-2

Update : I finally managed to recreate the whole Java code as required for the third party service. I must add that some of the libraries used are deprecated but I cannot do anything because that is what the other side is using and I must comply.

Java Code

   SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(),
    "AES");
   Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
   cipher.init(1, secretKeySpec);

   byte[] aBytes = cipher.doFinal(inputString.getBytes());

Input Key : xxxxxxxxyyyyyyyy
Input Text: maryhadalittlelamb

Output : Z22GETg3Anl92%2BoyqdVWs9haQveaZxkDn8sQYP08iCY%3D

node.js Code

var cipher = crypto.createCipher('aes-128-ecb', key);
var encryptedPassword = cipher.update(text, 'utf8', 'base64');
encryptedPassword += cipher.final('base64');
console.log(encryptedPassword);

Input Key : xxxxxxxxyyyyyyyy
Input Text: maryhadalittlelamb

Output: mnqrpA2eqAhmseTrkBtH3YSGMoFs+ECPUamVd8/bgAQ=

The output for same inputstring and key is different for both. In fact the node.js is different but the base64 one looks identical nevertheless.

I am fairly new to these things therefore I have lost my may.

Improve this question
9
  • you need to find out exactly what SecretKeySpec outputs. if you give each aes core the same key bytes and choose the same key size and mode, they should be compatible. aside: ecb is a weak mode, use something better if possible. Commented Jun 22, 2016 at 0:06
  • @dandavis The java code belongs to third party service which isn't under my control therefore I'll have to send the data the way they want. What and How do I need to check with/in SecretKeySpec; Commented Jun 22, 2016 at 0:19
  • i'm guessing it a KDF, and you'll need to be able to reproduce the input>output in node for the aes to use the same actual keys on both environments. Commented Jun 22, 2016 at 4:21
  • String is not a container for binary data. This is wrong: String doc2 = new String(aBytes, "UTF-8"); Commented Jun 27, 2016 at 20:31
  • 1
    Can you summarize the edit for me? Did the linked duplicate answer help? If not, what was the problem? If I understood you correctly, it seems you want translate your Java code to node.js. The first step to do this is to use createCipheriv instead of createCipher. That's the main point in the linked duplicate answer. Commented Jun 29, 2016 at 18:53

1 Answer 1

Reset to default
0

In node.js you base64 encode the input string before you encrypt, it needs to be the output from the encrypt that needs to be base64 encoded.

Also, you need a call to cipher.final(..) after cipher.update(..) to finish off the encryption operation. Remember to capture the output from both.

In addition to this please note that ECB mode is insecure.

Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Arhh .. turns out that the final(..) methode in js don't accepts data to encrypt (as it do in java) .. so you both need an update(..) and a final(...) call in js
Thanks Ebbe M. for your time, really appreciated. Still not working though. pastebin.com/ap4Dk1ti Please have a look at this pastebin, let me know if I have done something wrong.
Take a look here
I have updated the code based upon the thread you shared. Please have a look. I have even tried to recreate the Java Code because the third party service's demo code has outdated base64encoder.
Please let me know if my recreating of the same code is okay or not. Thanks.
|

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.