Chaitanya Joshi
Reputation: 304
AES/CBC/PKCS5PADDING IV - Decryption in NodeJs (Encrypted in Java)
I am trying to decrypt in NodeJs. It is working in Java. But I am not able to achieve same in Node.
node-version: 8.4
Please find my NodeJs code:
var crypto = require('crypto');
function decryption (message, key) {
var messageArray = Buffer.from(message, 'base64');
// var kekbuf = Buffer(key, 'utf8');
var ivBuffer = new Buffer([0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);
var iv = ivBuffer.slice(0, 16);
var decipher = crypto.createDecipheriv('aes-256-cbc', key, iv);
decipher.setAutoPadding(false);
var dec = decipher.update(messageArray, 'base64');
dec += decipher.final();
return dec.toString();
}
Please find working Java decryption code
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
class Test1 {
public String decrypt(String message, String key) throws Exception {
DatatypeConverter dtc = null;
byte[] messagArray = dtc.parseBase64Binary(message);
byte[] keyArray = dtc.parseBase64Binary(key);
byte[] iv = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
IvParameterSpec ivspec = new IvParameterSpec(iv);
SecretKey secretKey = new SecretKeySpec(keyArray, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey, ivspec);
return new String(cipher.doFinal(messagArray));
}
}
I am getting a different decrypted text. I am not able to achieve the same result in NodeJs as I had in Java. Also, I could not modify my java encryption code. So I have to figure out decryption in Node.
Could you please help me with this.
Upvotes: 8
Views: 15940
Answers (3)
Terry Lennox
Reputation: 30715
Here are complete examples in Java and also Node.js, they use the same keys/iv/plaintext and will produce identical results.
Java
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import java.nio.charset.StandardCharsets;
class AES
{
public AES()
{
}
public String encrypt(String plainText, String keyBase64, String ivBase64) throws Exception
{
byte[] plainTextArray = plainText.getBytes(StandardCharsets.UTF_8);
byte[] keyArray = DatatypeConverter.parseBase64Binary(keyBase64);
byte[] iv = DatatypeConverter.parseBase64Binary(ivBase64);
SecretKeySpec secretKey = new SecretKeySpec(keyArray, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(iv));
return new String(DatatypeConverter.printBase64Binary(cipher.doFinal(plainTextArray)));
}
public String decrypt(String messageBase64, String keyBase64, String ivBase64) throws Exception {
byte[] messageArray = DatatypeConverter.parseBase64Binary(messageBase64);
byte[] keyArray = DatatypeConverter.parseBase64Binary(keyBase64);
byte[] iv = DatatypeConverter.parseBase64Binary(ivBase64);
SecretKey secretKey = new SecretKeySpec(keyArray, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
return new String(cipher.doFinal(messageArray));
}
public static void main(String[] args) {
try
{
String plainText = "Hello world!";
String encryptionKeyBase64 = "DWIzFkO22qfVMgx2fIsxOXnwz10pRuZfFJBvf4RS3eY=";
String ivBase64 = "AcynMwikMkW4c7+mHtwtfw==";
AES AES = new AES();
String cipherText = AES.encrypt(plainText, encryptionKeyBase64, ivBase64);
String decryptedCipherText = AES.decrypt(cipherText, encryptionKeyBase64, ivBase64);
System.out.println("Plaintext: " + plainText);
System.out.println("Ciphertext: " + cipherText);
System.out.println("Decrypted text: " + decryptedCipherText);
}
catch (Exception e)
{
System.out.println(e.toString());
}
}
}
Node.js
var crypto = require('crypto');
function getAlgorithm(keyBase64) {
var key = Buffer.from(keyBase64, 'base64');
switch (key.length) {
case 16:
return 'aes-128-cbc';
case 32:
return 'aes-256-cbc';
}
throw new Error('Invalid key length: ' + key.length);
}
function encrypt(plainText, keyBase64, ivBase64) {
const key = Buffer.from(keyBase64, 'base64');
const iv = Buffer.from(ivBase64, 'base64');
const cipher = crypto.createCipheriv(getAlgorithm(keyBase64), key, iv);
let encrypted = cipher.update(plainText, 'utf8', 'base64')
encrypted += cipher.final('base64');
return encrypted;
};
function decrypt (messagebase64, keyBase64, ivBase64) {
const key = Buffer.from(keyBase64, 'base64');
const iv = Buffer.from(ivBase64, 'base64');
const decipher = crypto.createDecipheriv(getAlgorithm(keyBase64), key, iv);
let decrypted = decipher.update(messagebase64, 'base64');
decrypted += decipher.final();
return decrypted;
}
var keyBase64 = "DWIzFkO22qfVMgx2fIsxOXnwz10pRuZfFJBvf4RS3eY=";
var ivBase64 = 'AcynMwikMkW4c7+mHtwtfw==';
var plainText = 'Why, then, ’tis none to you, for there is nothing either good or bad, but thinking makes it so';
var cipherText = encrypt(plainText, keyBase64, ivBase64);
var decryptedCipherText = decrypt(cipherText, keyBase64, ivBase64);
console.log('Algorithm: ' + getAlgorithm(keyBase64));
console.log('Plaintext: ' + plainText);
console.log('Ciphertext: ' + cipherText);
console.log('Decoded Ciphertext: ' + decryptedCipherText);
Upvotes: 24
Ranjeet Jha
Reputation: 53
Check java conde conversion to Nodejs:
Java:
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.util.Base64;
public class Main {
private static final String ALGORITHM = "AES/CBC/PKCS5Padding";
public static String encrypt(String message, String key) throws GeneralSecurityException, UnsupportedEncodingException {
Cipher cipher = Cipher.getInstance(ALGORITHM);
byte[] messageArr = message.getBytes();
byte[] decodedBytes = Base64.getDecoder().decode(key);
SecretKeySpec keySpec = new
SecretKeySpec(Base64.getDecoder().decode(key), "AES");
byte[] ivParams = new byte[16];
byte[] encoded = new byte[messageArr.length + 16];
System.arraycopy(ivParams,0,encoded,0,16);
System.arraycopy(messageArr, 0, encoded, 16, messageArr.length);
cipher.init(Cipher.ENCRYPT_MODE, keySpec, new IvParameterSpec(ivParams));
byte[] encryptedBytes = cipher.doFinal(encoded);
encryptedBytes = Base64.getEncoder().encode(encryptedBytes);
return new String(encryptedBytes);
}
public static String decrypt(String encryptedStr, String key) throws GeneralSecurityException, UnsupportedEncodingException {
Cipher cipher = Cipher.getInstance(ALGORITHM);
SecretKeySpec keySpec = new
SecretKeySpec(Base64.getDecoder().decode(key), "AES");
byte[] encoded = encryptedStr.getBytes();
encoded = Base64.getDecoder().decode(encoded);
byte[] decodedEncrypted = new byte[encoded.length-16];
System.arraycopy(encoded, 16, decodedEncrypted, 0,encoded.length-16);
byte[] ivParams = new byte[16];
System.arraycopy(encoded,0, ivParams,0, ivParams.length);
String ivString = new String(ivParams);
cipher.init(Cipher.DECRYPT_MODE, keySpec, new IvParameterSpec(ivParams));
byte[] decryptedBytes = cipher.doFinal(decodedEncrypted);
return new String(decryptedBytes);
}
NodeJS:
var crypto = require('crypto'); const encrypt = (plainText, keyBase64) =>{
const textBuffer = Buffer.from(plainText);
const key = Buffer.from(keyBase64, 'base64');
var iv = Buffer.from([0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]);
var encoded = Buffer.concat([iv,textBuffer]);
const cipher = crypto.createCipheriv('aes-192-cbc', key, iv);
let encrypted = cipher.update(encoded, 'binary', 'base64')
encrypted += cipher.final('base64');
return encrypted;
};
const decrypt = (messagebase64, keyBase64) =>{
const key = Buffer.from(keyBase64, 'base64');
const encoded = Buffer.from(messagebase64, 'base64');
var iv = encoded.slice(0, 16);
var decoded = encoded.slice(16,encoded.length);
const decipher = crypto.createDecipheriv('aes-192-cbc', key, iv);
let decrypted = decipher.update(decoded, 'binary','utf-8');
decrypted += decipher.final();
return decrypted;
}
Upvotes: -1
Sundeep Narang
Reputation: 59
Since I can't comment. Above Node.js code fails to encrypt/decrypt for anything more than 15 characters/bytes. Simple fix is as follows:
Change return to concatenate return of cipher.final and decipher.final
function encrypt(plainText, keyBase64, ivBase64) {
var key = Buffer.from(keyBase64, 'base64');
var iv = Buffer.from(ivBase64, 'base64');
var cipher = crypto.createCipheriv(getAlgorithm(keyBase64), key, iv);
let cip = cipher.update(plainText, 'utf8', 'base64')
cip += cipher.final('base64');
return cip;
};
function decrypt (messagebase64, keyBase64, ivBase64) {
var key = Buffer.from(keyBase64, 'base64');
var iv = Buffer.from(ivBase64, 'base64');
var decipher = crypto.createDecipheriv(getAlgorithm(keyBase64), key, iv);
let dec = decipher.update(messagebase64, 'base64');
dec += decipher.final();
return dec;
}
Upvotes: 6
Related Questions
- AES/CBC/PKCS5Padding in NodeJs
- Decrypting AES-256-CBC Cipher using Node.js
- AES/CBC/PKCS5Padding nodejs encryption
- AES CBC nodejs encryption and Java decryption
- Encrypt payload using a key and iv by AES/GCM/NoPadding algorithm in node js and decrypt in java
- Java to Node.js AES/ECB/PKCS5Padding Encryption
- Node - Generate AES-CBC key and iv
- Node.js crypto key and iv to match java SecretKeySpec / IvParameterSpec
- Porting AES Java decipher code to Node.js
- Encrypt in java, decrypt in node.js