1

I am trying to write Javascript to match the output from this Java code:

Java:

import java.util.Base64;

public class Enc2 {
    public static void main (String[] arg) {
        System.out.println(encryptSomeNumber("1234567812345678"));
    }

    public static String encryptSomeNumber(final String SomeNumber){
        String encryptedSomeNum = "";
        String ALGO = "AES";

        try {
            String myKey = "DLDiGPqGysAow3II";
            byte[] keyBytes = myKey.getBytes("UTF-8");

            java.security.Key encryptkey = new javax.crypto.spec.SecretKeySpec(keyBytes, ALGO);
            javax.crypto.Cipher c;
            c = javax.crypto.Cipher.getInstance(ALGO);
            c.init(javax.crypto.Cipher.ENCRYPT_MODE, encryptkey);
            byte[] encVal = c.doFinal(SomeNumber.getBytes());

            byte[] encodedBytes = Base64.getEncoder().encode(encVal);
            String s = new String(encodedBytes);

            encryptedSomeNum = s;
        } catch (Exception e) {
            System.out.println("error when encrypting number");
            return encryptedSomeNum;
        }
        return encryptedSomeNum;
    }
}

Output: Wrs66TuAIxYe+M4fqyyxtkyMFkWGwx9i45+oQfEA4Xs=

Javascript that I have so far (nodeJS v8.7.0):

let crypto = require('crypto');

let algorithm = 'aes-128-ecb';
let password = 'DLDiGPqGysAow3II';

function encrypt(buffer){
    let cipher = crypto.createCipher(algorithm, password)
    let crypted = Buffer.concat([cipher.update(buffer), cipher.final()]);
    return crypted;
}

let cyphertext = encrypt(new Buffer("1234567812345678", "utf8"))
console.log(cyphertext.toString('base64'));

Output: m1jnKjBbKu+m/zsf9DBTMo3NL4E035l0EailFjt/qjo=

Can anyone see what I'm missing here? Something with PKCS padding?

Improve this question

1 Answer 1

Reset to default
2

No, the padding is the same. The problem is that there are two createCipher methods. One is using a password and a key derivation function over the password - this is the one you are using now. The other one uses key and IV. Of course, ECB doesn't use an IV, so you may have to supply an IV value that is then not used.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thanks. So is SecretKeySpec the key derivation function in this case?
No, in Java there is no key derivation. The key is the ASCII / UTF-8 encoding of "DLDiGPqGysAow3II". SecretKeySpec is just a wrapper around that.
Thanks for the guidance Maarten. I switched to CBC mode and used an empty IV and passed that to crypto.createCipheriv(). Then had to add 16 0x10 bytes to the plaintext to get matching output. Why is Java adding 16 0x10 bytes???
That's basic PKCS#7 padding, which is always added. As the plaintext can be anything it could be mistaken for padding. So even if the plaintext size is a multiple of the block size the padding has to be added (Java calls it PKCS#5 padding, but that's basically the same).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.