is sjcl.encrypt using AES or SHA256

2019-06-07 04:57发布

问题:

I'm using the SJCL library to encrypt/decrypt messages. The question I have is that I don't know which is used AES or SHA256

Here is my code:

var h = sjcl.codec.hex, count = 2048 ;
salt = h.fromBits(sjcl.random.randomWords('10','0'));
var key = h.fromBits( sjcl.misc.pbkdf2(somePassword, h.toBits(salt), count) ) ;

Next I can encrypt/decrypt like

var encMessage = sjcl.encrypt(key, message) ;
sjcl.decrypt(key, encMessage) ;

AES or SHA256 or something else ?

回答1:

pbkdf2 for key generation is using HMAC with SHA256. But the default encryption key size with sjcl for AES-CCM is only 128 bits. If you want AES-CCM-256, I think you need to do the following, you also don't have to call pbkdf2 directly.

var encMessage =sjcl.encrypt(somePassword,message,{count:2048,salt:salt,ks:256});


回答2:

SHA256 and AES are 2 different types of algorithms.

SHA256 is a cryptography hash function: http://en.wikipedia.org/wiki/SHA-2

AES is a encryption algorithm: http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

So in your case when using encryption you are in fact using AES.



回答3:

Based on a cursory inspection of the source, I'd suggest it is using AES in CCM mode.

The SJCL homepage explains the cryptographic techniques used, although admittedly the per-function documentation does not explain it at all.