CODEWITHSUNDEEP
javascriptnode.jsencryptionline-api
Yalamber
Yalamber

Reputation: 7580

Decrypting a string using AES algorithm in node.js for line API

I have following information on decrypting a string. It is for line API. https://developers.line.me/in_app_web/api-reference#get_token

The encrypted string will be decoded using the Channel Secret as a symmetric-key. The algorithm used is AES, the block size is 128 bit, the encryption mode is ECB, and the padding is PKCS#5. The Channel Secret string will be interpreted as a hexadecimal byte string and used as the symmetric-key. The encrypted string follows Base64 encoding and will be restored once it has been decoded.

It also provides examples in java, ruby and php. I am trying to implement this on node.js but I am totally confused with all terms and how to implement this on node.js.

Ruby Implementation

source = ... # encrypted string
cipher = OpenSSL::Cipher::Cipher.new('AES-128-ECB')
cipher.decrypt
cipher.key = ['YOUR_CHANNEL_SECRET'].pack('H*')
decoded = Base64.decode64(source)
decrypted = cipher.update(decoded) + cipher.final

php implementation

$source = ...; // encrypted string
$secretKey = pack('H*', "YOUR_CHANNEL_SECRET");
$decoded = base64_decode($source);
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $secretKey, $decoded, MCRYPT_MODE_ECB);

So here we have source and YOUR_CHANNEL_SECRET avaialble. Any help on how to implement this on node.js would be helpful.

thank you

Upvotes: -1

Views: 360

Answers (1)

zaph
zaph

Reputation: 112855

General information:

  1. In general it is best to use CBC mode, ECB mode is generally not a recommend/secure mode. ECB vs CBC mode.

    enter image description here

  2. AES has one block size of 128-bits, Rijndael must have the block size specified as 128-bits to be AES.

  3. AES can have a key sizes] of 128, 192 or 256 bits.

  4. PKCS#7 and PKCS#5 padding are equivalent and should be used. mcrypt does not support PKCS padding so you will have to do that yourself in code ignorer to use mcrypt.

In general you will be better off using a packed solution such as RNCryptor which supports multiple languages/platforms that handles all the details that are needed to make encryption secure.

Upvotes: 1

Related Questions