Search code examples
encryptiongoaescryptojs

CryptoJS encrypt Go decrypt

I have the following Go code

ciphertext := "Zff9c+F3gZu/lsARvPhpMau50KUkMAie4j8MYfb12HMWhkLqZreTk8RPbtRB7RDG3QFw7Y0FXJsCq/EBEAz//XoeSZmqZXoyq2Cx8ZV+/Rw="
decodedText, _ := base64.StdEncoding.DecodeString(ciphertext)
decodedIv, _ := base64.StdEncoding.DecodeString("u9CV7oR2w+IIk8R0hppxaw==")
newCipher, _ := aes.NewCipher([]byte("~NB8CcOL#J!H?|Yr"))
cfbdec := cipher.NewCBCDecrypter(newCipher, decodedIv)
cfbdec.CryptBlocks(decodedText, decodedText)
data, _ := base64.StdEncoding.DecodeString(string(decodedText))
println(string(data))

The output is {"data":{"value":300}, "SEQN":700 , "msg":"IT WORKS!!"

It's encrypted with the following CryptoJS 

function encrypt(message, key) {
  let keyHex = CryptoJS.enc.Hex.parse(parseToHex(key))
  let iv = CryptoJS.lib.WordArray.random(128 / 8);
  let wordArray = CryptoJS.enc.Utf8.parse(message);
  let base64 = CryptoJS.enc.Base64.stringify(wordArray);
  let encrypted = CryptoJS.AES.encrypt(base64, keyHex, { iv: iv });
  return {
    cipher: encrypted.ciphertext.toString(CryptoJS.enc.Base64),
    iv: CryptoJS.enc.Base64.stringify(iv),
    length: base64.length,
    size: encrypted.ciphertext.sigBytes,
  }
}

And can be decrypted with 

function decrypt(message, key, iv) {
  let ivEX = CryptoJS.enc.Hex.parse(decodeToHex(iv));
  let keyEX = CryptoJS.enc.Hex.parse(parseToHex(key));
  let bytes = CryptoJS.AES.decrypt(message, keyEX , { iv: ivEX});
  let plaintext = bytes.toString(CryptoJS.enc.Base64);
  return decodeToString(decodeToString(plaintext));
}

The output is {"data":{"value":300}, "SEQN":700 , "msg":"IT WORKS!!" } - this is the correct output

Why Go has different output?

Solution

  • Check your errors please. ALWAYS

    illegal base64 data at input byte 75

    https://play.golang.org/p/dRLIT51u4I

    More specifically, the value at byte 75 is 5, which is out of the range of characters available to base64. In ascii, it is the ENQ (enquiry) character. As to why this ends up in your final base64 string is beyond me.

    EDIT: OK found the issue. For whatever reason, the base64 padding character = at the end is being decrypted as 5 consecutive bytes containing the value 5. Here is a playground link that shows it fixed. https://play.golang.org/p/tf3OZ9XG1M

    EDIT: As per matt's comments. I updated the fix function to simply remove all the PKCS7 block padding and use RawStdEncoding for the last base64 decode. This should now be a reasonable fix.