0

I have a java code that decrypts the data when provided with data and key. The java class and function is as follow,

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
 
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
 
public class AES {
 
    private static SecretKeySpec secretKey;
    private static byte[] key;
 
    public static String decrptyBySyymetricKey(String encryptedSek, byte[] appKey) {
        Key aesKey = new SecretKeySpec(appKey, "AES"); // converts bytes(32 byte random generated) to key
        
        try {
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding"); // encryption type = AES with padding PKCS5
            cipher.init(Cipher.DECRYPT_MODE, aesKey); // initiate decryption type with the key
        
            byte[] encryptedSekBytes = Base64.getDecoder().decode(encryptedSek); // decode the base64 encryptedSek to bytes
        
            byte[] decryptedSekBytes = cipher.doFinal(encryptedSekBytes); // decrypt the encryptedSek with the initialized cipher containing the key(Results in bytes)
        
            String decryptedSek = Base64.getEncoder().encodeToString(decryptedSekBytes); // convert the decryptedSek(bytes) to Base64 StriNG
            return decryptedSek; // return results in base64 string
        }catch(Exception e) {
            return "Exception; "+e;
        }
    }
    
    public static void main(String[] args){
    final String secretKey = "r16glPt7vyO6g22KH4JcpzUIdnUXIy5p";
     
    String custom = AES.decrptyBySyymetricKey("ul1tu6I0tLcfOYAW3Yug0HNP9sKo7O2AUuMLQjs62TOE5g0v9VTzB21EKdSAvlSM", "r16glPt7vyO6g22KH4JcpzUIdnUXIy5p".getBytes());
  
    }
}

Now I need to replicate the above using vanilla JS and Crypto-js library. However I am unable to do so. I am not able to figure out where I am going wrong.

const encryptedsek = 'ul1tu6I0tLcfOYAW3Yug0HNP9sKo7O2AUuMLQjs62TOE5g0v9VTzB21EKdSAvlSM';
const password = 'r16glPt7vyO6g22KH4JcpzUIdnUXIy5p';
        
var parsedBase64Key  = CryptoJS.enc.Base64.parse(password);

var d = CryptoJS.AES.decrypt(encryptedsek, parsedBase64Key, {
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7
}).toString( CryptoJS.enc.Utf8 );

I am thinking that the way I am using the password is causing the issue. It does not produces any output. Any pointers will be helpful. Also I tried different decoders from crypto-js on password but it does not works.

Thanks in advance.

Improve this question
6
  • Relevant: Is it ever recommended to use the ECB cipher mode? Commented Jul 16, 2020 at 22:58
  • Also: What's wrong with in-browser cryptography in 2017? Commented Jul 16, 2020 at 23:00
  • On Java-side the password is NOT used as a Base64-string but converted to a 32 byte long byte array (to its hex string representation). On JS-side you try to decode the password with 'var parsedBase64Key = CryptoJS.enc.Base64.parse(password);'. Just provide the password (or its hexstring representation) to your decryption method. Commented Jul 16, 2020 at 23:48
  • 1
    Just to remember: Usage of AES ECB mode might be UNSECURE and should be avoided in most cases. Commented Jul 16, 2020 at 23:50
  • @MichaelFehr it did not worked. I tried passing the string directly as well tried it by converting to hex as well. It does not seems to work. Commented Jul 17, 2020 at 10:23

1 Answer 1

Reset to default
1

I was able to solve it. What I was doing wrong was I was using the encrypted password to decrypt my value. I realized this when I saw the password was different than the one I set. It dawn upon me that the password that I am using is encrypted one and I need to use my actual password.

The following worked once I used my actual password instead of the encrypted one.

var encryptedInfo = "5jo90pB0Sat8ftkSwS4s5cZQj2bM55kbikGKLxw/2bvk57gBPEnolPiMy3C2wr3x";

var password =  "my_secret_non_encrypted_password";
password = CryptoJS.enc.Utf8.parse(password)

var decrypt = CryptoJS.AES.decrypt(encryptedInfo.toString(), password, {
    mode: CryptoJS.mode.ECB,
    padding: CryptoJS.pad.Pkcs7
}).toString(CryptoJS.enc.Base64);

console.log('decrypt ', decrypt);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.