Bonanza Bonanza - 4 months ago 49
Node.js Question

Encrypt in Coldfusion, Decrypt in Node.js

I'm encrypting a string in ColdFusion

enc_string = '7001010000006aaaaaabbbbbb';
uid = encrypt(enc_string,'WTq8zYcZfaWVvMncigHqwQ==','AES','Hex');
// secret key for tests only


Result:


DAEB003D7C9DBDB042C63ED214E85854EAB92A5C1EC555765B565CD8723F9655


Later I want to decrypt that string in Node (just an example)

uid='DAEB003D7C9DBDB042C63ED214E85854EAB92A5C1EC555765B565CD8723F9655'
decipher = crypto.createDecipher('aes-192-ecb', 'WTq8zYcZfaWVvMncigHqwQ==')
decipher.setAutoPadding(false);
dec = decipher.update(uid, 'hex', 'utf8')
dec += decipher.final('utf8')


I have tried few ciphers but with no luck. I would like not to modify the ColdFusion code to make it work, but if there is no other chance I will do that. I want to send some ciphered data with GET from one site to another. Any advice?

EDIT: I tried all AES, DES, with IV, without IV, with & without padding. Tried also base64. Also with no luck.

Answer

ColdFusion Encryption with IV

enc_string = '7001010000006aaaaaabbbbbb';
myKey = Tobase64("abcdefghijkl1234");
myIV = charsetDecode("abcdefghijkl9876", "utf-8");
uid=encrypt(enc_string,myKey,'AES/CBC/PKCS5Padding','hex',myIV);

Encrypted uid value is:

614981D0BC6F19A3022FD92CD6EDD3B289214E80D74823C3279E90EBCEF75D90

Now we take it to node:

var Crypto = require('crypto');

var key = new Buffer('abcdefghijkl1234');
var iv = new Buffer('abcdefghijkl9876');
var encrypted = new Buffer('614981D0BC6F19A3022FD92CD6EDD3B289214E80D74823C3279E90EBCEF75D90', 'hex');
var decipher = Crypto.createDecipheriv('aes-128-cbc', key, iv);
var decrypted = decipher.update(encrypted);
var clearText = Buffer.concat([decrypted, decipher.final()]).toString();

console.log(clearText);

Result is:

7001010000006aaaaaabbbbbb

what was expected.


Origin of the problem

Originally in Coldfusion i was using key generated by:

GenerateSecretKey(algorithm [,keysize]);

which generated base64 key which was required by encrypt method. And there was no 'secret' from which was generated.

In Node Crypto method createDecipheriv gets Buffer as params. Buffers requires secret, not keys. I'm not sure why it doesn't work without IV.

What need to be changed in Coldfusion

  1. Don't use GenerateSecretKey if you want to decrypt in other language than CF
  2. Use Tobase64(secret) to generate key
  3. Use IV and generate it using charsetDecode(ivSecret, "utf-8")
  4. Algorithm: AES/CBC/PKCS5Padding
  5. For AES/ECB look @Leigh answer

In Node every input is Buffer.

I think that this short tutorial can help also people who have same issue in other languages like cf->php or cf->python.

Comments