0

I have java encryption function code as

public String encrypt(String Data, String keySet) throws Exception {
    byte[] keyByte = keySet.getBytes();
    Key key = generateKey(keyByte);

    Cipher c = Cipher.getInstance("AES");

    c.init(Cipher.ENCRYPT_MODE, key); //2
    byte[] encVal = c.doFinal(Data.getBytes()); //1
    byte[] encryptedByteValue = new Base64().encode(encVal); //3
    String encryptedValue = new String(encryptedByteValue); //4
    return encryptedValue;
}

private static Key generateKey(byte[] keyByte) throws Exception {
    Key key = new SecretKeySpec(keyByte, "AES");
    return key;
}

Now I am trying to implement the same in NodeJs using crypto module code is: -

//buf is string data that i want to encrypt

function makeEncrypt(buf, callback) {
    var enckey = "encryptionkey";
    var cipher = crypto.createCipher(algorithm, enckey)
    var crypted = cipher.update(buf, 'utf8', 'base64')
    crypted += cipher.final('base64');

    console.log("encrypted data is : " + crypted.toString());
    callback(null, crypted);
}

But the encrypted data returned by both functions is different what I am doing wrong? if anyone can help!! thanks in advance.

avojak
  • 2,342
  • 2
  • 26
  • 32
Yogesh.Kathayat
  • 974
  • 7
  • 21
  • Your node.js code is incomplete. – Artjom B. Jul 14 '17 at 16:00
  • 1
    General advice: **Always use a fully qualified Cipher string.** `Cipher.getInstance("AES");` may result in different ciphers depending on the default security provider. It most likely results in `"AES/ECB/PKCS5Padding"`, but it doesn't have to be. If it changes, you'll lose compatibility between different JVMs. For reference: [Java default Crypto/AES behavior](https://stackoverflow.com/q/6258047/1816580) – Artjom B. Jul 14 '17 at 16:00
  • 1
    **Never use [ECB mode](https://crypto.stackexchange.com/q/14487/13022)**. It's deterministic and therefore not semantically secure. You should at the very least use a randomized mode like [CBC](https://crypto.stackexchange.com/q/22260/13022) or [CTR](https://crypto.stackexchange.com/a/2378/13022). It is better to authenticate your ciphertexts so that attacks like a [padding oracle attack](https://crypto.stackexchange.com/q/18185/13022) are not possible. This can be done with authenticated modes like GCM or EAX, or with an [encrypt-then-MAC](https://crypto.stackexchange.com/q/202/13022) scheme. – Artjom B. Jul 14 '17 at 16:00
  • `crypto.createCipher` takes a password and not a key. If you want to supply a key, use `crypto.createCipheriv` – Artjom B. Jul 14 '17 at 16:01
  • @Artjom B. I cannot make changes in java code as it is already implemented I only need to convert the above code to nodejs and the output should be same. and cypto.createCipheriv requires a random iv each time while encrypting but in java code we are not using any random key or anything like that so i think the output will never match. – Yogesh.Kathayat Jul 15 '17 at 06:33
  • `cypto.createCipheriv` does not require an IV when using ECB mode. It can be empty: `""` – Artjom B. Jul 15 '17 at 08:10
  • thnks now it is working perfectly :-) – Yogesh.Kathayat Jul 16 '17 at 15:47

0 Answers0