3

I need to encrypt some values in Java application using AES algorithm, and decrypt the same in my Javascript module of my application.

I saw some examples over the internet but it seems there's some differences in compatibility.

like below issue :

AES encryption in javascript and decrypting in java

Can someone please point me some code examples to solve this issue.

Thanks.

Improve this question
3

1 Answer 1

Reset to default
14

AES is an exactly specified algorithm, so all AES implementations must be "compatible". Having said that, AES is a variable-key-length block-cipher, operating on 128-bit blocks. To actually use this in a piece of software, you have to make a bunch of other choices: how to deal with input consisting of more than 1 block (this is called the "mode"), in some modes you need an initialization vector, you need to deal with input not consisting of an exact number of blocks (padding), how to encode characters into bytes, and how to represent bytes in a context (like a source file) that doesn't support that. All those things need to be compatible.

Below is a tested example. It uses the standard Java crypto functions (and Apache Commons Codec), and JavaScript crypto library crypto-js. Choices are as follows: 128-bit key, cipher-block-chaining mode (which needs an initialization vector), PKCS5/7 padding, UTF-8 for character encoding, Base64 to represent byte arrays.

This piece of Java will output Base64-encoded ciphertext:

String plainText = "Hello, World! This is a Java/Javascript AES test.";
SecretKey key = new SecretKeySpec(
    Base64.decodeBase64("u/Gu5posvwDsXUnV5Zaq4g=="), "AES");
AlgorithmParameterSpec iv = new IvParameterSpec(
    Base64.decodeBase64("5D9r9ZVzEYYgha93/aUK2w==")); 
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
System.out.println(Base64.encodeBase64String(cipher.doFinal(
    plainText.getBytes("UTF-8"))));

This piece of JavaScript correctly decrypts it:

<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
<script>
var encrypted = CryptoJS.enc.Base64.parse('3Q7r1iqtaRuJCo6QHA9/GhkTmbl4VkitV9ZsD3K2VB7LuBNg4enkJUA1cF8cHyovUH2N/jFz3kbq0QsHfPByCg==');
var key = CryptoJS.enc.Base64.parse('u/Gu5posvwDsXUnV5Zaq4g==');
var iv = CryptoJS.enc.Base64.parse('5D9r9ZVzEYYgha93/aUK2w==');
document.write(CryptoJS.enc.Utf8.stringify(CryptoJS.AES.decrypt(
    { ciphertext: encrypted },
    key, 
    { mode: CryptoJS.mode.CBC, padding: CryptoJS.pad.Pkcs7, iv: iv,  })));
</script>
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Hi, Frans Thank you for your response, can you please tell me how to use my own key for encryption instead of "u/Gu5posvwDsXUnV5Zaq4g==".
This guy has it down perfect github.com/mpetersen/aes-example, i just implemented this and to use a string password, you will need to match Salt, IV, iterations and key size.
This is not working anymore. I had to add iv and salt by replacing { ciphertext: encrypted } with {ciphertext: encrypted, iv: iv, salt:''}.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.