mdp / gibberish-aes Goto Github PK

I skimmed through a bit of code and saw a switch statement

switch (newsize)
{
case 128:
Nr = 10;
Nk = 4;
break;
case 192:
Nr = 12;
Nk = 6;
break;
case 256:
Nr = 14;
Nk = 8;
break;
default:
throw ('Invalid Key Size Specified:' + newsize);
}

From what I see ... we can use 512 bit encryption?
And correct me if I'm wrong, but wouldn't it be as easy as doing

case 512:
Nr = 28;
Nk = 16;
break;

(2x 256)

I want to create a file encryption site, so I googled for some JS AES encryption, I found this, its open-source and looks good... so why not!

Thanks!

Hi,

Thanks for your great library.

I'd love to use gibberish-aes trough https://rails-assets.org, but that's not possible since the releases are not tagged.

Could you specify a tag for the latest 1.0.0 release?

Thanks!

I think MIT license declare should keep even if it's been minimized.
If you want to keep this version as small as possible.
jQuery's way is also good ( http://code.jquery.com/jquery-1.7.1.min.js, see first line )

hellow, I want to user this aes method for my android app but I dont know how to make it. Holp for ur help

In looking at the MD5 portion, the output doesn't seem to be the same as PHP's md5(). Am I creating the hex string incorrectly?

See: http://gist.github.com/300633

So. Why first concatenation hash always identical?
It is not compatible with my backend because your vector won't to be modified.

Bad solution.

We can set key size as follows:

GibberishAES.size(128);
// or
GibberishAES.size(192);
// or
GibberishAES.size(256);

Key size is an internal state of the encryptor. Currently there is no way it to be retrieved.

Can you make the method GibberishAES.size to return the "old"/"previous" key size? Sample usage:

var old_key_size = GibberishAES.size(192);
// old_key_size = 256
// Do some encryptions/decryptions ...
// And then:
GibberishAES.size(old_key_size);

Also, GibberishAES.size may be used without a parameter, in this case it becomes just a getter:

var old_key_size = GibberishAES.size();
// old_key_size = 256
GibberishAES.size(192);
// Do some encryptions/decryptions ...
// And then:
GibberishAES.size(old_key_size);

I had Symantec Endpoint Protection (SEP) and it would find this minified gibberish-aes file in the project and delete it. Is there a reason why its doing that? I deleted Symantec and intend on replacing it with something else. However, this may not be a solution for lot of others who are using gibberish-aes

This link is broken. as "Click here" to run the test package in your browser. Thought you might like to know.

Hi!

Given:

    GibberishAES.size(256); 

    var password = GibberishAES.s2a("67a4f45f0d1d9bc606486fc42dc49416");
    var iv = GibberishAES.s2a("0123456789012345");
    var plaintext = GibberishAES.s2a("yay!");

    enc = GibberishAES.rawEncrypt(plaintext, password, iv);
    GibberishAES.Base64.encode(enc);

The above returns:

q/xJqqN6qbiZMXYmiQC1Fw==

How would I do the equivalent openssl encrypt and decrypt commandline? Passing the pw and iv in the correct format to openssl is throwing me off.

Thanks,
geremy

How can I use gibberish-aes, but I wont exclude chars like "/" or "", are enter in conflit with my other data.

It's possible exclude a ecryption result withour that chars?

In order to keep this library attractive compared to solutions like SJCL we need to spot weaknesses create an outlook for the further development and maintenance.

That is, I divided this issue into multiple parts: 1. issues and weaknesses of this library as-is right now, 2. what needs to be done to resolve these issues and lastly, 3. general notes.

Let's see this as a „scrum“ in open-source spirit ✌️

⇝ Issues

• No authentication before decrypting messages
• Bad block method compared to SJCL

↯ Outlook

• Implement message authentication
• Revise block method
• Refactor; break the library down to edible bits
• Use native methods when used in server environments (Node)
• Use ArrayBuffers et al
• Spot potential weaknesses

↺ Notes

• Lets see how SJCL is tackling the issues proposed by @mdp
• SJCL's AES effectively boils down to http://cl.ly/text/04440e0y0T1t/sjcl.js

I install with npm module, I can't easy import it as an npm package

Hello-

Encrypting using this function gives me exactly what I am looking for:

function encrypt(data) {
    var hex_message = GibberishAES.s2a(JSON.stringify(data.data.message));
    var encryptedHexArray = GibberishAES.rawEncrypt(hex_message, cipher_key, iv);
    var base_64_encrypted = GibberishAES.Base64.encode(encryptedHexArray);
    return base_64_encrypted || data.data.message;
}

However, because I am passing my own cipher_key and iv in, GibberishAES.dec will not work for me. And GibberishAES.rawDecrypt appears to be a private method.

Any ideas how I can decrypt based on the above encrypt method?

tia

I am running into an error when decrypting data

TypeError: string.replace is not a function
http://localhost:8080/jQuery.handleStorage/3rd-party/gibberish-aes/src/gibberish-aes.js
Line 930

EDIT: Nevermind, I forgot to send a string vs. an array. Please close.