meychi / ascrypt Goto Github PK
View Code? Open in Web Editor NEWOpen-source crypto library with a similar API for multiple languages.
License: Other
Open-source crypto library with a similar API for multiple languages.
License: Other
var out:String = Base64.encode(bytes);
in output missing one character on end of string "....vVfeey2z=" ,
correct Base64 encoding return one more char "....vVfeey2zo="
1- Turn all function to inline ( greatly increase security).
2- Turn all .concat([]) to Array.copy(). It greatly increases perfs on various targets.
If you are ok with those and have no time, i can do the fix myself.
Thanks for your perfect work anyway !
used that to gen keys :
openssl enc -aes-128-cbc -k secret -P -md sha1
The following code does not crypt/decrypt correctlyin cbc but in ctr it works perfectly.
public static function tryCBC()
{
var data = "ernlkg aerlblaeRBEQBERBREJBEFBNBR345TY5";
var padded = org.ascrypt.padding.ZEROS.pad( org.ascrypt.encoding.UTF8.textToBytes(data), 128);
var key = org.ascrypt.encoding.UTF8.textToBytes("32C60C1485850AAA08C0F3AF96AA25CC");
var iv = org.ascrypt.encoding.UTF8.textToBytes("C2CB1796EE7BA6D67B3E7A5701F84A29");
var cr = org.ascrypt.AES.encrypt( key, padded, "cbc", iv);
var dcr = org.ascrypt.AES.decrypt( key, cr, "cbc", iv);
var ndata = org.ascrypt.encoding.UTF8.bytesToText( org.ascrypt.padding.ZEROS.unpad(dcr) );
trace("matches :"+ (data == ndata));
trace(data);
trace(ndata);
}
Have i missed something ?
Thanks a lot
str2long processes each 4 bytes into a 32 bit integer without checking for any possible remainder. This causes strings with, let's say for example, 142 chars to be processed only up to the 140th char.
A quick workaround to this problem is appending nullbytes as padding. Things like this are handled in a javascript implementation of the same encryption technique.
https://html-encrypter.googlecode.com/svn/trunk/hea5.js
(The only difference, is that this implementation base64's the final result, apart from that, it is much similar to yours)
So I'd suggest the following changes
/**
* Converts string to long array.
*/
private static function str2long($s)
{
// Fill last 4-char block
$i = strlen($s);
$r = $i % 4;
if($r != 0) $s = str_pad($s, $i + 4 - $r, "\0");
// Convert and return
return array_values(unpack('V*', $s));
}
/**
* Converts long array to string.
*/
private static function long2str($v)
{
// Convert
$s = '';
for ($i = 0; $i < count($v); $i++)
{
$s .= pack('V', $v[$i]);
}
// Strip trailing null chars resulting from filling last 4-char block and return
return rtrim($s, "\0");
}
Regards,
NewEraCracker
Hello,
As rails uses ruby, I tried to use https://github.com/nateware/fast-aes which uses AES (ECB mode)
So, I tried it with AES-128, what I do is encrypt using your library and try to decrypt using fast-aes, unfortunately I couldn't have the same results..
if input is "0123456789012345" , after deencrypt at fast-aes, I get:
0123456789012345���xo�]�[����SYi
Here is my implementation in haxe:
var input:String = "0123456789012345";
var utf8Bytes:Array<Int> = UTF8.textToBytes(input);
var aes128key:Array<Int> = UTF8.textToBytes("1234567890123456");
var aes128enc:Array<Int> = AES.encrypt(aes128key, PKCS7.pad(utf8Bytes, 16)); // Encrypt in ECB. Needs padding.
var aes128dec:Array<Int> = PKCS7.unpad(AES.decrypt(aes128key, aes128enc)); // Decrypt in ECB. Needs unpadding.
I copy the result of Base64.encode(aes128enc) and paste into ruby:
aesHx = FastAES.new("1234567890123456")
aesHx.decrypt(Base64.decode64("e0v8id0XABVEgrx+toa7DgUBh6DN5amHLLqwkatz5V="))
I am using the same key on client and server, can you please advice?
Is it possible to create port for node.js?
Hi,
Thanks for the lib which is very interesting !
It would be very cool to provide unittests with the haxe lib. We are detecting issues but it is impossible to quickly know where the error comes from without reference code.
Thanks a lot :)
The AS2 examples keep throwing this error. You can replicate it by running the following code:
import org.ascrypt.*;
import org.ascrypt.common.*;
import org.ascrypt.padding.*;
import org.ascrypt.encoding.*;
import org.ascrypt.utilities.*;
var aes256iv:Array = UTF8.textToBytes("1234567890123456");
var aes256key:Array = UTF8.textToBytes("12345678901234561234567890123456");
var aes256enc:Array = AES.encrypt(aes256key, PKCS7.pad(utf8Bytes, 16), OperationMode.CTR, aes256iv); // Encrypt in CTR mode. Needs padding.
var aes256dec:Array = PKCS7.unpad(AES.decrypt(aes256key, aes256enc, OperationMode.CTR, aes256iv)); // Decrypt in CTR mode. Needs unpadding.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.