admin管理员组文章数量:1335159
Let assume that I have an Phonegap mobile app, and I want to store some user data(username/pass_hash) in local indexed db for providing login to app in offline. I want to encrypt that data of course, and my app already use CryptoJS. As I understood, first I need to generate encryption_key by password using PBKDF2, and then just encrypt CryptoJS.AES. Example code:
function generateKey(p){
var salt = CryptoJS.lib.WordArray.random(128/8);
return CryptoJS.PBKDF2(p, salt, { keySize: 512/32, iterations: 1000 });
}
var pass = "test1";
var iv = CryptoJS.lib.WordArray.random(16);
key512Bits1000Iterations = generateKey(pass);
var encrypted = CryptoJS.AES.encrypt("Message", key512Bits1000Iterations, { iv: iv });
var decrypted = CryptoJS.AES.decrypt(encrypted, key512Bits1000Iterations, { iv: iv });
//decrypting with another key step
key512Bits1000Iterations2 = generateKey(pass);
var decrypted2 = CryptoJS.AES.decrypt(encrypted, key512Bits1000Iterations2, { iv: iv });
console.log("decrypted " + decrypted.toString(CryptoJS.enc.Utf8));
console.log("decrypted2 " + decrypted2.toString(CryptoJS.enc.Utf8));
Dynamic salt and iv are used. But when I second time generate key for decryption by same password I'm getting wrong result.(decrypted2 is empty) So I want to ask, what I should store between encryption sessions, salt and iv to ?(but as I understood it should be dynamic ) Thanks!
Let assume that I have an Phonegap mobile app, and I want to store some user data(username/pass_hash) in local indexed db for providing login to app in offline. I want to encrypt that data of course, and my app already use CryptoJS. As I understood, first I need to generate encryption_key by password using PBKDF2, and then just encrypt CryptoJS.AES. Example code:
function generateKey(p){
var salt = CryptoJS.lib.WordArray.random(128/8);
return CryptoJS.PBKDF2(p, salt, { keySize: 512/32, iterations: 1000 });
}
var pass = "test1";
var iv = CryptoJS.lib.WordArray.random(16);
key512Bits1000Iterations = generateKey(pass);
var encrypted = CryptoJS.AES.encrypt("Message", key512Bits1000Iterations, { iv: iv });
var decrypted = CryptoJS.AES.decrypt(encrypted, key512Bits1000Iterations, { iv: iv });
//decrypting with another key step
key512Bits1000Iterations2 = generateKey(pass);
var decrypted2 = CryptoJS.AES.decrypt(encrypted, key512Bits1000Iterations2, { iv: iv });
console.log("decrypted " + decrypted.toString(CryptoJS.enc.Utf8));
console.log("decrypted2 " + decrypted2.toString(CryptoJS.enc.Utf8));
Dynamic salt and iv are used. But when I second time generate key for decryption by same password I'm getting wrong result.(decrypted2 is empty) So I want to ask, what I should store between encryption sessions, salt and iv to ?(but as I understood it should be dynamic ) Thanks!
Share Improve this question asked Nov 15, 2016 at 9:22 MaximMaxim 111 gold badge1 silver badge2 bronze badges 2- If you're using salt for encryption, than you'd need to use the very same salt value to decrypt the message. – Eduard Malakhov Commented Nov 15, 2016 at 9:40
- 1 Thanks! I also found a good article crackstation/hashing-security.htm may be useful someone. – Maxim Commented Nov 15, 2016 at 10:44
1 Answer
Reset to default 3You are generating a new salt in generateKey(...)
. This makes PBKDF2 derived a new key.
function generateKey(p){
var salt = CryptoJS.lib.WordArray.random(128/8);
return CryptoJS.PBKDF2(p, salt, { keySize: 512/32, iterations: 1000 });
}
You would need to store the salt and iv between sessions. These two values don't need to be secret.
本文标签: javascriptCryptoJS how to generate a key every timeStack Overflow
版权声明:本文标题:javascript - CryptoJS how to generate a key every time? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742246214a2439685.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论