views:

3242

answers:

6

Is there a library available for AES 256-bits encryption in Javascript?

+3  A: 

Googling "JavaScript AES" has found several examples. The first one that popped up is designed to explain the algorithm as well as provide a solution:

Movable Type Scripts: AES

Samir Talwar
I couldn't figure out how to set the IV in that library. Also it's not very OO.
Cheeso
The equivalent of the IV in counter mode is the nonce. This implementation has been reformulated to be more OO. It does only include counter (CTR) mode of operation.
ChrisV
A: 

http://www.movable-type.co.uk/scripts/aes.html library may be of some help.

Kirtan
+5  A: 

JSAES is a powerfull implementation of AES in javascript. http://point-at-infinity.org/jsaes/

backslash17
A: 

http://www.bouncycastle.org/

Chad Grant
They have Java and C# versions - not JavaScript
tronda
Nothing to do with javascript
Zaffiro
+4  A: 

I used slowAES; it was easy to use. Logically designed. Reasonable OO packaging. Supports knobs and levers like IV and Encryption mode. Good compatibility with .NET/C#. The name is tongue-in-cheek; it's called "slow AES" because it's not implemented in C++. But in my tests it was not impractically slow.

It lacks an ECB mode. Also lacks a CTR mode, although you could build one pretty easily given an ECB mode, I guess.

It is solely focused on encryption. A nice complementary class that does RFC2898-compliant password-based key derivation, in Javascript, is available from Anandam. This pair of libraries works well with the analogous .NET classes. Good interop. Though, in contrast to SlowAES, the Javascript PBKDF2 is noticeably slower than the Rfc2898DeriveBytes class when generating keys.

It's not surprising that technically there is good interop, but the key point for me was the model adopted by SlowAES is familiar and easy to use. I found some of the other Javascript libraries for AES to be hard to understand and use. For example, in some of them I couldn't find the place to set the IV, or the mode (CBC, ECB, etc). Things were not where I expected them to be. SlowAES was not like that. The properties were right where I expected them to be. It was easy for me to pick up, having been familiar with the Java and .NET crypto programming models.

Anandam's PBKDF2 was not quite on that level. It supported only a single call to DeriveBytes function, so if you need to derive both a key and an IV from a password, this library won't work, unchanged. Some slight modification, and it is working just fine for that purpose.

EDIT: I put together an example of packaging SlowAES and a modified version of Anandam's PBKDF2 into Windows Script Components. Using this AES with a password-derived key shows good interop with the .NET RijndaelManaged class.

Cheeso
+1  A: 

In my searches for AES encryption i found this from some Standford students. Claims to be fastest out there. Supports CCM, OCB and Block encryption. http://crypto.stanford.edu/sjcl/

Joe