admin管理员组文章数量:1334402
I want to encrypt some data in Node.js using an authenticated encryption scheme like AES-GCM.
If I run the following sample code
app.get("/test", function(req,res) {
var key = "12345678901234567890123456789012";
var iv = "123456789012";
var cipher = crypto.createCipheriv("id-aes256-GCM",key.toString("binary"),iv.toString("binary"));
var decipher = crypto.createDecipheriv("id-aes256-GCM",key.toString("binary"),iv.toString("binary"));
console.log(decipher.update(cipher.update("bla")));
console.log(decipher.update(cipher.final()));
console.log(decipher.final());
});
I don't get a console output but the error message "TypeError: DecipherFinal fail". If I use cipher AES-256-CTR instead of "id-aes256-GCM", this code works fine and prints "bla" on the console.
What am I doing wrong?
edit:
Further investigating shows, that cipher.update("bla") returns "â" (single character...strange) and cipher.final() returns an empty string. I think this can't be a correct ciphertext which should at least have the size of the plaintext...
I want to encrypt some data in Node.js using an authenticated encryption scheme like AES-GCM.
If I run the following sample code
app.get("/test", function(req,res) {
var key = "12345678901234567890123456789012";
var iv = "123456789012";
var cipher = crypto.createCipheriv("id-aes256-GCM",key.toString("binary"),iv.toString("binary"));
var decipher = crypto.createDecipheriv("id-aes256-GCM",key.toString("binary"),iv.toString("binary"));
console.log(decipher.update(cipher.update("bla")));
console.log(decipher.update(cipher.final()));
console.log(decipher.final());
});
I don't get a console output but the error message "TypeError: DecipherFinal fail". If I use cipher AES-256-CTR instead of "id-aes256-GCM", this code works fine and prints "bla" on the console.
What am I doing wrong?
edit:
Further investigating shows, that cipher.update("bla") returns "â" (single character...strange) and cipher.final() returns an empty string. I think this can't be a correct ciphertext which should at least have the size of the plaintext...
Share Improve this question edited Dec 2, 2012 at 22:27 rook 67k38 gold badges166 silver badges246 bronze badges asked Jun 29, 2012 at 9:44 HeinziHeinzi 6,1014 gold badges45 silver badges72 bronze badges 9-
What is the size of the returned ciphertext of
cipher.update("bla")andcipher.final()? – Maarten Bodewes Commented Jun 29, 2012 at 23:13 - I edited the question to answer it – Heinzi Commented Jun 30, 2012 at 6:49
- Sorry for the misunderstanding - I meant that I answered YOUR question with the edit. Unfortunatelly I don't have access to a pc with the id-aes256-GCM encryption scheme for the next 3 weeks, so I'll test your suggestion cipher.update("bla","binary","hex") then. – Heinzi Commented Jul 1, 2012 at 11:27
-
1
As far as I can tell, this is an issue with OpenSSL. Issuing
echo -n "bla" | openssl enc -e -id-aes256-GCM -nosalt -a -out t.outfollowed byopenssl enc -d -id-aes256-GCM -nosalt -a -in t.outyields the errorbad decrypt. Maybe a bug in OpenSSL? – fuzic Commented Sep 19, 2012 at 0:06 - 3 GCM requires extra parameters, which NodeJS can possibly not give to OpenSSL. See this thread/link: mail-archive./[email protected]/msg68932.html – StevenLooman Commented Oct 28, 2012 at 14:13
1 Answer
Reset to default 6GCM mode in OpenSSL works fine. It has been tested with other implementations as well. I know for a fact that the PolarSSL SSL library has its own GCM implementation for AES and PolarSSL can work fine with OpenSSL in return.
The GCM mode of encryption for AES requires specific GCM-related parameters. The current NodeJS API cannot provide these values to OpenSSL. And as such the calls fail, but not with clean errors. (This is more of an OpenSSL issue than a NodeJS issue).
(StevenLoomen points the reason out in the ments as well, but I'd like an answer for everybody to see)
版权声明:本文标题:javascript - How to use id-aes256-GCM with Node.JS crypto? "TypeError: DecipherFinal fail" - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742226153a2436355.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论