Expand my Community achievements bar.

SOLVED

Data encrypted with "cryptString" function cannot be decrypted on website using CryptoJS

Avatar

Level 1

Hi,

I'm trying to embed some encrypted data in links in email and then get the data decrypted when user arrives at the actual website. 

 

Here is what we use to encrypt the data in the Adobe Camapgin:

<%= cryptString('test','base-64-encoded-256bit-key',false) %> 

 

Then on the website, I'm using CryptoJS (https://cryptojs.gitbook.io/docs/) to decrypt the data and I haven't been able to get the decryption working...

 

According to the cryptString documentation, cryptString uses a zero IV? the key param of the function is base64 representation of the AES key (bytes), then it's a CBC, the padding isn't clear in the documentation. I assume that's NoPadding of CryptoJS?

 

Does anyone have any success experience doing this? Thanks!

 

Javascript code:

var iv = CryptoJS.enc.Hex.parse("00000000000000000000000000000000");
var key = CryptoJS.enc.Base64.parse("base64-string-goes-here");
var decrypted = CryptoJS.AES.decrypt({
ciphertext: CryptoJS.enc.Base64.parse("output-of-cryptString"),
}, key, {
mode: CryptoJS.mode.CBC,
iv,
padding: CryptoJS.pad.NoPadding
});

 

1 Accepted Solution

Avatar

Correct answer by
Level 1

We ended up importing CryptoJS into ACC and use it directly there. Now we have full control on how AES is done and it works great so far.

View solution in original post

5 Replies

Avatar

Level 1

This is getting very interesting... one strange thing I found is that none of the test outputs I got for the cryptString function is a valid base64 string. have no clue what I'm missing here.

Avatar

Level 4
One more interesting thing: If you encrypt same string with same password and without salt, you will get same result most of the time. But some time you will get different result. Also, sometimes, decryptstring will not be able to decrypt the encrypted text

Avatar

Correct answer by
Level 1

We ended up importing CryptoJS into ACC and use it directly there. Now we have full control on how AES is done and it works great so far.

Avatar

Level 2
Thank you! I think we might end up doing the same. Do you know if this would be possible to use in personalisation blocks?

Avatar

Community Advisor

Hello,

I know your post is a year old, but I managed to get some result with the cryptString function.

First and as you mentionned, the key must be passed in base 64 format.

The salt parameter must be set to false.

Also, the result of the cryptString starts with the '@' character. When I try to decrypt it on the web page "https://www.devglan.com/online-tools/aes-encryption-decryption" (with empty Initial Vector of course), the "@" character doesn't seem to be a problem (and works also without), but with CryptoJS, you must delete this '@'.

Here an example :

//Adobe Campaign JS CODE to crypt 'Hello my friend' with 'CF12D5998AE799C6' key :
var key = "CF12D5998AE799C6";
var mBuffer = new MemoryBuffer(); mBuffer.fromString(key);
var b64Key = mBuffer.toBase64();
logInfo(cryptString("Hello my friend",b64Key, false) ) ;
//display : @1EZr24+U+KslB6s+5HSqjw==

Try to decrypt on devglan.com page :

Mode : CBC

IV : empty

Key Size in Bits: 128

Secret Key : CF12D5998AE799C6

AES Decrypted String : SGVsbG8gbXkgZnJpZW5k

Decoded Plain Text : Hello my friend

 

CryptoJS Example:

var CryptoJS = require("crypto-js");
const cryptkey = CryptoJS.enc.Utf8.parse('CF12D5998AE799C6'); //The key used, in text format
crypted = "1EZr24+U+KslB6s+5HSqjw=="; //Notice that the '@' IS DELETED
var decrypt = CryptoJS.AES.decrypt( crypted, cryptkey, {
    iv: CryptoJS.enc.Hex.parse('00000000000000000000000000000000'),
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7
});
console.log("-- " + decrypt.toString(CryptoJS.enc.Utf8) + " --");
// display : -- Hello my friend --

 

Hope this could help.

 

Cédric