-1

Am trying to decrypt the encoded string (which is actually encoded in java using bouncyCastle provider). As i dont see any equivalent algo for "PBEWITHSHA256AND256BITAES-CBC-BC" in nodejs. Could you please suggest me how can i decrypt the encryptedValue(which was encrypted in java) in nodejs.

I tried few approaches, but not able to find the solution.

From Java: Below is the approach

  1. bouncyCastle provider
  2. Algo# PBEWITHSHA256AND256BITAES-CBC-BC
  3. encodedOutputType as "Hex"

we got the result back as string which is hexadecimal string.

From Nodejs: I tried to decrypt using nodejs-crypto package.

  1. Converted back to array values from the hexadecimal String
  2. Used pbkdf2sync to create the key using sha256
  3. tried to decrypt the data using crypto.createDecipherIv but somehow am not able to decrypt in nodejs.

Could someone please suggest me the approach.

Rmahajan
  • 1,311
  • 1
  • 14
  • 23
user3569397
  • 27
  • 1
  • 8

1 Answers1

0

That PBE scheme is not a an instance of PBKDF2 (PKCS8); it is an instance of the PKCS12 PBE scheme, which is similar in concept but very different in details which are vital in crypto. You can 'easily' tell this by looking up the OID: https://www.bouncycastle.org/oids.html :-)

I don't see any hint that nodejs-crypto exposes this scheme, or PKCS12, although it internally uses OpenSSL which does implement both.

You could code it yourself following the specification in RFC 7292 Appendix B and C (which is in fact still widely used even though the document says it is deprecated).

Alternatively https://github.com/digitalbazaar/forge (pure js) does support PKCS12 using from an unmentioned (internal) module forge.pbe.generatePkcs12Key (actually key and IV) which looks correct to me on a quick scan (but not tested).

Community
  • 1
  • 1
dave_thompson_085
  • 34,712
  • 6
  • 50
  • 70
  • Thanks for your response dave, i will take a look and will try to generate key and iv using forge.pbe.generatepkcs12Key and will check on the same. i found the main issue is with key and iv values when i compared with java and nodejs. – user3569397 Jan 23 '19 at 03:17
  • Hi Dave, am facing some issues while trying to decrypt with forge. my encryptedMessage is a byteArray, when i tried to convert to forge.util.createBuffer it returning the data value as empty. forge.util.createBuffer(encryptedMessage) – user3569397 Jan 23 '19 at 03:55
  • Thanks alot for your help dave, it worked for me. using the forge.pbe.generatePkcs12Key provided successfull key and iv and was able to decrypt the data now. – user3569397 Jan 23 '19 at 18:38