Reputation: 267
moving encrypt and decrypt with crypto from Node.js to python
I use Node.js for encrypt and decrypt some Data and store them in Database, everything worked fine until my cpu usage increased with more request for decrypting and now I decided to move these two functions to python:
const key = '' // unfortunately 39 bytes string (by mistake)
module.exports.encrypt = function (text) {
let cipher = crypto.createCipher('aes-256-ctr', key)
let crypted = cipher.update(text, 'utf8', 'hex');
crypted += cipher.final('hex');
return crypted;
};
module.exports.decrypt = function (text) {
let decipher = crypto.createDecipher('aes-256-ctr', key)
let dec = decipher.update(text, 'hex', 'utf8');
dec += decipher.final('utf8');
return dec;
};
now I have a lot of encrypted data in database which encrypted with wrong key (But in node.js with crypto module it works fine) I tried several python code to decrypt my encrypted data with that key, but none of them worked (they only accept 32 bytes key), is there any way to move this two method to python? (without changing key)
Upvotes: 0
Views: 555
Answers (1)
Reputation: 495
You are not just into 1 but may be 2 problems:
When using aes-256-ctr mode, you need a 256-bit encryption key, however, you have used one with a longer length.
When using this mode, the standard is to generate an IV and use that for encryption (You can see the documentation in the higher versions of node-js where crypto is a default part of nodejs and need not be imported explicitly).
I am not sure about python, but in Java, you will need to provide an IV in order to decrypt when using this mode, as that is the standard. crypto uses some algorithm of its own to generate that while encryption and decryption, but you don't have a way to know that. Same could be the case to how it handles a 38-byte string key, when the standard is to use a 32-byte string.
There can be a workaround which can help you avoiding any such issue with data again in future. You can do the following in steps: Run a migration script which transforms your data to do the following for each record:
Decrypt the data using the old key (39-byte key).
Encrypt the data again with a 32-bit key, and store the data along with the IV. Use the following function:
function encrypt(text, secret) { var iv = crypto.randomBytes(16); var cipher = crypto.createCipheriv(algorithm, new Buffer(secret), iv); var encrypted = cipher.update(text); encrypted = Buffer.concat([encrypted, cipher.final()]); return iv.toString('hex') + ':' + encrypted.toString('hex'); }Store the new encrypted data in place of old encrypted data.
- Now while decryption, you can separate the IV and the encrypted data, and use the IV for decrypting the data.
This data can be used on any platform, with any language, as it will be independent of the manipulations done by crypto module to suit its functioning.
Hope that helps.
Upvotes: 1
Related Questions
- Encrypt with Node.js AES CTR and decrypt with PyCrypto
- Encrypting and Decrypting with python and nodejs
- Translate encryption in python to node
- Encryption and decryption using python3 and node js
- Encrypt in python 3.7 and decode in NODEJS 12
- convert Python AES to Node
- NodeJS AES encrypt Python decrypt
- encrypt using node.js crypto aes256 and decrypt using python2.7 PyCrypto
- AES encryption in Node.js to match expected decryption in Python
- AES - Encryption with Crypto (node-js) / decryption with Pycrypto (python)