Decrypt a string using Base64 decode in angularJS - javascript

I am encrypting a token that is sent from JAVA code to Angular using Base64 encryption:
String token = "1345BCHCNB";
Cipher ecipher = Cipher.getInstance("AES");
String mykey = "1234567891234567";
SecretKey key = new SecretKeySpec(mykey.getBytes(), "AES");
ecipher.init(Cipher.ENCRYPT_MODE, key);
byte[] utf8 = token.getBytes("UTF-8");
byte[] enc = ecipher.doFinal(utf8);
String enctoken = Base64.encodeBase64(enc).toString());
Now i want to decrypt it on Angular side. I am not able to figure it out how to convert it back to actual token

Base64 is NOT about encryption, but it is an encoding flavour. You can always, with no key nor anything secret, get the original data.
In Javascript, it is implemented using the functions btoa and atob.
More infos here: http://www.w3schools.com/jsref/met_win_atob.asp
And a related topic: Base64 encoding and decoding in client-side Javascript
For the AES part, you could give a look at this topic: How to decrypt message with CryptoJS AES. I have a working Ruby example

Related

Decrypt string DES-ECB using cryptojs

I tried using this online tool to decrypt my string and it works perfectly fine, which I want to implement in my React app.
encrypted string: "iPPGVzyogeiPwpro65A0eUaQggN+8+J4mteJdeaEeFiCL4nTGWnI3F16SIjtZBIxsc7WJNlKm0HtZ754aGgzDIPzFaL/aK97"
decrypted string: "http://aac.saavncdn.com/666/487fc075363611f93bb2a8bfc27635f6_96.mp4",
When I'm trying to code this the encrypted string comes out different if I try to encrypt and vice versa
Here is my code:
var encrypted = CryptoJS.DES.encrypt(
"http://aac.saavncdn.com/666/487fc075363611f93bb2a8bfc27635f6_96.mp4",
"38346591"
).toString();
this gives a different output:
U2FsdGVkX18ql9OPbTS4FRRHvl8Tvm7m2Vg5SkUdIM2p9OF6GU0wYmJQoitwGoPlKCx8tTfdcLGNc34V3sgw1EKlCeSYtJ6LFc2BDpdfNOw3XYoadapisA==
var encrypted =
"iPPGVzyogeiPwpro65A0eUaQggN+8+J4mteJdeaEeFiCL4nTGWnI3F16SIjtZBIxsc7WJNlKm0HtZ754aGgzDIPzFaL/aK97";
var decrypted = CryptoJS.DES.decrypt(encrypted, "38346591");
console.log(decrypted.toString());
that's why the decrypt also doesn't work.
Am I missing anything?

Crypto-JS can't decode AES string from cryptopals challenge

I'm trying to decode this AES string: https://cryptopals.com/static/challenge-data/7.txt (from here)
The page simply says it's been AES encrypted in ECB mode using the key YELLOW SUBMARINE.
The Crypto-JS library should be able to decode this. The docs show a simple method, and I'm using it like so:
// message is the base64 data in the link above
// key is: YELLOW SUBMARINE
const decrypted = CryptoJS.AES.decrypt(message, key, {
mode: CryptoJS.mode.ECB
});
return decrypted.toString(CryptoJS.enc.Utf8);
Except then it throws an error on the last line: "Malformed UTF-8 data". I've tried a number of different things including all the different paddings and trying to convert the base64 data to either hex or utf-8 first. It's always that same error.
I'm really at a loss of what I'm doing wrong here.
Here's a stupid simple jsfiddle: https://jsfiddle.net/jg7hwLuk/
The key must be passed to decrypt() as WordArray. This can be achieved with the Utf8 encoder.
The ciphertext can be passed directly as Base64 encoded string and is implicitly converted to a CipherParams object by CryptoJS.
This allows the ciphertext to be decrypted:
var message = "CRIwqt4+szDbqkNY+I0qbDe3LQz0wiw0SuxBQtAM5TDdMbjCMD/venUDW9BLPEXODbk6a48oMbAY6DDZsuLbc0uR9cp9hQ0QQGATyyCESq2NSsvhx5zKlLtzdsnfK5ED5srKjK7Fz4Q38/ttd+stL/9WnDzlJvAo7WBsjI5YJc2gmAYayNfmCW2lhZE/ZLG0CBD2aPw0W417QYb4cAIOW92jYRiJ4PTsBBHDe8o4JwqaUac6rqdi833kbyAOV/Y2RMbN0oDb9Rq8uRHvbrqQJaJieaswEtMkgUt3P5Ttgeh7J+hE6TR0uHot8WzHyAKNbUWHoi/5zcRCUipvVOYLoBZXlNu4qnwoCZRSBgvCwTdz3Cbsp/P2wXB8tiz6l9rL2bLhBt13Qxyhhu0H0+JKj6soSeX5ZD1Rpilp9ncR1tHW8+uurQKyXN4xKeGjaKLOejr2xDIw+aWF7GszU4qJhXBnXTIUUNUfRlwEpS6FZcsMzemQF30ezSJHfpW7DVHzwiLyeiTJRKoVUwo43PXupnJXDmUysCa2nQz/iEwyor6kPekLv1csm1Pa2LZmbA9Ujzz8zb/gFXtQqBAN4zA8/wt0VfoOsEZwcsaLOWUPtF/Ry3VhlKwXE7gGH/bbShAIKQqMqqUkEucZ3HPHAVp7ZCn3Ox6+c5QJ3Uv8V7L7SprofPFN6F+kfDM4zAc59do5twgDoClCbxxG0L19TBGHiYP3CygeY1HLMrX6KqypJfFJW5O9wNIF0qfOC2lWFgwayOwq41xdFSCW0/EBSc7cJw3N06WThrW5LimAOt5L9c7Ik4YIxu0K9JZwAxfcU4ShYu6euYmWLP98+qvRnIrXkePugS9TSOJOHzKUoOcb1/KYd9NZFHEcp58Df6rXFiz9DSq80rR5Kfs+M+Vuq5Z6zY98/SP0A6URIr9NFu+Cs9/gf+q4TRwsOzRMjMQzJL8f7TXPEHH2+qEcpDKz/5pE0cvrgHr63XKu4XbzLCOBz0DoFAw3vkuxGwJq4Cpxkt+eCtxSKUzNtXMn/mbPqPl4NZNJ8yzMqTFSODS4bYTBaN/uQYcOAF3NBYFd5x9TzIAoW6ai13a8h/s9i5FlVRJDe2cetQhArrIVBquF0L0mUXMWNPFKkaQEBsxpMCYh7pp7YlyCNode12k5jY1/lc8jQLQJ+EJHdCdM5t3emRzkPgND4a7ONhoIkUUS2R1oEV1toDj9iDzGVFwOvWyt4GzA9XdxT333JU/n8m+N6hs23MBcZ086kp9rJGVxZ5f80jRz3ZcjU6zWjR9ucRyjbsuVn1t4EJEm6A7KaHm13m0vwN/O4KYTiiY3aO3siayjNrrNBpn1OeLv9UUneLSCdxcUqjRvOrdA5NYv25Hb4wkFCIhC/Y2ze/kNyis6FrXtStcjKC1w9Kg8O25VXB1Fmpu+4nzpbNdJ9LXahF7wjOPXN6dixVKpzwTYjEFDSMaMhaTOTCaqJig97624wv79URbCgsyzwaC7YXRtbTstbFuEFBee3uW7B3xXw72mymM2BS2uPQ5NIwmacbhta8aCRQEGqIZ078YrrOlZIjar3lbTCo5o6nbbDq9bvilirWG/SgWINuc3pWl5CscRcgQQNp7oLBgrSkQkv9AjZYcvisnr89TxjoxBO0Y93jgp4T14LnVwWQVx3l3d6S1wlscidVeaM24E/JtS8k9XAvgSoKCjyiqsawBMzScXCIRCk6nqX8ZaJU3rZ0LeOMTUw6MC4dC+aY9SrCvNQub19mBdtJUwOBOqGdfd5IoqQkaL6DfOkmpnsCs5PuLbGZBVhah5L87IY7r6TB1V7KboXH8PZIYc1zlemMZGU0o7+etxZWHgpdeX6JbJIs3ilAzYqw/Hz65no7eUxcDg1aOaxemuPqnYRGhW6PvjZbwAtfQPlofhB0jTHt5bRlzF17rn9q/6wzlc1ssp2xmeFzXoxffpELABV6+yj3gfQ/bxIB9NWjdZK08RX9rjm9CcBlRQeTZrD67SYQWqRpT5t7zcVDnx1s7ZffLBWm/vXLfPzMaQYEJ4EfoduSutjshXvR+VQRPs2TWcF7OsaE4csedKUGFuo9DYfFIHFDNg+1PyrlWJ0J/X0PduAuCZ+uQSsM/ex/vfXp6Z39ngq4exUXoPtAIqafrDMd8SuAtyEZhyY9V9Lp2qNQDbl6JI39bDz+6pDmjJ2jlnpMCezRK89cG11IqiUWvIPxHjoiT1guH1uk4sQ2Pc1J4zjJNsZgoJDcPBbfss4kAqUJvQyFbzWshhtVeAv3dmgwUENIhNK/erjpgw2BIRayzYw001jAIF5c7rYg38o6x3YdAtU3d3QpuwG5xDfODxzfL3yEKQr48C/KqxI87uGwyg6H5gc2AcLU9JYt5QoDFoC7PFxcE3RVqc7/Um9Js9X9UyriEjftWt86/tEyG7F9tWGxGNEZo3MOydwX/7jtwoxQE5ybFjWndqLp8DV3naLQsh/Fz8JnTYHvOR72vuiw/x5D5PFuXV0aSVvmw5Wnb09q/BowS14WzoHH6ekaWbh78xlypn/L/M+nIIEX1Ol3TaVOqIxvXZ2sjm86xRz0EdoHFfupSekdBULCqptxpFpBshZFvauUH8Ez7wA7wjL65GVlZ0f74U7MJVu9SwsZdgsLmnsQvr5n2ojNNBEv+qKG2wpUYTmWRaRc5EClUNfhzh8iDdHIsl6edOewORRrNiBay1NCzlfz1cj6VlYYQUM9bDEyqrwO400XQNpoFOxo4fxUdd+AHmCBhHbyCR81/C6LQTG2JQBvjykG4pmoqnYPxDyeiCEG+JFHmP1IL+jggdjWhLWQatslrWxuESEl3PEsrAkMF7gt0dBLgnWsc1cmzntG1rlXVi/Hs2TAU3RxEmMSWDFubSivLWSqZj/XfGWwVpP6fsnsfxpY3d3h/fTxDu7U8GddaFRQhJ+0ZOdx6nRJUW3u6xnhH3mYVRk88EMtpEpKrSIWfXphgDUPZ0f4agRzehkn9vtzCmNjFnQb0/shnqTh4Mo/8oommbsBTUKPYS7/1oQCi12QABjJDt+LyUan+4iwvCi0k0IUIHvk21381vC0ixYDZxzY64+xx/RNID+iplgzq9PDZgjc8L7jMg+2+mrxPS56e71m5E2zufZ4d+nFjIg+dHD/ShNPzVpXizRVUERztLuak8Asah3/yvwOrH1mKEMMGC1/6qfvZUgFLJH5V0Ep0n2K/Fbs0VljENIN8cjkCKdG8aBnefEhITdV7CVjXcivQ6efkbOQCfkfcwWpaBFC8tD/zebXFE+JshW16D4EWXMnSm/9HcGwHvtlAj04rwrZ5tRvAgf1IR83kqqiTvqfENcj7ddCFwtNZrQK7EJhgB5Tr1tBFcb9InPRtS3KYteYHl3HWR9t8E2YGE8IGrS1sQibxaK/C0kKbqIrKpnpwtoOLsZPNbPw6K2jpko9NeZAx7PYFmamR4D50KtzgELQcaEsi5aCztMg7fp1mK6ijyMKIRKwNKIYHagRRVLNgQLg/WTKzGVbWwq6kQaQyArwQCUXo4uRtyzGMaKbTG4dns1OFB1g7NCiPb6s1lv0/lHFAF6HwoYV/FPSL/pirxyDSBb/FRRA3PIfmvGfMUGFVWlyS7+O73l5oIJHxuaJrR4EenzAu4Avpa5d+VuiYbM10aLaVegVPvFn4pCP4U/Nbbw4OTCFX2HKmWEiVBB0O3J9xwXWpxN1Vr5CDi75FqNhxYCjgSJzWOUD34Y1dAfcj57VINmQVEWyc8Tch8vg9MnHGCOfOjRqp0VGyAS15AVD2QS1V6fhRimJSVyT6QuGb8tKRsl2N+a2Xze36vgMhw7XK7zh//jC2H";
var key = "YELLOW SUBMARINE";
const decrypted = CryptoJS.AES.decrypt(message, CryptoJS.enc.Utf8.parse(key), {
mode: CryptoJS.mode.ECB
});
document.getElementById("pt").innerHTML = decrypted.toString(CryptoJS.enc.Utf8);
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js"></script>
<p style="font-family:'Courier New', monospace;" id="pt"></p>

Decode JavaScript btoa() encoded string using Java/Kotlin Base64 decoder

I have an encoded string as follows:
S0VEQUkgUlVOQ0lUIFZSSU5FIEVOVEVSUFJJU0UgLSBLRyBTSU1QQU5HIDQgU09PSw
This was encoded using JavaScript btoa() function. This string can be correctly decoded using JavaScript atob() function. It should give the following decoded string :
KEDAI RUNCIT VRINE ENTERPRISE - KG SIMPANG 4 SOOK
Right now I'm developing Android app and I have to decode this string, I'm using the following to decode :
java.util.Base64.getDecoder().decode(encodedstring).toString();
I'm not getting the correct decoded output. Anyone knows what's the problem ? Is it even possible to decode using Java ?
decode(String) returns a byte[], you need to convert that to a string using a String constructor and not the toString() method:
byte[] bytes = java.util.Base64.getDecoder().decode(encodedstring);
String s = new String(bytes, java.nio.charset.StandardCharsets.UTF_8);
It looks like you need mime decoder message
java.util.Base64.Decoder decoder = java.util.Base64.getMimeDecoder();
// Decoding MIME encoded message
String dStr = new String(decoder.decode(encodedstring));
System.out.println("Decoded message: "+dStr);

Decrypt external AES256/CBC/PKCS7 data with CryptoJS, provided 64-char Hex key from SiteMinder

I'm attempting to using CryptoJS to decrypt a string, provided a 64 character string from SiteMinder.
The decrypted string looks like:
8yi6XwyLPZq%2FNjV9fmoyHYtC2UUS48KlpPLMl063gPwDDLJYkLeUFAwC8hTcXrPJkShbjJTShlLUoh2y17kwOA%3D%3D
And the key provided to me is a 64-character Hex string, like so: B55E3CE5E4E335D61E3224B2EAAA79E68AFF43FFAAA85A9D4F2BA07618DF2D67
After the information is decrypted, it should present a string that shows something like:
term1;term2
The JavaScript code I am using to decrypt with CryptoJS looks like:
CryptoJS.AES.decrypt(
encryptedValue,
64CharacterKeyProvidedAbove
).toString();
However, the decrypted value isn't coming back as expected. I've read some information about providing an IV to use a pre-defined key, but I don't have any information, only the key used when SiteMinder encrypts information from the database it is connected to.
Do I need to change the way I'm using CryptoJS?
Assuming you mean encrypted string looks like 8yi6XwyLPZq%2FNjV9fmoyHYtC2UUS48KlpPLMl063gPwDDLJYkLeUFAwC8hTcXrPJkShbjJTShlLUoh2y17kwOA%3D%3D.
And given that encryption is AES256/CBC/PKCS7.
We can make these observations:
The string looks URL-encoded and Base64-encoded (%3D is =, and Base64 often ends with =)
There is no IV which is required for CBC, so it is probably in the first 16 bytes of the encoded string. The remainder of the string is probably the ciphertext
So we can decrypt it with CryptoJS like this:
var encrypted = CryptoJS.enc.Base64.parse(decodeURIComponent(encryptedStr));
var key = CryptoJS.enc.Hex.parse(hexKey);
var iv = CryptoJS.enc.Hex.parse(CryptoJS.enc.Hex.stringify(encrypted).substr(0, 32));
var ciphertext = CryptoJS.enc.Hex.parse(CryptoJS.enc.Hex.stringify(encrypted).substr(32));
var plaintext = CryptoJS.AES.decrypt({ciphertext: ciphertext}, key, {iv: iv});
Here's a working DEMO on jsFiddle.
Result:
SERLOGINNAME=T6ATD1F;password=QWERTY!8;

AES Encryption Decryption in API Connect Gateway Script JSON Datapower

How can I use aes encrption/decryption in api connect gateway script..
Below is the process i tried and the error I am getting help me understanding this issue
const crypto = require('crypto');
var encryptionKey = '0123456789abcd0123456789';
var iv = '12345678';
var plainText = 'Testing';
var cipher = crypto.createCipheriv('aes128-cbc',encryptionKey,Buffer.from(iv, 'utf8'));
var ciph = cipher.update(plainText,'utf8','hex');
consle.error(cipher.final('hex'));
Response ---Error "Named shared secret key '0123456789abcd0123456789' not found"
Can someone share me script for encryption and decryption for aes algorithm?
From the Node.Js Documentation
The key is the raw key used by the algorithm and iv is an initialization vector. Both arguments must be 'utf8' encoded strings, Buffers, TypedArray, or DataViews. If the cipher does not need an initialization vector, iv may be null.
According to the documentation, the key and iv must both be either a UTF8 string, Buffer, TypeArray, or DataView. You may need to either change he key to a Buffer or the iv to a string.
var cipher = crypto.createCipheriv('aes128-cbc',
Buffer.from(encryptionKey, 'utf8'),
Buffer.from(iv, 'utf8'));

Categories

Resources