1

I have an encrypted message created with this openssl command:

openssl enc -aes-256-cbc -salt -in plaintext.txt -out cipher.enc

I've tried CryptoJS and this aes library to decrypt it following the examples. All I get out is gibberish. My quess is that the decryption fails because I don't know how to tell the javascript decryption that the cipher is salted or because it's in "cbc-mode". CryptoJS looks more flexible so it might very well work. But what kind of parameters should I feed it?

Note: this is running in a browser, not in node.js

Improve this question
3
  • A cipher does not take a salt; the -salt argument only applies to password-based key derivation. A cipher in CBC mode takes a key and an initialization vector. You need to pass the -K and -iv arguments to OpenSSL (or alternatively, if you want to use password-based encryption, the -pass argument; however, you might have difficulty finding a JavaScript implementation of the applicable key derivation function). Either way, before you proceed any further, please read this: matasano.com/articles/javascript-cryptography Commented Jul 28, 2013 at 19:57
  • Read this page for some advice on why crypto in browser JavaScript is a bad idea. Commented Jul 29, 2013 at 7:26
  • 1
    Actually the browser is inside my PhoneGap/Cordova-application in this case. So at least not all of those perils should apply. Commented Jul 29, 2013 at 10:59

1 Answer 1

Reset to default
1

I put "Message" in a file using:

echo -n "Message" > plaintext.txt

Then I used your example, and password as my password

openssl enc -aes-256-cbc -salt -in plaintextut cipher.enc enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:

Then I needed the Base64 version of cipher.enc

cat cipher.enc | base64 U2FsdGVkX1/oA4O+uXXBXAjAenRJwpUV4UqQp4aYCpk=

Lastly, this is the CryptoJS that worked for me:

var dec = CryptoJS.AES.decrypt("U2FsdGVkX1/oA4O+uXXBXAjAenRJwpUV4UqQp4aYCpk=", "password"); var plaintext = CryptoJS.enc.Latin1.stringify(dec);
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thanks! Looks like I'm missing a base64-ifying step then. I read the encrypted file from dropbox, so I'll have to encode the cipher to base64 in Javascript. But that shouldn't be a problem, I'll try that later today.
Ran into this nasty CryptoJS bug: code.google.com/p/crypto-js/issues/… Spent ages banging my head to the wall. Accidentally Latin1 decode of the utf8 data produced the first few words correctly (unlike utf8 decoding which just crashed) and only then started to look weird. In the end I just had to remove newlines from the encrypted base64 data before decrypting and it started working. Whew.
Also got encryption working, fought ages for scandinavian characters (they got encoded wrong). This meta tag in my html fixed it: <meta http-equiv="Content-Type" content="text/html; charset=utf-8">. Also had to split encrypted base64 to 64 char lines so that openssl was able to read the output.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.