0

I want simple encryption decryption in Node JS and C# but I'm not able to implement it properly, It's somehow breaking on the backend side(.net) and says "Invalid Padding and cannot be removed". And I'm not able to figure out why it's breaking on the backend side although I tried every possibility that I can think of. It's working on python code but not in Node JS, I don't know what I'm doing wrong, I'm generating requestData through the same methods as python's but somehow it's breaking.

I'm encrypting some data in node js and wanna decrypt that data in c# (server-side)

Here is the C# decryption code

public string DecryptData(EncryptionDecryptionParameterDto encryptionDecryptionParams)
{
    ValidateDecryptData(encryptionDecryptionParams);
    byte[] numArray = Convert.FromBase64String(encryptionDecryptionParams.CipherText);
    byte[] numArray1 = Convert.FromBase64String(encryptionDecryptionParams.SharedKey);
    string str = string.Empty;
    using (Aes cipherMode = Aes.Create("AES"))
    {
        cipherMode.Mode = encryptionDecryptionParams.CipherMode;
        cipherMode.Padding = PaddingMode.PKCS7;
        cipherMode.KeySize = 128;
        cipherMode.BlockSize = 128;
        cipherMode.Key = numArray1;
        SymmetricAlgorithm symmetricAlgorithm = cipherMode;
        byte[] numArray2 = symmetricAlgorithm.CreateDecryptor().TransformFinalBlock(numArray, 0, numArray.Length);
        string str2 = Convert.ToBase64String(numArray2, 0, numArray2.Length);
        str = Encoding.UTF8.GetString(numArray2, 0, numArray2.Length);
    }
    return str;
}

Encryption code in Node JS

export function AESEncryption(requestData:string, sessionKey: string) {
  
  // Creating Cipher with AES-256-ECB mode Algorithm
  const Cipher = crypto.createCipher('aes-256-ecb', sessionKey);

  let encryptedData = Cipher.update(requestedData, 'utf-8', 'base64');

  encryptedData += Cipher.final('base64');
  
  return encryptedData;
}

Encryption code in Python

def encryptData(sessionKey, requestDataBytes):
        base64 = b64decode(sessionKey)
        cipher = AES.new(b64decode(sessionKey), AES.MODE_ECB)
        cipherBytes = cipher.encrypt(pad(requestDataBytes, AES.block_size))
        cipherText = b64encode(cipherBytes).decode()
        return cipherText

Although I did try decryption of python or c# encrypted data in Node JS and it's not decrypting too, it's saying bad decrypt or something on the line of the final() method.

I'm not sure about the padding thing, cause I don't know much about it. And Node JS provide auto Padding and I read about it, it provides PKCS7 padding properly but I'm not sure whether I'm able to use it or not.

It's been more than a week I'm stuck in AES encryption part and I really want to do this. If you guys need any extra code or information regarding this, I'll provide that. Thank you in Advance.

burnsi
  • 6,194
  • 13
  • 17
  • 27
Prafful Kamble
  • 11
  • 3
  • 1
    [`createCipher()`](https://nodejs.org/api/crypto.html#cryptocreatecipheralgorithm-password-options) uses a key derivation function: `EVP_BytesToKey()`, for more info see the description. Thus you need a suitable implementation for the C# side. There are several on the web, e.g. https://gist.github.com/caspencer/1339719. Note that `createCipher()` is deprecated and insecure. – Topaco Jan 30 '23 at 15:20
  • Hi @Topaco, Thank you so much for this information regarding createCipher(). I changed the method to createCipheriv() and put iv value null, and it worked like a charm. Thank you again. – Prafful Kamble Jan 31 '23 at 05:44

0 Answers0