Trying to decrypt AES, bad decrypt

2,384 views
Skip to first unread message

Thijs Koerselman

unread,
Jun 27, 2013, 9:57:53 AM6/27/13
to nod...@googlegroups.com
Hi,

I'm trying to encrypt some string in C#, send it to a Node server and decrypt it there. I am having a hard time because I keep getting this error:

TypeError: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
    at Decipher.Cipher.final (crypto.js:257:27)

I have tried different AES modes and key sizes but it didn't help. Just for testing I'm sending a json post to the server containing base64 encoded versions of key, iv and the encrypted string (fingerprint in this example).

In the post request handler I do this:

        var crypto = require('crypto');
var key = req.body.key;
var iv = req.body.iv;
var binkey = new Buffer(key, 'base64');
var biniv = new Buffer(iv, 'base64');

var crypted = req.body.fingerprint;
var bincrypted = new Buffer(crypted, 'base64');
var decipher = crypto.createDecipher('aes-256-cbc',binkey, biniv);
var dec = decipher.update(bincrypted,'binary','utf8');
dec += decipher.final('utf8');
console.log("dec", dec);

To be sure I'm using the same Aes mode and padding on the encryption this is what's reported by my C# Aes, including the JSON being sent.

Keysize 256
Mode CBC
Padding PKCS7
Key: YJAG4xYTTQ0Ke3FBIDgmobERgbi/Tl/LYt9cNmt5w0g=
IV :VUdInSdIlCLS/D3AbXhhnQ==
json: {
   "fingerprint" : "a7pNFC3Bnac7Y/k7/b+b4jHdH5CE/nbu23Mmj9pAhZw=",
   "key" : "YJAG4xYTTQ0Ke3FBIDgmobERgbi/Tl/LYt9cNmt5w0g=",
   "iv" : "VUdInSdIlCLS/D3AbXhhnQ=="
}

Am I overlooking something maybe? 

Kelsey Dawes

unread,
Jun 27, 2013, 10:13:37 AM6/27/13
to nod...@googlegroups.com
Hi,

>> var decipher = crypto.createDecipher('aes-256-cbc',binkey, biniv);

I think you want crypto.createDecipheriv here, instead of crypto.createDecipher.

crypto.createDecipheriv(algorithm, key, iv)
creates and returns a decipher object, with the given algorithm, key and iv. This is the mirror of thecreateCipheriv() above

-Kelsey

--
--
Job Board: http://jobs.nodejs.org/
Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to nod...@googlegroups.com
To unsubscribe from this group, send email to
nodejs+un...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en
 
---
You received this message because you are subscribed to the Google Groups "nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+un...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

Thijs Koerselman

unread,
Jun 27, 2013, 10:24:34 AM6/27/13
to nod...@googlegroups.com
On Thu, Jun 27, 2013 at 4:13 PM, Kelsey Dawes <kda...@gmail.com> wrote:


I think you want crypto.createDecipheriv here, instead of crypto.createDecipher.


Ouch! I must have read over that about 30 times. I was assuming the two flavors were based on the number of arguments you supplied to the same create function. Thanks for pointing it out. It's working now!

I would prefer to use a password to derive the key from that, and append IV before the data. That way I can just have one shared password between my apps. How do I know in what way Node crypto derives that key from the password so that I can match it in C#? Or the other way around?
Reply all
Reply to author
Forward
0 new messages