Comments (13)
Okay. I will investigate the discrepancy between this library and node.
from steel_crypt.
To test this, I'll need the values for "secureKey", "data", and "salt". Additionally, what cryptographic library are you using for NodeJS?
from steel_crypt.
I am using the inbuilt library in NodeJs
Here is the code, with the dummy key, salt & data, which works fine on app but on node I am getting an error saying the Invalid key length
var crypto = require('crypto'),
algorithm = 'aes-256-gcm',
password = 'n7oAAnS6oSuo9XEExIM2ZfsIw5O1nCuT7JmlEAe+ykQ=',
// do not use a global iv for production,
// generate a new one for each encryption
iv = 'cfPaa8EXVmNrhfJ36508FQ=='
function encrypt(text) {
var cipher = crypto.createCipheriv(algorithm, password, iv)
var encrypted = cipher.update(text, 'utf8', 'hex')
encrypted += cipher.final('hex');
var tag = cipher.getAuthTag();
return {
content: encrypted,
tag: tag
};
}
function decrypt(encrypted) {
var decipher = crypto.createDecipheriv(algorithm, password, iv)
decipher.setAuthTag(encrypted.tag);
var dec = decipher.update(encrypted.content, 'hex', 'utf8')
dec += decipher.final('utf8');
return dec;
}
var hw = encrypt("hello world")
// outputs hello world
console.log(decrypt(hw));
from steel_crypt.
Your key and iv are using base64 encoding. An issue could be that NodeJS expects a hex-encoded key or something.
from steel_crypt.
Whoops didnt mean to close this
from steel_crypt.
Actually NodeJs has an option for using Base64 also if convert the key to hex the key length is still wrong
from steel_crypt.
I don't know what to tell you. 'n7oAAnS6oSuo9XEExIM2ZfsIw5O1nCuT7JmlEAe+ykQ=' is a 32 byte key encoded using base64. What length key does nodeJS want? It should only need a 32 byte key.
from steel_crypt.
Hey, I guess the way I am generating the key could be wrong on my part.
var secureKey = HashCrypt(algo: HashAlgo.Sha_256).hash(inp: 'dummy');
I then used that key for
var aesEncrypter = AesCrypt(padding: PaddingAES.iso78164, key: secureKey);
var encrypted = aesEncrypter.gcm.encrypt(inp: data, iv: salt);
I am just confused why steelcrypt AesCrypt accepted the secureKey if its not 32 byte
And you are right NodeJs needs a 32 byte too but it doesn't accept the key above.
from steel_crypt.
A NodeJs working example similar to the one you've made for dart would be really useful for everyone. It has all the same crypto features which have been standardized and interoperability is really key as a lot of backend software use NodeJs or Python.
from steel_crypt.
for now we decide to stick to
var crypted = aes.ctr.encrypt(inp: plainText, iv: salt); //encrypt
var decrypted = aes.ctr.decrypt(enc: crypted, iv: salt);
It works now in both our nodejs backend and dart
from steel_crypt.
I couldn't work out the parameters to make GCM
work on node
from steel_crypt.
Thanks that would be super helpful
from steel_crypt.
Okay. I will investigate the discrepancy between this library and node.
Any update on this?
from steel_crypt.
Related Issues (20)
- Get iv automatically HOT 6
- FormatException: Invalid character HOT 2
- Password-based AES CBC encryption? HOT 5
- SHA3 SHAKE HOT 3
- How to use AES mode ECB with ZeroPadding HOT 1
- Cannot call has pass in PBKDF2 mode HOT 4
- Investigate AES-GCM divergence, tag HOT 17
- RegistryFactoryException: No algorithm registered of type BlockCipher with name: AES/OFB HOT 7
- RegistryFactoryException when calling HashCrypt(algo: HashAlgo.Sha3_256).hash(inp: username) HOT 6
- Flutter web build fails when including any version of steel crypt. HOT 8
- 'SecureRandom' is imported from both 'package:encrypt/encrypt.dart' and 'package:pointycastle/api.dart'.
- encrypt and decrypt data between python crypto package and dart steel_crypt HOT 1
- AES-256-GCM HOT 3
- Publish package HOT 1
- Null safety HOT 5
- It's "insecure" HOT 1
- Wrong password for decryption raises FormatException (Clarification) HOT 2
- Speed
- Does this package allows AES-GCM or ChaCha20Poly1305 streaming? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from steel_crypt.