1

We are trying to encrypt and decrypt using an asymmetric key in AWS KMS. The configuration for the key is as follows:

AWS asymmetric key configuration

In NodeJS, we use the public key to encrypt via the crypto.publicEncrypt:

const encryptRSAPayload = (buffer, publicKey) => {
  const encryptedBuffer = crypto.publicEncrypt(
    {
      key: publicKey,
      oaepHash: 'sha256',
      padding: crypto.constants.RSA_PKCS1_OAEP_PADDING,
    },
    buffer
  );

  return encryptedBuffer;
};

And we use the function like this (the public key is read from a local file during the minimal repro):

  const plainText = '12345678910';
  const encrypted = await encryptRSAPayload(Buffer.from(plainText), publicKey);

Now, four developers have ran the exact same code (zipped, with public key etc), this is happening:

NOTE: All of the developers are on the latest OSX system.

  1. Two of us can use AWS to decrypt whatever we produce from the encrypt function, and the other two can not (failing with IvalidCiphertext: null) from AWS.

  2. The encrypted, base64 string from one of the machines that can not encrypt -> decrypt, can not be decrypted on any other machine.

  3. The encrypted base64 string from one of the machines that can encrypt -> decrypt, can be decrypted in aws from any machine.

By now, ive spent two days on this and am a bit lost on what to do. Any ideas?

Letterix
  • 45
  • 5
  • 1
    Wrong key, encoding errors we cannot tell. – Maarten Bodewes May 29 '20 at 23:34
  • Any way to narrow it down? Wrong key is not it since the exact same code works on different machines; including the same zipped key. – Letterix Jun 01 '20 at 07:13
  • Do a binary compare of the input as binary in hexadecimals and compare the modulus. If those. Otherwise you usually have to experiment with the hash functions in OAEP, it is unlikely that the implementation is faulty. Make sure that e.g. the modulus is not interpreted as negative value if you're setting the key values yourself instead of decoding the key all at once. – Maarten Bodewes Jun 01 '20 at 11:06
  • Thanks, ill check it out! – Letterix Jun 01 '20 at 11:29

1 Answers1

0

Problem solved after a few more days of debugging. The problem stemmed from the shipped version of OpenSSL that comes with OSX. For me, that was LibreSSL 2.8, which does not include some of the padding flags used in OAEP nor changing the hash to sha256 (instead of sha1).

The solution was:

  1. Install OpenSSL via Homebrew and set the PATH env to use that version instead of the shipped version.
  2. Reinstall any installed node version to re-link to the correct OpenSSL version.
Letterix
  • 45
  • 5