We Keep Coding

Unable to decrypt node js Text i Java AES-256-GCM getting Tag mismatch

Am able to encrypt and decrypt node and java code individually but when trying to decrypt the node text in java getting Tag mismatch! Am trying to encrypt and decrypt a simple Hello World text here
node js code i have :
const buffer = require('buffer');
const crypto = require('crypto');
// Demo implementation of using `aes-256-gcm` with node.js's `crypto` lib.
const aes256gcm = (key) => {
const ALGO = 'aes-256-gcm';
// encrypt returns base64-encoded ciphertext
const encrypt = (str) => {
// Hint: the `iv` should be unique (but not necessarily random).
// `randomBytes` here are (relatively) slow but convenient for
// demonstration.
const iv = new Buffer(crypto.randomBytes(16), 'utf8');
const cipher = crypto.createCipheriv(ALGO, key, iv);
// Hint: Larger inputs (it's GCM, after all!) should use the stream API
let enc = cipher.update(str, 'utf8', 'base64');
enc += cipher.final('base64');
console.log(enc);
return [enc, iv, cipher.getAuthTag()];
};
// decrypt decodes base64-encoded ciphertext into a utf8-encoded string
const decrypt = (enc, iv, authTag) => {
const decipher = crypto.createDecipheriv(ALGO, key, iv);
decipher.setAuthTag(authTag);
let str = decipher.update(enc, 'base64', 'utf8');
str += decipher.final('utf8');
return str;
};
return {
encrypt,
decrypt,
};
};
const KEY = new Buffer('fTjWnZr4u7x!z%C*F-JaNdRgUkXp2s5v', 'utf8');
const aesCipher = aes256gcm(KEY);
const [encrypted, iv, authTag] = aesCipher.encrypt('Hello World');
const decrypted = aesCipher.decrypt(encrypted, iv, authTag);
console.log(decrypted); // 'hello, world'
And the java code i have :
private final static int GCM_IV_LENGTH = 12;
private final static int GCM_TAG_LENGTH = 16;
private static String decrypt(String encrypted, SecretKey skey) throws Exception {
byte[] decoded = Base64.getDecoder().decode(encrypted);
byte[] iv = Arrays.copyOfRange(decoded, 0, GCM_IV_LENGTH);
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
GCMParameterSpec ivSpec = new GCMParameterSpec(GCM_TAG_LENGTH * Byte.SIZE, iv);
cipher.init(Cipher.DECRYPT_MODE, skey, ivSpec);
byte[] ciphertext = cipher.doFinal(decoded, GCM_IV_LENGTH, decoded.length - GCM_IV_LENGTH);
String result = new String(ciphertext, "UTF8");
return result;
}
The main method of the java execution code is
public static void main(String[] args) throws Exception {
String byte_key="fTjWnZr4u7x!z%C*F-JaNdRgUkXp2s5v";
SecretKey key = new SecretKeySpec(byte_key.getBytes(), "AES");
System.out.println("foo "+ decrypt("1cbKXSnEWixxFi0=", key));
}
I think i am missing something here

How to convert Java AES ECB Encryption Code to Nodejs

I have code in java for encryption
public String encrypt() throws Exception {
String data = "Hello World";
String secretKey = "j3u8ue8xmrhsth59";
byte[] keyValue = secretKey.getBytes();
Key key = new SecretKeySpec(keyValue, "AES");
Cipher c = Cipher.getInstance("AES");
c.init(Cipher.ENCRYPT_MODE, key);
byte[] encVal = c.doFinal(StringUtils.getBytesUtf8(data));
String encryptedValue = Base64.encodeBase64String(encVal);
return encryptedValue;
}
It returns same value ( eg5pK6F867tyDhBdfRkJuA== ) as the tool here
I converted the code to Nodejs (crypto)
var crypto = require('crypto')
encrypt(){
var data = "Hello World"
var cipher = crypto.createCipher('aes-128-ecb','j3u8ue8xmrhsth59')
var crypted = cipher.update(data,'utf-8','base64')
crypted += cipher.final('base64')
return crypted;
}
But this is giving a different value ( POixVcNnBs3c8mwM0lcasQ== )
How to get same value from both?
What am I missing?

Thanks to dave now I am getting same result both for Java and Nodejs/JavaScript
var crypto = require('crypto')
encrypt(){
var data = "Hello World"
var iv = new Buffer(0);
const key = 'j3u8ue8xmrhsth59'
var cipher = crypto.createCipheriv('aes-128-ecb',new Buffer(key),new Buffer(iv))
var crypted = cipher.update(data,'utf-8','base64')
crypted += cipher.final('base64')
return crypted;
}

Javascript Equivalent of Java AES+SecretKeySpec Decryption

Below is my java code which I am trying to move to NodeJS.
public static String decryptDataWithKey(String keyString, String base64String) throws Exception {
//Algorithm
String AES_ALGORITHM = "AES";
//Key from keystring
MessageDigest digester = MessageDigest.getInstance("MD5");
digester.update(keyString.getBytes());
byte[] password = digester.digest();
Key key = new SecretKeySpec(password, AES_ALGORITHM); // what is the equivalent of this line in javascript ?
//Create decipher
Cipher c = Cipher.getInstance(AES_ALGORITHM);
c.init(Cipher.DECRYPT_MODE, key);
//Get bytes of enc data
byte[] decodedValue = new BASE64Decoder().decodeBuffer(base64String);
// Do decrypt
byte[] decValue = c.doFinal(decodedValue);
String decryptedValue = new String(decValue);
return decryptedValue;
}
I ended up writing below method, but getting exception - Bad Decrypt
function decryptDataWithKey(keyString, base64String){
//Algorithm
let algorithm = 'aes-128-ecb';
//Key from keystring
let key = crypto.createHash('md5').update(keyString).digest();
//Create decipher
let decipher = crypto.createDecipher(algorithm,key);
//Get bytes of enc data
let cipher = new Buffer(base64String, 'base64');
// Do decrypt
let decrypted = decipher.update(cipher, 'base64', 'utf-8');
decrypted += decipher.final('utf-8'); // throwing exception : digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
return decrypted;
}
Please guide me what I am missing here. I am trying to avoid the jar dependency in my nodejs project. I believe this should be achievable using crypto.
Or Should I go for crypto-js ?

How to decrypt a cipher text using Java which is encrypted with Rijndael-256 with custom IV?

I have found a source code at stackoverflow on Rinjndael-256 encryption and decryption written in c#. It is using custom IV appending some extra string. Now I need a decryption method on Java platform. I have found some source code; tried to change and test that. Here is the encryption method on c#:
public static string Encrypt(byte[] text, string key)
{
RijndaelManaged aes = new RijndaelManaged();
aes.KeySize = 256;
aes.BlockSize = 256;
aes.Padding = PaddingMode.None;
aes.Mode = CipherMode.CBC;
aes.Key = Encoding.Default.GetBytes(key);
aes.GenerateIV();
string IV = ("-[--IV-[-" + Encoding.Default.GetString(aes.IV));
ICryptoTransform AESEncrypt = aes.CreateEncryptor(aes.Key, aes.IV);
byte[] buffer = text;
return Convert.ToBase64String(Encoding.Default.GetBytes(Encoding.Default.GetString(AESEncrypt.TransformFinalBlock(buffer, 0, buffer.Length)) + IV));
}
The decryption method on java which is not working for me is:
public static String decrypt(byte[] cipherText, String encryptionKey) throws Exception{
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding", "SunJCE");
SecretKeySpec key = new SecretKeySpec(encryptionKey.getBytes("UTF-8"), "AES");
cipher.init(Cipher.DECRYPT_MODE, key,new IvParameterSpec(IV.getBytes("UTF-8")));
return new String(cipher.doFinal(cipherText),"UTF-8");
}
Edit 1:
I have implemented the php code for decryption.
function decrypt($text, $pkey)
{
$key = $pkey;
$text = base64_decode($text);
$IV = substr($text, strrpos($text, "-[--IV-[-") + 9);
$text = str_replace("-[--IV-[-" . $IV, "", $text);
return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_CBC, $IV), "\0");
}
Is there any manual way of implementing Rijndael-256 in Java? As someone said that
There is no support in any of the Sun JCE providers for anything other than Rijndael with the 128-bit blocksize
I don't have an option to use library

3DES - Decrypt encrypted text (by JAVA) in C#

Here is the situation:
The encrypted text is done in JAVA (which we have no JAVA background at all)
The method is 3DES
The padded is PKCS#5
Base 64
The decryption will be in C#, and here is the code:
public static string DecryptString(string Message, string Passphrase)
{
byte[] Results;
UTF8Encoding UTF8 = new UTF8Encoding();
MD5CryptoServiceProvider HashProvider = new MD5CryptoServiceProvider();
byte[] TDESKey = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase));
TripleDESCryptoServiceProvider TDESAlgorithm = new TripleDESCryptoServiceProvider();
TDESAlgorithm.Key = TDESKey;
TDESAlgorithm.Mode = CipherMode.ECB;
TDESAlgorithm.Padding = PaddingMode.PKCS7;
byte[] DataToDecrypt = Convert.FromBase64String(Message);
try
{
ICryptoTransform Decryptor = TDESAlgorithm.CreateDecryptor();
Results = Decryptor.TransformFinalBlock(DataToDecrypt, 0, DataToDecrypt.Length);
}
finally
{
TDESAlgorithm.Clear();
HashProvider.Clear();
}
return UTF8.GetString(Results);
}
However, when tried to decrypt, got the error message: BAD DATA
Where am I missing here?
Thanks in advance.
Added, and here's how the encryption works:
<cffunction name="getToken" returntype="String" output="false">
<cfscript>
plainText = getPlainText();
rawSecretKey = CreateObject("java","sun.misc.BASE64Decoder").decodeBuffer(variables.encryptionKey);
secretKeySpec = CreateObject("java","javax.crypto.spec.SecretKeySpec").init(rawSecretKey,"DESEDE");
cipher = CreateObject("java","javax.crypto.Cipher").getInstance("DESEDE");
cipher.init(Cipher.ENCRYPT_MODE, secretkeySpec);
encrypted = cipher.doFinal(plainText.getBytes()); // a byte array (a binary in CF)
return URLEncodedFormat(ToString(ToBase64(encrypted)));
</cfscript>
</cffunction>
Update:
This issue has been resolved. The problem was that the key needed to be converted from Base64.

The answer:
Instead of:
byte[] TDESKey = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase));
Do this:
byte[] TDESKey = Convert.FromBase64String(Passphrase);
That solves this issue.