2

I have an excisting webservice which encrypts and decrypts with AES, now i have to encrypt in the same way as java but in javascript. I have read all the topics about doing this in javascript but haven't found any helpfull solution. Javascript always encrypts in a different way and i can't find why.

This is the excisting java code :

public static String encrypt(String data) throws Exception {
    byte[] keyValue = encryptionKey.getBytes();
    Key key = new SecretKeySpec(keyValue, "AES");
    Cipher c = Cipher.getInstance("AES/ECB/PKCS5Padding");
    c.init(Cipher.ENCRYPT_MODE, key);
    byte[] encVal = c.doFinal(data.getBytes());
    String encryptedValue = new BASE64Encoder().encode(encVal);
    return encryptedValue;
}

and this is the javascript code i tend to use but gives a different encryption (CryptoJS) :

var encrypted = CryptoJS.AES.encrypt(data, encryptionKey);

or either one of these (GibberishAES) :

// Defaults to 256 bit encryption
var encrypted = GibberishAES.enc(data, encryptionKey);
// change the bit encrytion
GibberishAES.size(128);
var encrypted = GibberishAES.enc(data, encryptionKey);
GibberishAES.size(192);
var encrypted = GibberishAES.enc(data, encryptionKey);

I can't change the implementation in java or the way we do security. Does someone have more experience in this who can tell me what i'm doing wrong here ?

Cenz0
  • 23
  • 1
  • 4

3 Answers3

3

You are looking at the encryption algorithm only but you have care for the block mode and padding too, otherwise you will not create compatible results. According to code.google.com CryptoJS has the defaults of CBC and PKCS7 while your Java code uses ECB and PKCS5.

You have to bring that to match. You can setup CryptoJS to use ECB. Regarding the padding it’s more tricky as CryptoJS does not list PKCS5 as supported, and Java does not list PKCS7, in fact, it lists very little, so it might be implementation depended which padding algorithms the AES provider supports, but at least NoPadding is supported by both, Java and CryptoJS.

Holger
  • 285,553
  • 42
  • 434
  • 765
  • Okay thanks this brought me further. I've read the next thing about the padding : There is only one main difference between PKCS#5 and PKCS#7 padding is the block size. PKCS#5 padding is only defined for 8-byte block sizes. PKCS#7 padding would work for any block size from 1 to 255 bytes. So this should work now that i have set the block mode to ECB. But still i'm not getting the same results. – Cenz0 Dec 02 '13 at 10:00
  • I've found my problem i had to do var encryptionKey = CryptoJS.enc.Utf8.parse(key); else my key wasn't used litteraly and crypto-js would make me a random key and IV each time – Cenz0 Dec 02 '13 at 14:45
  • @Cenz0 could you please post the full solution. – Jitendra Khatri Dec 22 '15 at 07:01
0

Here is working solution to implement "AES/ECB/PKCS5Padding" but in JavaScript (Node.js) using ezcrypto module

const Crypto = require('ezcrypto').Crypto;
let whatToEncryptAsUtf8 = Crypto.charenc.UTF8.stringToBytes(whatToEncrypt);
let keyAsUtf8 = Crypto.charenc.UTF8.stringToBytes(key);
let encrypted = Crypto.AES.encrypt(whatToEncryptAsUtf8, keyAsUtf8, {
  mode: new Crypto.mode.ECB(Crypto.pad.pkcs7)
});
Andrzej Karpuszonak
  • 8,896
  • 2
  • 38
  • 50
  • Your module seems to be broken when using it in a browser. I get the error `Cannot find module './lib/hmac'` – nerdburn Sep 13 '16 at 23:44
  • this is node.js module, and it works fine in Node. If you need it to use in the browser, it might not be too easy as it might use native modules internally – Andrzej Karpuszonak Apr 25 '17 at 15:15
0

To decrypt hash generated using JAVA AES/ECB/PKCS5Padding, you need to create a decrypt cipher also with padding in js(nodejs).

const crypto = require('crypto');
function decrypt(data){
  var decipher = crypto.createCipheriv("aes-128-ecb", 'SAME_KEY_AS_JAVA', '');
  var dec = decipher.update(data,'base64','utf8');
  dec += decipher.final('utf8');
  return dec
}
Fabio Maciel
  • 27
  • 2