Last active
July 12, 2022 21:33
-
-
Save vlntsolo/6e21d58aeb231c1f579723b677125ec5 to your computer and use it in GitHub Desktop.
CryptoJS AES256 Python decode (working code snippets)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
Generates cipher based on AES256 algorithm with CBC mode. | |
Sources: [ https://stackoverflow.com/questions/59488728/aes-encrypt-in-cryptojs-decrypt-in-pycrypto ] | |
**/ | |
var CryptoJS = require("crypto-js"); | |
var originalString = "thisIsAnOriginalString"; | |
var passPhrase = "cRfUjXn2r5u8x/A?D(G-KaPdSgVkYp3s"; // NEVER MAKE PASSWORDS OR SECRETS PUBLIC | |
var bytesInSalt = 128 / 8; | |
var salt = CryptoJS.lib.WordArray.random(bytesInSalt).toString(); // GENERATE UNIQUE SALT FOR EACH NEW CIPHER AND STORE IT ALONG | |
var iterations = 256; | |
var keySize = 48; | |
/** | |
* Encodes raw string / token with AES256 (fixed IV) | |
* @param {string} string - token or string to be encrypted | |
* @returns ciphertext - AES256 encrypted string | |
*/ | |
function encryptString(string) { | |
const bytes = CryptoJS.PBKDF2(passPhrase, salt, { keySize: keySize, iterations: iterations }); | |
const iv = CryptoJS.enc.Hex.parse(bytes.toString().slice(0, 32)); | |
const key = CryptoJS.enc.Hex.parse(bytes.toString().slice(32, 96)); | |
const ciphertext = CryptoJS.AES.encrypt(string, key, { iv: iv }); | |
return ciphertext.toString(); | |
}; | |
/** | |
* Decodes AES256 cipher with passphrase and salt | |
* @param {*} ciphertext | |
* @returns original utf-8 encoded string | |
*/ | |
function decryptCipher(ciphertext) { | |
const bytes = CryptoJS.PBKDF2(passPhrase, salt, { keySize: keySize, iterations: iterations }); | |
const iv = CryptoJS.enc.Hex.parse(bytes.toString().slice(0, 32)); | |
const key = CryptoJS.enc.Hex.parse(bytes.toString().slice(32, 96)); | |
const plainText = CryptoJS.AES.decrypt(ciphertext, key, { iv: iv }) | |
return plainText.toString(CryptoJS.enc.Utf8); | |
}; | |
function run() { | |
const encrypted = encryptString(originalString); | |
console.log("encrypted", encrypted) | |
const decrypted = decryptCipher(encrypted) | |
console.log("decrypted", decrypted) | |
}; | |
run(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Decodes CryptoJS generated cipher using passphrase and salt | |
''' | |
# using pycryptodomex as Cryptodome | |
from Cryptodome import Random | |
from Cryptodome.Cipher import AES | |
from base64 import b64decode | |
from Cryptodome.Protocol.KDF import PBKDF2 | |
CIPHER = "sGUbLudZOUxi0Z/yWSSe9THqYxQs8bvAid4ZD5Ymzus=" # OUR ENCODED STRING FROM JS script | |
PASSPHRASE = "cRfUjXn2r5u8x/A?D(G-KaPdSgVkYp3s" # NEVER MAKE PASSWORDS OR SECRETS PUBLIC | |
SALT = "3f92be25b6be338b11a0017d1037624f" # USE SALT VALUE PROVIDED ALONG WITH CIPHER | |
ITERATIONS = 256 | |
def decrypt(ciphered: str): | |
data = b64decode(ciphered) | |
bytes = PBKDF2(PASSPHRASE.encode("utf-8"), SALT.encode("utf-8"), 48, ITERATIONS) | |
iv = bytes[0:16] | |
key = bytes[16:48] | |
cipher = AES.new(key, AES.MODE_CBC, iv) | |
text = cipher.decrypt(data) | |
text = text[:-text[-1]].decode("utf-8") | |
return text | |
if __name__ == '__main__': | |
source = decrypt(CIPHER) | |
print("Source string is:", source) # output: Source string is: thisIsAnOriginalString |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment