0

RSA encryption with NodeJS and Decryption in Java throwing BadPaddingException.

I issue is I cannot touch Java code as it is legacy code written by another team.

The Java code is another server code which is throwing BadPaddingException:

My NodeJS code is :

encryptFromKey(toEncrypt: string) {
    const absolutePath = path.resolve('./src/keys/pub_key.key');
    var publicKey = fs.readFileSync(absolutePath);
    const buffer = Buffer.from(toEncrypt);
    const keyObject = {
      key: publicKey,
      padding: constants.RSA_PKCS1_PADDING,
    };
    const encrypted = publicEncrypt(keyObject, buffer);
    return encrypted.toString('base64');
  }

The java decryption code is :

public class Main {

    public static void main(String[] args) throws Exception {
String aesKeyEnc = "Encrypted Data";
        System.out.println("aesKeyEnc -- " + aesKeyEnc);

        byte[] aesKey = rsaDecrypt(Base64.decodeBase64(aesKeyEnc), getPrivateKey());
        System.out.println("AES Key -- " + aesKey.length);

}
    public static PrivateKey getPrivateKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
        PrivateKey privateKey = null;

        String priKey2 = "MIIEoQIBAAKCAQBT/jDz6mAMBtqgZDfzZZjtWowkMkgj1CCRAJuqGN9a5eFanrFP\n"+
                "9NQA6s3Ankp2g4sBavB5JaOR4/kJSJ54naaxqe2LctsXH6y/xZ3Y1XDDt+6oeU94\n"+
                "EghoPAryAc9SNx1WFMeq0ihRu9wi+SeswUPS82l4L/5YoYsn52Cm17vnALhnOE08\n"+
                "5aFEf3dUN+ol1Yw41mvvx8IZR+H4FAUQlUgZVCKsorHbC3bOYjO7mBN6QVtTly8z\n"+
                "/PV3DgTYkKN4zWgsif/S3bDPhoxocswtYHi8azUk56VgGwLNsuBZQ7YkWqE9WwQq\n"+
                "JQynBg1PFkTao0bIHGVzq0lo0I1c3IVrk9tbAgMBAAECggEAS14hIQ3jZ4dS8G9d\n"+
                "QVueEQWaEPTJhNTY8CRCiixNZ6w1PfJ+GsgO4E/RlpCzMosw1XHXHG4oy0Vsduch\n"+
                "xAt6w5s+W04RyDsU8PPrguFrkUPftG8+XviXcKjIDYaQOS7ZdR+qVt7DbSwMCZnW\n"+
                "/w5gxM7EiiNOsMssKf9V3ABjTJFw3PqQ0ogTa3FylWIq5D8cJGIZS3thHedSYBuK\n"+
                "CkNlJKsyMNpmFxSU1hFJdulFBfzBOjFcBe8zRDH9jWQ16yNHiUkkBVHfaCECL8lV\n"+
                "p5gd4+mP4Y3DBUT42nwFB2z+qQAaZbA+HazbO7+Zp4R2d5XQ5hnS/5rfFI4o8BVx\n"+
                "7siGyQKBgQClOwhVQ7t/ln4PiZjio3RbpjqOWLMYTgQH6u2f1A2LL027wlEA9CRh\n"+
                "mUq+rcsdREPFaDWAlrIktdHd28YvFdLCYw+qRaxPWPtXodJuDJn1uT4bJa21vG+r\n"+
                "TN5I0iimjTDNQAyXpgX3Ces00jTODg7ALjjeD+0LnFmXqZf41RkgBQKBgQCCImq4\n"+
                "eg0HzUiys9Znzh309R8JzsOjch4qKXAGdXxkROobTu2gyeGTjXGxYUiW1/4M7Hr6\n"+
                "TFxJ1WpXUdPmWAMwpwKtAXsjeSC2PdvkSTWMHWgfmnoUDc0JBFm+/fze9M+bFcXl\n"+
                "BJ2aQPcbuQvNtyOqlu8kkLMOE6kdjqxDv6nL3wKBgC+QiNuSvf0Co5NxdtN3Xl2r\n"+
                "wpuLqTLL8pkc5f7mmmeA3I26aHsvzPFToZK2kQwBxMilMRGtT+cFeD63r5uKWrue\n"+
                "rLnFiM7mvKQDb4JCmmeERf6moBT7A+J6JFsuNImNh4jucTGOl5UAA/eWs6DFpzVn\n"+
                "mPND/mcjQR9JsPfu0GbJAoGABidQepay5QqNBH5ChjgV7I5mwFT5pVHxITdCZ9vI\n"+
                "XQlxNIdf7zl8pDiNBsE96HwgNEY+bnWL66Xe2HAzH/JLfFJ5aurmAsBojpWQP1RC\n"+
                "5vRBBzWLzkT0zBdbkw95lKVo58F40SKNvUyTIsl2SGz/j8KBXm5FOUYuugoUFUQL\n"+
                "6GsCgYASQ+Fib0IqHYoZWffb+UfZfbDiyTY//fsorQUIK55PlrrcZoNMhkLpYZrG\n"+
                "W39ET1fAW8jKiTWaExvdNeR+RUBirlsheTrufM5filSs0UJi9srxE2atY4eSJHhg\n"+
                "cIIbKMYFDQCPbS8uQuvIvmLXPYuKMyXhgPDehSTcVzDvJQlWJQ==\n";



        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(Base64.decodeBase64(priKey.getBytes()));
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        privateKey = keyFactory.generatePrivate(keySpec);
        return privateKey;
    }

    private static byte[] rsaDecrypt(byte[] data, Key key) throws NoSuchPaddingException, NoSuchAlgorithmException,
            InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
        cipher.init(Cipher.DECRYPT_MODE, key);
        return cipher.doFinal(data);
    }
}

The public key in pub_key.key is :

-----BEGIN PUBLIC KEY-----
MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQBT/jDz6mAMBtqgZDfzZZjt
WowkMkgj1CCRAJuqGN9a5eFanrFP9NQA6s3Ankp2g4sBavB5JaOR4/kJSJ54naax
qe2LctsXH6y/xZ3Y1XDDt+6oeU94EghoPAryAc9SNx1WFMeq0ihRu9wi+SeswUPS
82l4L/5YoYsn52Cm17vnALhnOE085aFEf3dUN+ol1Yw41mvvx8IZR+H4FAUQlUgZ
VCKsorHbC3bOYjO7mBN6QVtTly8z/PV3DgTYkKN4zWgsif/S3bDPhoxocswtYHi8
azUk56VgGwLNsuBZQ7YkWqE9WwQqJQynBg1PFkTao0bIHGVzq0lo0I1c3IVrk9tb
AgMBAAE=
-----END PUBLIC KEY-----

The private key is :

-----BEGIN RSA PRIVATE KEY-----
MIIEoQIBAAKCAQBT/jDz6mAMBtqgZDfzZZjtWowkMkgj1CCRAJuqGN9a5eFanrFP
9NQA6s3Ankp2g4sBavB5JaOR4/kJSJ54naaxqe2LctsXH6y/xZ3Y1XDDt+6oeU94
EghoPAryAc9SNx1WFMeq0ihRu9wi+SeswUPS82l4L/5YoYsn52Cm17vnALhnOE08
5aFEf3dUN+ol1Yw41mvvx8IZR+H4FAUQlUgZVCKsorHbC3bOYjO7mBN6QVtTly8z
/PV3DgTYkKN4zWgsif/S3bDPhoxocswtYHi8azUk56VgGwLNsuBZQ7YkWqE9WwQq
JQynBg1PFkTao0bIHGVzq0lo0I1c3IVrk9tbAgMBAAECggEAS14hIQ3jZ4dS8G9d
QVueEQWaEPTJhNTY8CRCiixNZ6w1PfJ+GsgO4E/RlpCzMosw1XHXHG4oy0Vsduch
xAt6w5s+W04RyDsU8PPrguFrkUPftG8+XviXcKjIDYaQOS7ZdR+qVt7DbSwMCZnW
/w5gxM7EiiNOsMssKf9V3ABjTJFw3PqQ0ogTa3FylWIq5D8cJGIZS3thHedSYBuK
CkNlJKsyMNpmFxSU1hFJdulFBfzBOjFcBe8zRDH9jWQ16yNHiUkkBVHfaCECL8lV
p5gd4+mP4Y3DBUT42nwFB2z+qQAaZbA+HazbO7+Zp4R2d5XQ5hnS/5rfFI4o8BVx
7siGyQKBgQClOwhVQ7t/ln4PiZjio3RbpjqOWLMYTgQH6u2f1A2LL027wlEA9CRh
mUq+rcsdREPFaDWAlrIktdHd28YvFdLCYw+qRaxPWPtXodJuDJn1uT4bJa21vG+r
TN5I0iimjTDNQAyXpgX3Ces00jTODg7ALjjeD+0LnFmXqZf41RkgBQKBgQCCImq4
eg0HzUiys9Znzh309R8JzsOjch4qKXAGdXxkROobTu2gyeGTjXGxYUiW1/4M7Hr6
TFxJ1WpXUdPmWAMwpwKtAXsjeSC2PdvkSTWMHWgfmnoUDc0JBFm+/fze9M+bFcXl
BJ2aQPcbuQvNtyOqlu8kkLMOE6kdjqxDv6nL3wKBgC+QiNuSvf0Co5NxdtN3Xl2r
wpuLqTLL8pkc5f7mmmeA3I26aHsvzPFToZK2kQwBxMilMRGtT+cFeD63r5uKWrue
rLnFiM7mvKQDb4JCmmeERf6moBT7A+J6JFsuNImNh4jucTGOl5UAA/eWs6DFpzVn
mPND/mcjQR9JsPfu0GbJAoGABidQepay5QqNBH5ChjgV7I5mwFT5pVHxITdCZ9vI
XQlxNIdf7zl8pDiNBsE96HwgNEY+bnWL66Xe2HAzH/JLfFJ5aurmAsBojpWQP1RC
5vRBBzWLzkT0zBdbkw95lKVo58F40SKNvUyTIsl2SGz/j8KBXm5FOUYuugoUFUQL
6GsCgYASQ+Fib0IqHYoZWffb+UfZfbDiyTY//fsorQUIK55PlrrcZoNMhkLpYZrG
W39ET1fAW8jKiTWaExvdNeR+RUBirlsheTrufM5filSs0UJi9srxE2atY4eSJHhg
cIIbKMYFDQCPbS8uQuvIvmLXPYuKMyXhgPDehSTcVzDvJQlWJQ==
-----END RSA PRIVATE KEY-----

How can I fix this bad padding exception. I am not sure if this is encoding issue.

vivek
  • 1
  • 1
  • You might as well show example plaintext input and ciphertext output from the NodeJS `encryptFromKey` function. – President James K. Polk May 29 '23 at 19:14
  • I'm not sure this is a [mre] at this point. Since the private key is actually PKCS#1 formatted rather than PKCS#8 formatted this would normally throw an exception in `KeyFactory.generatePrivate`. If, however, one adds the Bouncycastle provider to the provider list then `KeyFactory.generatePrivate` will work as apparently the Bouncycastle provider is more tolerant in what it accepts in a PKCS8EncodedKeySpec. – President James K. Polk May 29 '23 at 19:50
  • 1
    @PresidentJamesK.Polk The Java code is example code shared by another team. This is the code they are using for decryption and cannot be changed. On the other hand I can modify anything in NodeJS and publicEncrypt can only accepts the key in the above format. – vivek Jun 05 '23 at 07:28

0 Answers0