I'm encrypting a string in ColdFusion
enc_string = '7001010000006aaaaaabbbbbb';
uid = encrypt(enc_string,'WTq8zYcZfaWVvMncigHqwQ==','AES','Hex');
// secret key for tests only
decipher = crypto.createDecipher('aes-192-ecb', 'WTq8zYcZfaWVvMncigHqwQ==')
dec = decipher.update(uid, 'hex', 'utf8')
dec += decipher.final('utf8')
ColdFusion Encryption with IV
enc_string = '7001010000006aaaaaabbbbbb'; myKey = Tobase64("abcdefghijkl1234"); myIV = charsetDecode("abcdefghijkl9876", "utf-8"); uid=encrypt(enc_string,myKey,'AES/CBC/PKCS5Padding','hex',myIV);
Encrypted uid value is:
Now we take it to node:
var Crypto = require('crypto'); var key = new Buffer('abcdefghijkl1234'); var iv = new Buffer('abcdefghijkl9876'); var encrypted = new Buffer('614981D0BC6F19A3022FD92CD6EDD3B289214E80D74823C3279E90EBCEF75D90', 'hex'); var decipher = Crypto.createDecipheriv('aes-128-cbc', key, iv); var decrypted = decipher.update(encrypted); var clearText = Buffer.concat([decrypted, decipher.final()]).toString(); console.log(clearText);
what was expected.
Origin of the problem
Originally in Coldfusion i was using key generated by:
which generated base64 key which was required by encrypt method. And there was no 'secret' from which was generated.
In Node Crypto method createDecipheriv gets Buffer as params. Buffers requires secret, not keys. I'm not sure why it doesn't work without IV.
What need to be changed in Coldfusion
In Node every input is Buffer.
I think that this short tutorial can help also people who have same issue in other languages like cf->php or cf->python.