使用AES，Crypto.js和.NET的Websockets聊天消息加密

Question

So, I've developed a user chat using Websockets, with ASP.MVC on the server.

I wanted to encrypt all messages (using AES ) sent and received from websockets. To do so, I tried to encrypt the user message before sending ( using Crypto.js ) and decrpyt it on the server (using Security.Cryptography .net ).

The problem is that the encrypted message on the client is different from the encrypted message on the server (with message,key and initialization vector being the same on the client and the user).

Is this a good way of doing the websockets message encrypting? What other solutions would you recommend me?

CryptoJS:

 var encrypted = CryptoJS.AES.encrypt("Message", communicationKey, { iv : communicationIV}, { mode: CryptoJS.mode.CFB });

.NET Cryptography:

 byte[] encryptedMessage = EncryptStringToBytes_Aes(decryptedMessage, keyToDecrypt, ivToDecrypt);
 return Convert.ToBase64String(encryptedMessage);

The Crypto.js encrypted string is:

U2FsdGVkX18wnoGfYzHo2Ms/6CKsRC+cE1fj8ylSPlI=

And the .NET`s Security.Cryptography is:

kLApirWt1VcVu3tTuAizgA==

I`m using the same key and initalization vector on both sides. What could be the problem?

Answer 1

I assume that you want to use CFB mode, because you reference this in your JavaScript code and EncryptStringToBytes_Aes already does this.

Put the mode into the first config object. There is no second one:

var encrypted = CryptoJS.AES.encrypt("Message", communicationKey, {
    iv : communicationIV,
    mode: CryptoJS.mode.CFB
});

Also, CryptoJS formats the output using an OpenSSLFormatter. It includes a salt in there if you use a password based encryption, but it seems that you don't have one. If you want to make sure that only the ciphertext is exchanged, encode it as CryptoJS.enc.Base64.stringify(encrypted.ciphertext) into Base64 instead of using encrypted.toString() .

Don't forget to include mode-cfb.js in your page if you're using the aes rollup, because only CBC is included in there.