crypto-js | JavaScript library of crypto standards | Cryptography library

The issue is that the key is not passed correctly in the CryptoJS code.

The posted Python code generates LefjQ2pEXmiy/nNZvEJ43i8hJuaAnzbA1Cbn1hOuAgA= as Base64-encoded key. This must be imported in the CryptoJS code using the Base64 encoder:

Try to delete your node_modules folder and run npm install again.

If still not working try to downgrade the node version to 12.20.x and check.

As I researched a lot and did not find a solution to this issue as it's occurring only on the newer version of the animation package.

I tried the below versions:

• 13.2.4 (Latest one) throwing same es error

• 13.2.3 throwing same es error

• 13.2.2 throwing same es error

• 13.2.1 throwing same es error

• 13.2.0 working without error.

So I think for a temporary fix you should update your package.json by pointing to a specific version of this npm like below.

You can't pass an Object to the SHA256 Method, you may only pass strings and WordArrays.

When you pass an object, cryptojs will run .toString() on it, which will always give the same output ([object Object]), and thus the same hash.

This is due to the different padding. CryptoJS uses PKCS#7, mcrypt applies zero padding.

You should replace mcrypt on the PHP side as it is deprecated (s. here). An alternative would be PHP/OpenSSL, which uses PKCS#7 by default.

A solution with PHP/OpenSSL which produces the same ciphertext is:

The CryptoJS code is incomaptible because the IV is decoded incorrectly. Instead of the Hex encoder, the Utf8 encoder must be used.
Also, the encrypt library applies the CTR mode by default. Therefore, in the CryptoJS code the CTR mode must be used instead of the CBC mode:

so i think you might previously have had "name" as a required field in your UserSchema definition. therefore it is still expecting every user to have a "name" field and value which explains the error. clearing/syncing indexes should sort it. you can manually dro indexes in mongodb for that specific collection or use mongoose to sync the indexes as seen here.

just seen that OP solved the issue by deleting the database... while this for sure fixes it, it's drastic. i'm certain the error was caused by a missing required field. so if the situation comes up again, just removing indexes will be all the help you need, avoiding dropping other collections that aren't affected by the index.

• You are using the wrong encoders for data, key and IV. All three are Base64 encoded (and not hex or Utf8). So apply the Base64 encoder.
• The ciphertext must be passed to CryptoJS.AES.decrypt() as a CipherParams object or alternatively Base64 encoded, which is implicitly converted to a CipherParams object.

When both are fixed, the plain text is: "[\"001\",\"001\"]".

jsonwebtoken is a Node.js module, your previous use of it in a react application relied upon a polyfill of the Node.js std modules. This most likely a) relied on slow js cryptography that isn't maintained anymore and lacks feature parity with Node's crypto and b) increased your js bundle size considerably. Updating react likely meant updating webpack which no longer defaults to using the questionable crypto polyfill.

It is better to rely on modules made for either browsers or "universal", you can discover such modules amongst the ones listed on jwt.io under "JavaScript". Out of the ones listed there, jose uses purely available Web APIs.