Node JS nodejs-aes256 Decrypting which is Encrypted in Ruby with AESCrypt

[fsck-mount]

I have a problem converting the cipher text which is encrypted in Ruby using AESCrypt using NodeJS nodejs-aes256. I've modified a little nodejs-aes256 as it is appending IV in the begining and Ruby is not appending it.

So here is my nodejs-aes256:

var aes256 = {},
    crypto = require('crypto'),
    algorithm = 'aes-256-cbc';

aes256.encrypt = function (key, data) {
    var sha256 = crypto.createHash('sha256');
    sha256.update(key);

    var iv = crypto.randomBytes(16),
        plaintext = new Buffer(data),
        cipher = crypto.createCipher(algorithm, sha256.digest()),
        ciphertext = cipher.update(plaintext);
    ciphertext = Buffer.concat([ciphertext, cipher.final()]);

    return ciphertext.toString('base64');
};

aes256.decrypt = function (key, data) {
    var sha256 = crypto.createHash('sha256');
    sha256.update(key);

    var input = new Buffer(data, 'base64'),
        iv = input.slice(0, 16),
        ciphertext = input.slice(16),
        decipher = crypto.createDecipher(algorithm, sha256.digest()),
        plaintext = decipher.update(input);
    plaintext += decipher.final();

    return plaintext;
};

module.exports = aes256;

var aes = require('nodejs-aes256')
var ci = aes.encrypt('dealbreaker', '60000215')
// lKJC4lrQ1Nc+cUfsZ1b/TA==
var p = aes.decrypt('dealbreaker', c)
//60000215

In Ruby, the same thing is done the following way:

require 'aescrypt'
c = AESCrypt.encrypt('60000215', 'dealbreaker')
# lNFkFM72AMGL6Ch2iYGp2g==\n
p = AESCrypt.decrypt(c, 'dealbreaker')
# 60000215

Now, when I try to decrypt Ruby encrypted cipher in NodeJS, I'm getting the following error:

Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
    at Decipher.final (crypto.js:157:26)
    at Object.aes256.decrypt (/Users/GowthamSai/node_modules/nodejs-aes256/nodejs-aes256.js:27:27)
    at repl:1:9
    at realRunInThisContextScript (vm.js:22:35)
    at sigintHandlersWrap (vm.js:98:12)
    at ContextifyScript.Script.runInThisContext (vm.js:24:12)
    at REPLServer.defaultEval (repl.js:313:29)
    at bound (domain.js:280:14)
    at REPLServer.runBound [as eval] (domain.js:293:12)
    at REPLServer.onLine (repl.js:513:10)

And the same, when I try to decrypt the one which is encrypted by node in Ruby, the following error is occurring:

OpenSSL::Cipher::CipherError:
	from /Users/GowthamSai/.rvm/gems/ruby-2.2.2/gems/aescrypt-1.0.0/lib/aescrypt.rb:61:in `final'
	from /Users/GowthamSai/.rvm/gems/ruby-2.2.2/gems/aescrypt-1.0.0/lib/aescrypt.rb:61:in `decrypt_data'
	from /Users/GowthamSai/.rvm/gems/ruby-2.2.2/gems/aescrypt-1.0.0/lib/aescrypt.rb:38:in `decrypt'
	from (irb):46
	from /Users/GowthamSai/.rvm/rubies/ruby-2.2.2/bin/irb:11:in `<main>'

We have a cookie which is set by backend (Ruby) encrypted and I'm trying to send the cookie another service which is (Node) trying to decrypt there.

PS: I can't use IV in backend ( where the cookie is set by) as we have millions of users, and once we deploy with IV, we won't be able to identify the users and face problems. I don't wanna take risk.

I guess it's the problem of padding used in these 2 languages. But i'm not pro to really understand what's happening behind the scenes..

Thanks in advance :)

[mscdex]

General questions like this should be asked on the nodejs/help issue tracker instead. This issue tracker is for node core bug reports, feature requests, etc.

[fsck-mount]

@mscdex Thanks. I'm not aware of that. I posted the same one here. Just tagging here for other references.