current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite 
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script>
var toEncMes = "This is a secret message.";
var secPas = "myPassword";
var encrypted = CryptoJS.AES.encrypt(toEncMes, secPas);

alert (encrypted);
var decrypted = CryptoJS.AES.decrypt(encrypted, secPas);
alert (decrypted);
</script>

I probably just don't understand the concept but I have no idea.

The end result from my code is still just a jumbled mess when I display decrypted result.

I found this here: https://code.google.com/p/crypto-js/

The original entry looks like this:

The Advanced Encryption Standard (AES) is a U.S. Federal Information Processing Standard (FIPS). It was selected after a 5-year process where 15 competing designs were evaluated.

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js">    </script>
<script>
    var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase");

    var decrypted = CryptoJS.AES.decrypt(encrypted, "Secret Passphrase");
</script>

CryptoJS supports AES-128, AES-192, and AES-256. It will pick the variant by the size of the key you pass in. If you use a passphrase, then it will generate a 256-bit key.

share|improve this question
1  
AES is symmetric so passing the same passphrase to both should be fine. "myPassword" is too small a secret for any variant of AES, so it's probably creating a secret from that. Maybe it does that for encrypt but not for decrypt. Can you try using a 256 bit key instead of a passphrase? –  Mike Samuel Apr 25 at 21:39
    
I added more details to my post. Anyhow, what it says is: "If you use a passphrase, then it will generate a 256-bit key." So, if I'm reading that correctly, I shouldn't have to use one right? –  Eric Apr 25 at 23:09
    
It sounds like it's really not as simple as I thought it was based off what I just read here, looks like I have some learning to do: groups.google.com/forum/#!searchin/crypto-js/AES/crypto-js/… –  Eric Apr 25 at 23:17
add comment

1 Answer 1

up vote 1 down vote accepted

You are alerting the raw decrypted object - the default encoding for such is hex. It needs to be converted to a string using the appropriate human-readable encoding:

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script>
var toEncMes = "This is a secret message.";
var secPas = "myPassword";
var encrypted = CryptoJS.AES.encrypt(toEncMes, secPas);

alert (encrypted);
var decrypted = CryptoJS.AES.decrypt(encrypted, secPas);
alert (decrypted.toString(CryptoJS.enc.Utf8)); // <---- note specified encoding
</script>

Of course, the usual cryptographic warning signs still apply: this doesn't ensure your message has not been tampered with, etc.

share|improve this answer
    
Really appreciate that. Thank you. –  Eric Apr 26 at 6:28
add comment

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.