"Key length is not legal" when using a binary secret key

[sovattha]

Hello,

I would like to encrypt a string using the algorithm 'rijndael-128' in 'ecb' mode.

My key is in binary format.

I create my key with the following code.

      var sha256Encrypt = function(key) {
        var cipher = crypto.createHash('sha256');
        return cipher.update(key, 'utf8').digest('binary');
      };

Then I would like to encrypt my message with the key using:

      var aes256Encrypt2 = function(message, secret) {
        var MCrypt = require('mcrypt').MCrypt;
        var rijEcb = new MCrypt('rijndael-128', 'ecb');
        rijEcb.validateKeySize(false);
        rijEcb.open(secret);
        return cipherText = rijEcb.encrypt(message).toString('base64');
      };

secret.length is 32. But I get the message:
Key length is not legal.

If I leave the key validation size, I get:
Invalid key size. Available key size are [16, 24, 32]

I know the key should be either a string or a buffer. I did convert my key into a buffer:

          var buf = new Buffer(32);
          buf.write(key);

It works, but the result is not the one expected.

Would you have any suggestion?

[seeekr]

here's the example from the README:

var mc = new MCrypt('blowfish', 'ecb');
mc.validateKeySize(false); // disable key size checking
mc.open('typeconfig.sys^_-');

Just disable key size checking. It worked for me! I know very little about crypto, so I don't know what this implies, but since it seems to work on the surface...

[tugrul]

@sovattha is your key contains any null byte \x0?

[sovattha]

@tugrul Hi, no my key does not contain any null byte.

I created a test here. Just click Run.
Or you can execute locally the code below:

 var crypto = require('crypto');

/**
 * Create a BINARY Key
 */
 var sha256Encrypt = function(key, format) {
   var cipher = crypto.createHash('sha256');
   return cipher.update(key, 'utf8').digest(format);
 };

/**
 * Encrypt the given message using the given binary key
 */
 var aes256Encrypt2 = function(message, secret) {
   var MCrypt = require('mcrypt').MCrypt;
   var rijEcb = new MCrypt('rijndael-128', 'ecb');
   rijEcb.validateKeySize(true);
   rijEcb.open(secret); // Get "TypeError: Invalid key size. Available key size are [16, 24, 32]"
   var cipherText = rijEcb.encrypt(message).toString('base64');
   return cipherText;
 };

// Create my key
 var sha256KeyAsString = sha256Encrypt('gKSfthqC5W5shXpfVujf', 'string');
 console.log('secret is: ', sha256KeyAsString); // Result is <Buffer 7b 37 2b 64 37 92 c8 81 84 80 43 85 03 2b 02 42 10 4e 6c c7 32 c0 5b 91 16 93 67 c6 46 b0 00 4d>
 console.log('secret length is: ', sha256KeyAsString.length); // Secret length is 32
 var sha256KeyAsBinary = sha256Encrypt('gKSfthqC5W5shXpfVujf', 'binary');
 console.log('secret is: ', sha256KeyAsBinary); // Result is a binary string
 console.log('secret length is: ', sha256KeyAsBinary.length); // Secret length is 32

// Try to encrypt the message using the key
 var message = '123456789;00005;1234567';
 var messageUtf8 = require('utf8').encode(message);
 var aes256KeyWithStringSecret = aes256Encrypt2(messageUtf8, sha256KeyAsString); // This works great with a key being a string but my key is a BINARY one
 console.log(aes256KeyWithStringSecret);

 // Try to encrypt the message using the key
 var message = '123456789;00005;1234567';
 var messageUtf8 = require('utf8').encode(message);
 var aes256KeyWithBinarySecret = aes256Encrypt2(messageUtf8, sha256KeyAsBinary); // This fails with a binary key
 console.log(aes256KeyWithBinarySecret);

Hope this helps you guys helping me :-)

[wangnan0610]

I also encountered the same problem ！

[wangnan0610]

Hope someone help me ~