-2

Update : I finally managed to recreate the whole Java code as required for the third party service. I must add that some of the libraries used are deprecated but I cannot do anything because that is what the other side is using and I must comply.

Java Code

   SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(),
    "AES");
   Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
   cipher.init(1, secretKeySpec);

   byte[] aBytes = cipher.doFinal(inputString.getBytes());

Input Key : xxxxxxxxyyyyyyyy
Input Text: maryhadalittlelamb

Output : Z22GETg3Anl92%2BoyqdVWs9haQveaZxkDn8sQYP08iCY%3D

node.js Code

var cipher = crypto.createCipher('aes-128-ecb', key);
var encryptedPassword = cipher.update(text, 'utf8', 'base64');
encryptedPassword += cipher.final('base64');
console.log(encryptedPassword);

Input Key : xxxxxxxxyyyyyyyy
Input Text: maryhadalittlelamb

Output: mnqrpA2eqAhmseTrkBtH3YSGMoFs+ECPUamVd8/bgAQ=

The output for same inputstring and key is different for both. In fact the node.js is different but the base64 one looks identical nevertheless.

I am fairly new to these things therefore I have lost my may.

Gandalf the White
  • 2,415
  • 2
  • 18
  • 39
  • you need to find out exactly what `SecretKeySpec` outputs. if you give each aes core the same key bytes and choose the same key size and mode, they should be compatible. aside: ecb is a weak mode, use something better if possible. – dandavis Jun 22 '16 at 00:06
  • @dandavis The java code belongs to third party service which isn't under my control therefore I'll have to send the data the way they want. What and How do I need to check with/in `SecretKeySpec`; – Gandalf the White Jun 22 '16 at 00:19
  • i'm guessing it a KDF, and you'll need to be able to reproduce the input>output in node for the aes to use the same actual keys on both environments. – dandavis Jun 22 '16 at 04:21
  • `String` is not a container for binary data. This is wrong: `String doc2 = new String(aBytes, "UTF-8");` – Artjom B. Jun 27 '16 at 20:31
  • @ArtjomB. - Updated the question please have a look. – Gandalf the White Jun 29 '16 at 18:42
  • 1
    Can you summarize the edit for me? Did the linked duplicate answer help? If not, what was the problem? If I understood you correctly, it seems you want translate your Java code to node.js. The first step to do this is to use `createCipheriv` instead of `createCipher`. That's the main point in the linked duplicate answer. – Artjom B. Jun 29 '16 at 18:53
  • I have a text and a key @ArtjomB. what shall I take as IV? If I use any random string for IV, I guess the values wont stay the same. – Gandalf the White Jun 29 '16 at 18:56
  • Have you read my answer? There is no IV for ECB mode, so you can either pass an empty `Buffer` or an empty string as the IV. – Artjom B. Jun 29 '16 at 18:59
  • Looks fine to me. What's the issue? The only thing that you're missing is the URL-encoding. – Artjom B. Jun 30 '16 at 15:41

1 Answers1

0

In node.js you base64 encode the input string before you encrypt, it needs to be the output from the encrypt that needs to be base64 encoded.

Also, you need a call to cipher.final(..) after cipher.update(..) to finish off the encryption operation. Remember to capture the output from both.

In addition to this please note that ECB mode is insecure.

Ebbe M. Pedersen
  • 7,250
  • 3
  • 27
  • 47