Porting AES encryption functionality to node.js

Question content

I am trying to port a go program (https://github.com/mckael/samtv) to node.js, which can be passed "smartview" api controls Samsung TV

There is an "aes encryption" feature in the program that I'm having trouble porting to node.

func (s *smartviewsession) aesencrypt(plaindata []byte) ([]byte, error) {
    //logrus.debugf("aesencrypt(%#v) : '%s'", plaindata, string(plaindata))
    //logrus.debugf("session id:  %d", s.sessionid)
    //logrus.debugf("session key: '%x'\n  %v", string(s.sessionkey), s.sessionkey)

    // create cipher block
    block, err := aes.newcipher(s.sessionkey)
    if err != nil {
        return nil, err
    }

    bs := block.blocksize()
    //logrus.debugf("block size: %d", bs)

    // add padding
    padding := bs - len(plaindata)%bs
    padtext := bytes.repeat([]byte{byte(padding)}, padding)
    //logrus.debugf("padding: %d byte(s)", padding)
    plaindata = append(plaindata, padtext...)

    // encrypt
    ciphertext := make([]byte, len(plaindata))
    for cipherrange := ciphertext; len(plaindata) > 0; {
        block.encrypt(cipherrange, plaindata[:bs])
        plaindata = plaindata[bs:]
        cipherrange = cipherrange[bs:]
    }

    //logrus.debugf("ciphertext: %#v", ciphertext)
    return ciphertext, nil
}

The problem I'm facing now is that I don't know what algorithmthim to use, or where I need to specify in my node.js function the "initial vector" comes from:

const SESSION_KEY = "59e8ca4b09f2a19ab5421cf55d604c7c";

var aesEncrypt = ((val, algo = "aes-256-cbc") => {
    let cipher = crypto.createCipheriv(algo, SESSION_KEY, IV);
    let encrypted = cipher.update(val, 'utf8', 'base64');
    encrypted += cipher.final('base64');
    return encrypted;
});

Can I use crypto.createcipher(...) instead? But it's been deprecated, and it feels like the padding stuff is important.

I know nothing about encryption. Any tips are welcome.

Note: In the go function, s.sessionkey has the same value as session_key = "59e8ca4b09f2a19ab5421cf55d604c7c" in node.js

Solution

go code applies aes in ecb mode and uses pkcs#7 padding. aes variants Implicit Derived from the key size, e.g. aes-128 for 16 byte keys. The ciphertext is returned as []byte.

In the nodejs code, the aes variant and mode are explicitly specified, such as aes-128-ecb. ecb mode does not apply IVs, so must be specified as null in createcipheriv(). Use padding pkcs#7 (default). The ciphertext can be returned as buffer, which is closest to []byte.

The published key 59e8ca4b09f2a19ab5421cf55d604c7c looks like a hex-encoded key, it is hex-decoded 16 bytes large and therefore corresponds to aes-128. Hexadecimal decoding can be implemented in go using the encoding/hex package, for example with hex.decodestring("59e8ca4b09f2a19ab5421cf55d604c7c").

Nodejs code example using aes-128 (16 byte key) and pkcs#7 padding in ecb mode:

var crypto = require('crypto');

const SESSION_KEY = Buffer.from("59e8ca4b09f2a19ab5421cf55d604c7c", "hex");

var aesEncrypt = ((val, algo = "aes-128-ecb") => {
    let cipher = crypto.createCipheriv(algo, SESSION_KEY, null);
    return Buffer.concat([cipher.update(val, 'utf8'), cipher.final()]);
});

var ciphertext = aesEncrypt("The quick brown fox jumps over the lazy dog");
console.log(ciphertext.toString('base64')); // T/uQforseVFkY93mqwpwCGVVnEFDTT5Gle8a8XUxCfOXCfYUo3uCJ/nwzCIJ9xqf

The go code gives the same results using the same key (hex decoding) and base64 encoding of plaintext and ciphertext.

For completeness: the key can also be encoded in utf-8 and then generate a 32-byte key, such as key := []byte("59e8ca4b09f2a19ab5421cf55d604c7c") and ## in the go code #const session_key = buffer.from("59e8ca4b09f2a19ab5421cf55d604c7c", "utf-8") nodejs code. In nodejs code, aes-256-ecb must also be applied. Ultimately, the key specification must provide information on which encoding to use.

Please note that ecb mode is not safe. Nowadays it is common to use authenticated encryption, for example via gcm mode.

The above is the detailed content of Porting AES encryption functionality to node.js. For more information, please follow other related articles on the PHP Chinese website!