates table but is not registered in the migration table

Image
Does a multiclassed wizard start with a spellbook? Minimizing medical costs with HSA Boss has banned cycling to work because he thinks it's unsafe Is there a typical layout to blocking installed for backing in new construction framing? In the Seventh Seal why does Death let the chess game happen? Why has Novell never written its own boot loader? Should I warn my boss I might take sick leave Why is the saxophone not common in classical repertoire? Is it possible to spoof an IP address to an exact number? Motorcyle Chain needs to be cleaned every time you lube it? Bypass with wrong cvv of debit card and getting OTP Do we have a much compact and generalized version of erase–remove idiom? how can i make this execution plan more efficient? Why did moving the mouse cursor cause Windows 95 to run more quickly? What's the big deal about the Nazgûl losing their horses? Has chattel slavery ever been used as a criminal punishment in the USA since the passage
Read more

은진 송씨 목차 역사 본관 분파 인물 조선 왕실과의 인척 관계 집성촌 항렬자 인구 같이 보기 각주 둘러보기 메뉴은진 송씨세종실록 149권, 지리지 충청도 공주목 은진현

Image
송씨은진 송씨충청남도 소재 성씨논산시 충청남도논산시은진면한국의 성씨고려송명의회덕 황씨류준고흥 류씨송유조선송준길문묘송시열좌의정문묘종묘송준길송규렴송상기송시열송인수송환기송치규송근수충청남도논산시은진면백제757년충청남도은진군논산군논산시은진면송유 은진 송씨 위키백과, 우리 모두의 백과사전. (회덕 송씨에서 넘어옴) 둘러보기로 가기 검색하러 가기 은진 송씨 (恩津 宋氏) 관향 충청남도 논산시 은진면 시조 송대원(宋大源) 주요 중시조 송명의(宋明誼) 주요 집성촌 대전광역시 충청남도 논산시 전라남도 진도군 전라남도 여수시 경상남도 거제군 경상남도 남해군 경상남도 합천군 주요 인물 송인수, 송기수, 송이창, 송갑조, 송준길, 송시열, 송규렴, 송상기, 송환기, 송치규, 송근수, 송병선, 송병준, 송지헌, 송종헌, 송순기, 송화식, 송진백, 송건호, 송원영, 송두호, 송백헌, 송자, 송진훈, 송민순, 송영무, 송영선, 송언석, 송중기 인구 (2015년) 226,050명 은진 송씨 (恩津 宋氏)는 충청남도 논산시 은진면을 본관으로 하는 한국의 성씨이다. 목차 1 역사 2 본관 3 분파 4 인물 5 조선 왕실과의 인척 관계 6 집성촌 7 항렬자 8 인구 9 같이 보기 10 각주 역사 은진 송씨(恩津 宋氏)의 시조 송대원 (宋大源)이 고려 때 판원사(判院事)를 지내고 나라에 공을 세워 은진군(恩津君)에 봉해졌다고 한다. 송대원의 증손자인 송명의(宋明誼)가 1362년(공민왕 11) 문과에 급제하고 사헌부 집단(司憲府執端)에 이르렀으나 고려가 망하자 불사이군(不事二君)의 충절로 낙향하여 처가인 회덕 황씨촌에 자리잡았다. 송명의(宋明誼)의 아들 송극기(宋克己)가 류준(柳濬)의 딸 고흥 류씨(高興柳氏)와 결혼하여 아들 송유(宋愉, 1388년 ~ 1446년)를 두었다. 송유는 12세에 부사정(副司正)이 되었는데, 13세에 관직을 버리고 고향 회덕으로 돌아와 학문에 정진하였다. 은진 송씨는 조선시대 문과 급
Read more