3

I am trying to encrypt using node.js as follows (node.js v0.10.33):

var crypto = require('crypto');
var assert = require('assert');

var algorithm = 'aes256'; // or any other algorithm supported by OpenSSL
var key = 'mykey';
var text = 'this-needs-to-be-encrypted';

var cipher = crypto.createCipher(algorithm, key);  
var encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex');
console.log('encrypted', encrypted, encrypted.length)
/*
var decipher = crypto.createDecipher(algorithm, key);
try {
    var decrypted = decipher.update(encrypted, 'hex', 'utf8') + decipher.final('utf8');
} catch (e) {
    console.error('Couldnt decipher encrypted text. Invalid key provided', e)
} finally {
    assert.equal(decrypted, text);
}
*/

How can I decrypt the encrypted text using PyCrypto (v2.6.1) on py2.7?

Improve this question
1
  • Basically the same answer as this one. Commented Oct 15, 2015 at 20:18

1 Answer 1

Reset to default
10

You should be using crypto.createCipheriv as stated in https://nodejs.org/api/crypto.html#crypto_crypto_createcipher_algorithm_password.

The answer below assumes you change your snippet to use crypto.createCipheriv, as following: 

var crypto = require('crypto');
var assert = require('assert');

var algorithm = 'aes256'; // or any other algorithm supported by OpenSSL
var key = '00000000000000000000000000000000';
var iv = '0000000000000000';
var text = 'this-needs-to-be-encrypted';

var cipher = crypto.createCipheriv(algorithm, key, iv);  
var encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex');
console.log('encrypted', encrypted, encrypted.length)

which generates the encrypted text b88e5f69c7bd5cd67c9c12b9ad73e8c1ca948ab26da01e6dad0e7f95448e79f4.

Python Solution with explicit key and IV:

from Crypto import Random
from Crypto.Cipher import AES

BS = 16
def pad(data):
    padding = BS - len(data) % BS
    return data + padding * chr(padding)

def unpad(data):
    return data[0:-ord(data[-1])]

def decrypt_node(hex_data, key='0'*32, iv='0'*16):
    data = ''.join(map(chr, bytearray.fromhex(hex_data)))
    aes = AES.new(key, AES.MODE_CBC, iv)
    return unpad(aes.decrypt(data))

def encrypt_node(data, key='0'*32, iv='0'*16):
    aes = AES.new(key, AES.MODE_CBC, iv)
    return aes.encrypt(pad(data)).encode('hex')

print(encrypt_node('this-needs-to-be-encrypted'))
print(decrypt_node('b88e5f69c7bd5cd67c9c12b9ad73e8c1ca948ab26da01e6dad0e7f95448e79f4'))

If you keep using plain crypto.createCipher you will need to derive the key and iv from the password using https://www.openssl.org/docs/man1.0.2/crypto/EVP_BytesToKey.html.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for this! Just a heads up that the openssl link is out of date. It's now at openssl.org/docs/man1.0.2/crypto/EVP_BytesToKey.html. I found a simple python script to do this at stackoverflow.com/a/42766835. But, as you point out, better to use crypto.createCipheriv in Node.
@jcasner Thanks, I updated the answer with the new link.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.