Node JS nodejs-aes256 Decrypting which is Encrypted in Ruby with AESCrypt #12462
Description
I have a problem converting the cipher text which is encrypted in Ruby using AESCrypt using NodeJS nodejs-aes256. I've modified a little nodejs-aes256 as it is appending IV in the begining and Ruby is not appending it.
So here is my nodejs-aes256:
var aes256 = {},
crypto = require('crypto'),
algorithm = 'aes-256-cbc';
aes256.encrypt = function (key, data) {
var sha256 = crypto.createHash('sha256');
sha256.update(key);
var iv = crypto.randomBytes(16),
plaintext = new Buffer(data),
cipher = crypto.createCipher(algorithm, sha256.digest()),
ciphertext = cipher.update(plaintext);
ciphertext = Buffer.concat([ciphertext, cipher.final()]);
return ciphertext.toString('base64');
};
aes256.decrypt = function (key, data) {
var sha256 = crypto.createHash('sha256');
sha256.update(key);
var input = new Buffer(data, 'base64'),
iv = input.slice(0, 16),
ciphertext = input.slice(16),
decipher = crypto.createDecipher(algorithm, sha256.digest()),
plaintext = decipher.update(input);
plaintext += decipher.final();
return plaintext;
};
module.exports = aes256;
var aes = require('nodejs-aes256')
var ci = aes.encrypt('dealbreaker', '60000215')
// lKJC4lrQ1Nc+cUfsZ1b/TA==
var p = aes.decrypt('dealbreaker', c)
//60000215In Ruby, the same thing is done the following way:
require 'aescrypt'
c = AESCrypt.encrypt('60000215', 'dealbreaker')
# lNFkFM72AMGL6Ch2iYGp2g==\n
p = AESCrypt.decrypt(c, 'dealbreaker')
# 60000215
Now, when I try to decrypt Ruby encrypted cipher in NodeJS, I'm getting the following error:
Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
at Decipher.final (crypto.js:157:26)
at Object.aes256.decrypt (/Users/GowthamSai/node_modules/nodejs-aes256/nodejs-aes256.js:27:27)
at repl:1:9
at realRunInThisContextScript (vm.js:22:35)
at sigintHandlersWrap (vm.js:98:12)
at ContextifyScript.Script.runInThisContext (vm.js:24:12)
at REPLServer.defaultEval (repl.js:313:29)
at bound (domain.js:280:14)
at REPLServer.runBound [as eval] (domain.js:293:12)
at REPLServer.onLine (repl.js:513:10)And the same, when I try to decrypt the one which is encrypted by node in Ruby, the following error is occurring:
OpenSSL::Cipher::CipherError:
from /Users/GowthamSai/.rvm/gems/ruby-2.2.2/gems/aescrypt-1.0.0/lib/aescrypt.rb:61:in `final'
from /Users/GowthamSai/.rvm/gems/ruby-2.2.2/gems/aescrypt-1.0.0/lib/aescrypt.rb:61:in `decrypt_data'
from /Users/GowthamSai/.rvm/gems/ruby-2.2.2/gems/aescrypt-1.0.0/lib/aescrypt.rb:38:in `decrypt'
from (irb):46
from /Users/GowthamSai/.rvm/rubies/ruby-2.2.2/bin/irb:11:in `<main>'We have a cookie which is set by backend (Ruby) encrypted and I'm trying to send the cookie another service which is (Node) trying to decrypt there.
PS: I can't use IV in backend ( where the cookie is set by) as we have millions of users, and once we deploy with IV, we won't be able to identify the users and face problems. I don't wanna take risk.
I guess it's the problem of padding used in these 2 languages. But i'm not pro to really understand what's happening behind the scenes..
Thanks in advance :)