C# like Encrypting/decrypting secret in javascript

Question

I have writted code in C# to securely store values in azure kv usign followjg code (in C#):

Example of what I had written before:

        private readonly ILogger<AesCryptoProvider> _logger;
        private const int Rfc2898KeygenIterations = 100;
        private const int AesKeySizeInBits = 256;
        private const int SaltSizeInBits = 32;

        public byte[] Decrypt(string key, byte[] dataToDecrypt)
        {
            try
            {
                byte[] encryptedData = dataToDecrypt.Take(dataToDecrypt.Length - SaltSizeInBits).ToArray();
                byte[] salt = dataToDecrypt.Skip(dataToDecrypt.Length - SaltSizeInBits).ToArray();
                byte[] decryptedData;
                using (Aes aes = new AesManaged())
                {
                    aes.Padding = PaddingMode.PKCS7;
                    aes.KeySize = AesKeySizeInBits;
                    int keyStrengthInBytes = aes.KeySize / 16;
                    var rfc2898 = new Rfc2898DeriveBytes(key, salt, Rfc2898KeygenIterations);
                    aes.Key = rfc2898.GetBytes(keyStrengthInBytes);
                    aes.IV = rfc2898.GetBytes(keyStrengthInBytes);
                    using (MemoryStream ms = new MemoryStream())
                    {
                        using (CryptoStream cs = new CryptoStream(ms, aes.CreateDecryptor(), CryptoStreamMode.Write))
                        {
                            cs.Write(encryptedData, 0, encryptedData.Length);
                        }
                        decryptedData = ms.ToArray();
                    }
                }

                return decryptedData;
            }
            catch (CryptographicException ex)
            {
                throw;
            }
        }
        public byte[] Encrypt(string key, byte[] dataToEncrypt)
        {
            try
            {
                byte[] salt = new byte[SaltSizeInBits];
                RandomNumberGenerator.Create().GetBytes(salt);
                byte[] encryptedData;
                using (Aes aes = new AesManaged())
                {
                    aes.Padding = PaddingMode.PKCS7;
                    aes.KeySize = AesKeySizeInBits;
                    int keyStrengthInBytes = aes.KeySize / 16;
                    var rfc2898 = new Rfc2898DeriveBytes(key, salt, Rfc2898KeygenIterations);
                    aes.Key = rfc2898.GetBytes(keyStrengthInBytes);
                    aes.IV = rfc2898.GetBytes(keyStrengthInBytes);
                    using (MemoryStream ms = new MemoryStream())
                    {
                        using (CryptoStream cs = new CryptoStream(ms, aes.CreateEncryptor(), CryptoStreamMode.Write))
                        {
                            cs.Write(dataToEncrypt, 0, dataToEncrypt.Length);
                        }
                        encryptedData = ms.ToArray();
                        long encryptedDataLength = encryptedData.Length;
                        Array.Resize(ref encryptedData, encryptedData.Length + SaltSizeInBits);
                        Array.Copy(salt, 0, encryptedData, encryptedDataLength, SaltSizeInBits);
                    }
                }

                return encryptedData;
            }
            catch (CryptographicException ex)
            {
                throw;
            }
        }

Now I need to have the same encrypt/decrypt methods in node.js

Unfortunately, I could not find api methods in node crypto module.

Could you please give me hint how to achive that or is it wrong?

See following : https://stackoverflow.com/questions/24405731/rfc2898derivebytes-in-java — jdweng, Jun 29 '20 at 13:51
A keyvault client object can encrypt/decrypt for you. You don't have to do so much work, and it is not secure to do that on the client anyway. [Take a look at the Node KeyVaultClient](https://www.npmjs.com/package/@azure/keyvault-keys) — Crowcoder, Jun 29 '20 at 14:16
The counterpart to `Rfc2898DeriveBytes` is `crypto.pbkdf2` (or `crypto.pbkdf2Sync`). For AES you can use e.g. `crypto.createCipheriv` / `crypto.createDecipheriv`. — Topaco, Jun 29 '20 at 15:24

C# like Encrypting/decrypting secret in javascript

0 Answers0