jsencrypt icon indicating copy to clipboard operation
jsencrypt copied to clipboard
verified publisher icon travist

'Encrypted message length is invalid.' using node-forge to decrypt the message encrypted from jsencrypt

Open helxsz opened this issue 1 year ago • 1 comments

currently using jsencrypt and node-forge for decrypt and encrypt the message using RSA, while jsencrypt is used in frontend and node-forge in backend.

import { JSEncrypt } from 'jsencrypt'
import * as forge from 'node-forge';

const message = 'data....'
const publicKey = '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqM+l9ZWy1Frt6felFFLmfZNls\nVbU1dKpF8Rx83FtKCsztO5k/iV5N9BbfHFUg9Y40b/EK2j/BPc1xlLYAHMXn6563\nXCwZ4IuCxvfOwz9qT9gkKBxkI5b0rnikkSWTGlJEk2PdZ7Plc73Fa+bx3PvuKvMd\ncKWvd80+vt9+b/7hrwIDAQAB\n-----END PUBLIC KEY-----'

const publicK = forge.pki.publicKeyFromPem(publicKey)
const encrypted = publicK.encrypt( message, 'RSA-OAEP')
console.log('encrpted:', encrypted) 

const privateKey = '-----BEGIN PRIVATE KEY-----\nMIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKoz6X1lbLUWu3p9\n6UUUuZ9k2WxVtTV0qkXxHHzcW0oKzO07mT+JXk30Ft8cVSD1jjRv8QraP8E9zXGU\ntgAcxefrnrdcLBngi4LG987DP2pP2CQoHGQjlvSueKSRJZMaUkSTY91ns+VzvcVr\n5vHc++4q8x1wpa93zT6+335v/uGvAgMBAAECgYArxUnou6qnL39rUvIol9ncyfy4\nRZpicuxPLGCdI7Y+ZmSpJciVdGhSN9Gh8xFZdozpo1gj6Fi5A4HQEeR0RvIF9Rgh\nERblj1rRWqxPcsIddOO9VaknQPICWKqEW9+E1bEcyNUblCHA4LGyQwmuEFUb/Tkj\nxAghIHuEBCe0GFiVwQJBAN5i5QSoOIpdFHA0c981E4VhHc/muXwjx1HfE1pcuuFb\nTy3OwEoZdFp3LIjBnBkPRneLTNjo5WTIwrmfsy6VDF8CQQDD7c6d/nKiJwIESlr+\n/idqXAPNR/iS1YX3Nqtk9jgrgf5zULHr2nbk7MDas5S9Z9XPdUmxtnP44dhoGvDk\nzyyxAkB7XBxyQuZqSkvGGjKUhJq5iC/DXddSd35fegEARSQdUktPu7qK4Cfc7vKz\nQcLXW9PZCFqukDJ/f6YU1fPNSTy9AkADQ78hms/GK+g4shR6EzoM56OYlA5sQ+qL\nh/mrIP8mmm/m8/1C9MzuW5OLEVr1HPnPDyE/OM8N4pV8hpZk+Z7BAkEAzaFstazA\nxLzZOBWhvOzzo722glZ7HVezhMocLu7Y3EOXP/nbx09JpU3U7Egp5UVp0aiknh/Q\nez4Cc4ksMedxdA==\n-----END PRIVATE KEY-----\n'
const privateK = forge.pki.privateKeyFromPem(privateKey)

const decrypted = privateK.decrypt(encrypted, 'RSA-OAEP')
console.log('original:', decodeURIComponent(decrypted))

this worked.

then trying with jsencrypt with same pub/pri key and message.

  const encrypt = new JSEncrypt();
  encrypt.setPublicKey(publicKey);
  let encrypedQuery = encrypt.encrypt( message );
  console.log( encrypedQuery );

  try{
    const privateK = forge.pki.privateKeyFromPem(privateKey)
    const decrypted2 = privateK.decrypt(encrypedQuery)
    console.log('original::', decodeURIComponent(decrypted2)) 
  }catch(err){
    console.log(err);
    
  }

this outputs an error saying 'Encrypted message length is invalid.'

ant idea?

helxsz avatar Nov 28 '24 03:11 helxsz

JSEncrypt, i.e. encrypt.encrypt(message) returns the ciphertext Base64 encoded, which is why a Base64 decoding is required in the node forge part: privateK.decrypt(forge.util.decode64(encrypedQuery)), see https://jsfiddle.net/f4scdvka/.

user163 avatar May 02 '25 08:05 user163