marspalepurple / crypto-js Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/crypto-js
Automatically exported from code.google.com/p/crypto-js
The CryptoJS files should include a license header, or there should be a
LICENSE file in the source tree. Right now, one can find the license only by
visiting the google code page, which might be problematic from a legal
standpoint.
Original issue reported on code.google.com by [email protected]
on 22 Jan 2012 at 10:34
Problem: Browsers will stop and display a warning when crypto operations takes
too long to run (like PBKDF2 with large iteration). Means of detection browsers
use varies, some measure actual time, others measuring # of statements.
Suggested solution: divide up crypto operations into smaller units and run each
unit through a callback argument. With browsers, callback can be implemented
using setTimeout or Web worker API. With Node.js, callback can call
process.nextTick.
Original issue reported on code.google.com by [email protected]
on 7 Mar 2011 at 12:34
What steps will reproduce the problem?
1. in an HTML file, include scripts/crypto-md5/crypto-md5.js (from the
latest downloadable zip file)
2. also include scripts/crypto-sha1/crypto-sha1.js
3. the Crypto.MD5 function will not be available (you get an error if you
try to use it)
4. remove scripts/crypto-sha1/crypto-sha1.js
5. the Crypto.MD5 function is now available
What is the expected output? What do you see instead?
I expect to be able to use both the Crypto.MD5 and Crypto.SHA1 (and
Crypto.SHA256) in the same page.
What version of the product are you using? On what operating system?
crypto-js 2.0.0
OS is Linux (Ubuntu 9.10)
Browser = Firefox 3.5.8
Please provide any additional information below.
It seems crypto-sha1.js overwrites the Crypto object, thus removing the
Crypto.MD5 function
This is probably true for all the Crypto.* methods
Original issue reported on code.google.com by [email protected]
on 9 Apr 2010 at 4:43
What steps will reproduce the problem?
Use the latest Chrome dev (6.0.495.0)
Call:
Crypto.util.bytesToBase64(Crypto.HMAC(Crypto.SHA1, "GA", "GA", {asBytes: true}))
What is the expected output? What do you see instead?
Expected: bBg1Ebw0ajGh8E47JCjrZ63PdKI=
Instead I see: o4iKvmV1Ahll2gbgpSLys/9e5pY=
What version of the product are you using? On what operating system?
Chrome (6.0.495.0) on OSX
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Aug 2010 at 1:44
What steps will reproduce the problem?
1.Run Crypto.util.bytesToWords([0,0,-1,0])
What is the expected output? What do you see instead?
Expected output: 0x0000FF00 (65280).
The produced output: 0xFFFFFF00 (-256).
What version of the product are you using? On what operating system?
2.5.2
Please provide any additional information below.
To fix this problem, the following line inside Crypto.util.bytesToWords
words[b>>5] |= bytes[i] << (24-b%32)
can be replaced with
words[b>>5] |= (bytes[i] & 0xFF) << (24-b%32)
Original issue reported on code.google.com by [email protected]
on 22 Nov 2011 at 9:54
1. DES does not work with mode: ECB, CBC or CTR.
2. DES does not work correctly with mode: OFB.
What steps will reproduce the problem?
1.
var crypted = Crypto.DES.encrypt("Message", "Secret Passphrase", { mode: new
Crypto.mode.CBC }); - not working.
FireBug console: "a._encryptblock is not a function"
2.
var crypted = Crypto.DES.encrypt("Message", "Secret Passphrase");
crypted = Crypto.util.base64ToBytes(crypted);
crypted = Crypto.charenc.Binary.bytesToString(crypted);
// crypted = plaintext = "Message"
crypted = crypted.substring(8);
- the same result with PHP function base64decode
What version of the product are you using? On what operating system?
Chrome, FF+FireBug and 2.5.1
Please provide any additional information below.
btw a better documentation would be nice
Original issue reported on code.google.com by [email protected]
on 2 Nov 2011 at 8:53
What steps will reproduce the problem?
1. Do this: Crypto.SHA256('\xff')
What is the expected output? What do you see instead?
The hash should be (tested in Python):
a8100ae6aa1940d0b663bb31cd466142ebbdbd5187131b92d93818987832eb89
But is:
ea47fa96cf6d727d3068913da9193fef44aec4ee2c5972e9ac50cf7d637a56cf
What version of the product are you using? On what operating system?
I am using Crypto-js version 2.5.2. I tried the fix in issue #16, but it
doesn't work (same output).
Please provide any additional information below.
The other hash is one using Python: hashlib.sha256('\xff').hexdigest()
Original issue reported on code.google.com by [email protected]
on 7 Jan 2012 at 8:57
What steps will reproduce the problem?
1. Download file
http://download.aptana.com/studio3/standalone/3.0.6/win/Aptana_Studio_3_Setup_3.
0.6.exe
2. Calculate SHA256 checksum in Firefox
What is the expected output? What do you see instead?
expected:
33511286209c73e490d558cbfdfbba2caac93632fe58217d3d343aa5fb0ee8b4
result:
d1cdbe54d3319330bb1a921042c696dad794e19009c05d08b7b55518f90b4ed8
What version of the product are you using? On what operating system?
Firefox 8 (Windows 7 x64)
How to fix:
SHA256 function:
change line:
a = t1 + t2;
to:
a = (t1 + t2) >>>0;
Original issue reported on code.google.com by [email protected]
on 9 Nov 2011 at 6:28
I needed compatibility with node.js crypto, so I had to hack AES.js to pass IV
in. At the same time, IV had to be packaged separately and not part of the
encrypted result.
My modified version of AES.js is attached for your review.
Note that options.iv is assumed to be an array in my version.
Thx.
Original issue reported on code.google.com by [email protected]
on 14 Mar 2011 at 9:24
Attachments:
What steps will reproduce the problem?
1. compute has using Crypto.HMAC(Crypto.SHA1, "Message", "Key", { asBytes: true
}); in IE
2. Repeat step (1) in Safari
3. Compare array of bytes
What is the expected output? What do you see instead?
Output should be the same, but they're different.
What version of the product are you using? On what operating system?
Windows Vista Home Edition, IE 8, Safari 5
Original issue reported on code.google.com by [email protected]
on 12 Nov 2010 at 5:02
This is a request, not an issue. Is there a chance that we could have the
Blake-256 and Blake-512 hashing algoritms added to this library? Thank you.
Original issue reported on code.google.com by [email protected]
on 29 Nov 2011 at 4:51
We are trying to decrypt existing AES crypto that uses the CBC mode. The
problem is that the upper layers always make sure that the plain text is of
correct length, and thus no padding mechanism is needed from the encryption
library. crypto-js however, assumes in CBC mode that the data has been padded
in a specific way.
We are trying to write a library that is compatible with a piece of existing
software, so we cannot change that software to add a crypto-js compatible
padding. Also the other way around, while encrypting the data, the padding
added by crypto-js CBC code might break the original application while it tries
to decrypt items created by crypto-js.
We were able to work around this by making our own copy of the cbc mode and
commenting out the padding related code. However we are hoping the library
would gain an option for disabling the padding.
Original issue reported on code.google.com by [email protected]
on 18 Jun 2010 at 9:06
This is a feature request, not an issue.
It would be great if this library also supported RSA signing and validation,
similar to what was done by Kenji Urushima:
http://www9.atwiki.jp/kurushima/pub/jsrsa/
Original issue reported on code.google.com by [email protected]
on 19 Jan 2012 at 11:26
What steps will reproduce the problem?
1. run Crypto.SHA256("á") in firebug
What is the expected output?
fb9778719d93551b1c88df5f1ab229f83ea30af112fc51017c9f0a383dcf6cb3
What do you see instead?
eb3e85d7fbf56104c8021681e68d771b9b9205b93e9219c8f81f60af703de381
What version of the product are you using?
2.0.0
On what operating system?
Mac/Chrome 7
Original issue reported on code.google.com by [email protected]
on 17 Nov 2010 at 3:25
Currently it seems that symmetric ciphers like AES can work with CBC mode but
only using random iv.
Could you add ability to provide iv along with mode in options to AES?
Original issue reported on code.google.com by [email protected]
on 5 Jul 2010 at 11:59
Implement SHA-512.
Existing implementations under BSD license are at:
http://jssha.sourceforge.net/
http://pajhome.org.uk/crypt/md5/sha512.html
Original issue reported on code.google.com by [email protected]
on 9 Mar 2012 at 8:50
What steps will reproduce the problem?
1.
/*** encrypt */
var ciphertext = Crypto.AES.encrypt("plaintext", "Secret Passphrase", { mode:
new Crypto.mode.CTR });
2.
/*** decrypt */
var plaintext = Crypto.AES.decrypt("ciphertext", "Secret Passphrase", { mode:
new Crypto.mode.CTR });
3.
/* outoput error: */
malformed URI sequence 6-a*2);return
j}};n=n.charenc={};n.UTF...rCode(f[b]));return
j.join("")}}})(); <- 2.4.0-...-aes.js (line 10)
What is the expected output?
// encrypt
ciphertext = "UCscqUZ5g%2BfhZD6LcLj5JzHjrIfxxYFIGgX%2F%2FCj24Rg%3D";
// decrypt
plaintext = "plaintext";
What do you see instead?
/* outoput error: */
malformed URI sequence 6-a*2);return
j}};n=n.charenc={};n.UTF...rCode(f[b]));return
j.join("")}}})(); <- 2.4.0-...-aes.js (line 10)
What version of the product are you using?
bug fixed in version 2.5.3
On what operating system?
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:10.0.2) Gecko/20100101
Firefox/10.0.2
Please provide any additional information below.
Documentation :
http://localhost/crypto/secretkey/doc/doc_aes_cryptojs.html
3 Dic 2011, 12:06 - [ Error encrypt / decrypt CTR ] bug fixed in version 2.5.3
http://groups.google.com/group/crypto-js/browse_thread/thread/6e9685b92c6ca99f?p
li=1
Original issue reported on code.google.com by [email protected]
on 12 Mar 2012 at 4:26
When using the HMAC SHA1 functions, the functions do not return the same
data as provided by the RFC2202 (http://www.faqs.org/rfcs/rfc2202.html).
Original issue reported on code.google.com by [email protected]
on 15 Mar 2010 at 2:09
Since some time, WebKit implements a function called
window.crypto.getRandomValues() that generates cryptographically secure random
values using the operating system's entropy pool. This feature is just now in
the process of being integrated into Gecko, too:
https://bugzilla.mozilla.org/show_bug.cgi?id=440046
The attached patch checks if getRandomValues() and, if available, uses it,
while falling back to Math.random() otherwise. I tested it on both Chromium
(which has getRandomValues) and Firefox (which currently doesn't) and it seems
to work fine, with the right code path being used.
Original issue reported on code.google.com by [email protected]
on 10 Jan 2012 at 5:37
Attachments:
What steps will reproduce the problem?
1. Call method Crypto.util.hexToBytes(helloHex);
2. With a hex number with uneven number of digits e.g. 3, 5, 7 and so on (12F,
34F52)
3. then the result is not correct since the function reads indata in sets of two
What is the expected output? What do you see instead?
input: 1024
output: [64,0]
should be: [4,0]
What version of the product are you using? On what operating system?
Chrome and 2.5.1
This could be a solution, it might not be perfect but it works
// Convert a hex string to a byte array
hexToBytes: function (hex) {
hex=(hex.length%2==0?"":"0")+hex;
for (var bytes = [], c = 0; c < hex.length; c += 2)
bytes.push(parseInt(hex.substr(c, 2), 16));
return bytes;
}
Original issue reported on code.google.com by [email protected]
on 4 Oct 2011 at 12:58
I have an application where I want to incrementally compute hashes of data, eg.
SHA256(A)
SHA256(A+B)
SHA256(A+B+C)
etc.
I don't want this to be an O(n^2) algorithm, so I was wondering if the API
could support a lower-level object with an API like:
var sha256 = new Crypto.SHA256()
sha256.append(A)
var digestA = sha256.digest();
sha256.append(B)
var digestB = sha256.digest();
// etc.
It seems like the algorithm allows this and that this would be easy to
implement. What do you think?
Original issue reported on code.google.com by [email protected]
on 26 Jan 2012 at 6:10
While using crypto-js we have experienced some problems in converting a byte
string into a list of integers. We occasionally get values bigger than 0xff.
Which obviously should not happen when converting a bytestring into integers.
We were able to fix the problem by doing a bitwise AND against 0xff before
outputting the value (see code below). This seemed to fix the issue for us. We
feel this might be a bug in the library. In case we got it wrong, we'd like to
gain better understanding about what is happening.
Crypto.charenc.Binary.stringToBytes = function (str) {
for (var bytes = [], i = 0; i < str.length; i++) {
bytes.push(str.charCodeAt(i) & 0xff);
}
return bytes;
};
Original issue reported on code.google.com by [email protected]
on 18 Jun 2010 at 8:57
Due to the way setTimeout forces the browser to wait at minimum 4 ms before
resuming the computation it makes the async pbkdf2 very slow, taking a full 10
seconds with 2000 iterations. I've added a loop forcing it to compute for at
least 100ms before returning to the browser, this gives it speed without much
browser lag:
while (i < iterations && ((new Date()).getTime() - start.getTime()) < 100)
I've attached a copy of the source for reference.
Original issue reported on code.google.com by [email protected]
on 21 Feb 2012 at 6:03
Attachments:
It would be great if Crypto-JS implemented some public key cryptography such as
RSA or something in the ECC space. Although there are some JavaScript RSA
implementation floating around in the net, their quality is doubtful and if you
want to use it in conjunction with the symmetric ciphers and hash functions of
Crypto-JS (which would not be unusual, I believe) you run into problems because
of inconsistent interfaces.
Original issue reported on code.google.com by [email protected]
on 10 Jan 2012 at 1:36
What steps will reproduce the problem?
1. Start the Testsuite on Opera 10.53
What is the expected output? What do you see instead?
All tests should pass but these are failing
test util.gt: failed.
Value should be true.
Expected: true (boolean)
Actual: false (boolean)
test util.lt: failed.
Value should be true.
Expected: true (boolean)
Actual: false (boolean)
test util.endian: failed.
Values should be equal.
Expected: 4041261184 (number)
Actual: -253706112 (number)
test enc.UTF8.decode: failed.
Values should be equal.
Expected: 1105365410,3465620992 (string)
Actual: 1105365410,-829346304 (string)
test enc.Base64.decode: failed.
Values should be equal.
Expected: 352033795,3648913408 (string)
Actual: 352033795,-646053888 (object)
test types.WordArray.concat: failed.
Values should be equal.
Expected: 4294967295 (string)
Actual: -1 (string)
test SHA256: failed.
Values should be equal.
Expected: f7846f55cf23e14eebeab5b4e1550cad5b509e3348fbc4efa3a1413d393cb650
(string)
Actual: 8a19c396a89853b8baf0050e3b4dfeb4f19bae586f6b491249a1fe38ff98faa5
(string)
Opera
Version 10.53
Build 3374
Platform Win32
Original issue reported on code.google.com by [email protected]
on 5 Jun 2010 at 2:07
What steps will reproduce the problem?
1. Call Crypto.MD5() with a string larger than 4000 characters
What is the expected output? What do you see instead?
The returned MD5 hash string is the correct length, however every character
is a zero.
What version of the product are you using? On what operating system?
Crypto-JS v1.1.0, Firefox 3.5, Windows XP Pro
Original issue reported on code.google.com by [email protected]
on 16 Sep 2009 at 4:04
What steps will reproduce the problem?
1. Replace YUI Compressor with Google Closure compiler
2. See build fail
The following cause errors and/or warnings:
in CBC.js:
while (c.pop() != 0x80) ;
The compiler wants {} instead of ;
in AES.js (twice):
mode = options && options.mode || C.mode.OFB;
The variable mode is not declared. Prepending "var " to the lines solves this.
Original issue reported on code.google.com by [email protected]
on 5 Mar 2011 at 1:07
What steps will reproduce the problem?
1. cd builder/
2. php -f builder.php
3. Lots of warnings about missing files.
What version of the product are you using? On what operating system?
Using checkout from subversion.
Please provide any additional information below.
The files and rollups arrays in builder/builder.php are all in lower case and
used for referencing files in the project even though the actual files are
using mixed casing.
The supplied patch should fixed the issue for my part.
Original issue reported on code.google.com by [email protected]
on 13 Feb 2012 at 6:53
Attachments:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.