2

I am currently implementing the RSA-OAEP encryption on Javascript and decryption at Java.

My javascript code has the following

function stringToArrayBuffer(str){
        var buf = new ArrayBuffer(str.length);
        var bufView = new Uint8Array(buf);
        for (var i=0, strLen=str.length; i<strLen; i++) {
            bufView[i] = str.charCodeAt(i);
        }
        return buf;
}

function arrayBufferToString(str){
    var byteArray = new Uint8Array(str);
    var byteString = '';
    for(var i=0; i < byteArray.byteLength; i++) {
        byteString += String.fromCodePoint(byteArray[i]);
    }
    return byteString;
}

function encryptDataWithPublicKey(data, key) {
    data = stringToArrayBuffer(data);
    return window.crypto.subtle.encrypt(
        {
            name: "RSA-OAEP",
            //label: Uint8Array([...]) //optional
        },
        key, //from generateKey or importKey above
        data //ArrayBuffer of data you want to encrypt
    );
}

var pem = Config.encryption.publicKey;

// fetch the part of the PEM string between header and footer
const pemHeader = "-----BEGIN PUBLIC KEY-----";
const pemFooter = "-----END PUBLIC KEY-----";
const pemContents = pem.substring(pemHeader.length, pem.length - pemFooter.length);               
// base64 decode the string to get the binary data
const binaryDerString = window.atob(pemContents);
// convert from a binary string to an ArrayBuffer
const binaryDer = stringToArrayBuffer(binaryDerString);
        
window.crypto.subtle.importKey(
                        "spki",
                        binaryDer,
                        {
                            name: "RSA-OAEP",
                            hash: { name: "SHA-256" }
                        },
                        true,
                        ["encrypt"]
                    ).then(function (publicKey) {
                        encryptDataWithPublicKey(text, publicKey).then((result) => {
                            var rdata = arrayBufferToString(result);
                            resolve(rdata);
                        });
                    }).catch(function (err) {
                        console.log(err);
                        reject(err);
                    });

I also have a Java function to decrypt the text. Assume "rsaOaepCipherText" is a string text.

Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), PSource.PSpecified.DEFAULT);
cipher.init(Cipher.DECRYPT_MODE, getPrivateKey(), oaepParams);
return new String(cipher.doFinal(Base64.decodeBase64(rsaOaepCipherText)), "UTF-8");

However I keep getting decryption error on Java, and currently stuck at this portion, is there any error I have done on my encryption on Javascript?

Improve this question
1
  • A good idea is always (even if you don't need it) to make a decryption-function on the same system/language to test of the provided credentials (password,key,ciphertext, algorithm...) get the original plaintext back. For your question here on SO: please provide a SAMPLE dataset (private/public key in PEM-format [with header/footer line], plaintext and encrypted ciphertext). Commented Jul 15, 2020 at 8:21

1 Answer 1

Reset to default
3

Ok found it. I forgot to include btoa on the string before send to backend.

it should be

encryptDataWithPublicKey(text, publicKey).then((result) => {
   var rdata = arrayBufferToString(result);
   var rResult = window.btoa(rdata);
   resolve(rResult);
});
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.