javascript - How to C#.NET encrypt() then JS WebCryptoApi decrypt() using AES-GCM? -


i want encrypt data using c# , decrypt using js.

this table suggests aes-gcm way go webcryptoapi https://diafygi.github.io/webcrypto-examples/.

i using bouncycastle https://codereview.stackexchange.com/questions/14892/simplified-secure-encryption-of-a-string encrypt (and decrypt) in .net.

 var message = "this test message";  var key = aesgcm.newkey();  console.out.writeline("key:" + convert.tobase64string(key));  >> key:5tgx6aohot1t9srimyiliendqxwfdjfosravfms0ed4=  string encrypted = aesgcm.simpleencrypt(message, key);  console.out.writeline("encrypted:" + encrypted);  >>  encrypted:ct0/vbovsyp/lmxaafqkkw91+ts+8uzddhlrtg1xvjpnl7kibgyb4kfdngl+xj4fyqdb4jxgdtk=  var decrypted = aesgcm.simpledecrypt(encrypted, key);  console.out.writeline("decrypted:" + decrypted);  >> decrypted:this test message

but, can't figure out how decrypt client side. there's great list of webcryptoapi examples including aes-gcm @ https://github.com/diafygi/webcrypto-examples#aes-cbc---decrypt.

first step (which seems working) import key, have base-64 encoded string:

var keystring = "+6yddiijjl8lqt60vohup25p4ynxz0crmoe/wka+mqo=";  function _base64toarraybuffer(base64) {     var binary_string =  window.atob(base64);     var len = binary_string.length;     var bytes = new uint8array( len );     (var = 0; < len; i++)        {         bytes[i] = binary_string.charcodeat(i);     }     return bytes.buffer; }  var key = _base64toarraybuffer(keystring ) var cryptokey; // we'll out in promise below window.crypto.subtle.importkey(     "raw",     key,     {   //this algorithm options         name: "aes-gcm",     },     true, // whether key extractable     ["encrypt", "decrypt"] // usages ) .then(function(key){     //returns symmetric key     console.log(key);      cryptokey = key; }) .catch(function(err){     console.error(err); });

the final step should decrypt encoded message, base-64 encoded string

var encryptedstring = "adhb4uhm93uwyriv6l1sryfbxepibj3sqw8vwjdp7v+xoxgi6fjmuceeitp1kqwxiszp3qhoahq="; var encryptedarraybuffer = _base64toarraybuffer(encryptedstring) window.crypto.subtle.decrypt(     {         name: "aes-gcm",         iv: new arraybuffer(12), //the initialization vector used encrypt         //additionaldata: arraybuffer, //the addtionaldata used encrypt (if any)        // taglength: 128, //the taglength used encrypt (if any)     },     cryptokey, //from above     encryptedarraybuffer //arraybuffer of data ) .then(function(decrypted){     //returns arraybuffer containing decrypted data     console.log(new uint8array(decrypted)); }) .catch(function(err){     debugger; console.error(err); });

unfortunately, thowing domerror.

i have no idea supposed use "iv" in decrypt method. i've tried null, arraybuffer(0), arraybuffer(12). pretty understanding ends.

if implementation of aesgcm, should see nonce (called iv) part of ciphertext. size set 16 bytes (noncebitsize = 128). need read many bytes beginning of ciphertext in javascript , use remaining bytes actual ciphertext decrypted.

gcm defined nonce of 96 bit, might need change noncebitsize = 96 , read first 12 bytes.

based on this answer, need slice last 16 bytes of ciphertext (macbitsize = 128) authentication tag.

example 96 bit nonce:

window.crypto.subtle.decrypt(     {         name: "aes-gcm",         iv: encryptedarraybuffer.slice(0, 12), //the initialization vector used encrypt         //additionaldata: arraybuffer, //the addtionaldata used encrypt (if any)        // taglength: 128, //the taglength used encrypt (if any)         tag: encryptedarraybuffer.slice(-16), // authentication tag     },     cryptokey, //from above     encryptedarraybuffer.slice(12, -16) //arraybuffer of data     // alternatively: encryptedarraybuffer.slice(12) // in cases leave authentication tag in place  )

Comments

Post a Comment

Popular posts from this blog

Command prompt result in label. Python 2.7 -

i want put result(output) of shell command label. command works, label shows "0", however, in command prompt, result shown correctly, need showed in label. doing ubuntu. myg1 = button(root, text="rodyti informacija", command=lambda: gauti()) myg1.pack(side=bottom) def gauti(): imti = tekstas.get("1.0", "end-1c") info = subprocess.call("id '{imti}' ".format(imti=imti), shell=true) w = label(root, text= info) w.pack(side = bottom) subprocess.call() returns exit code of process created (in case 0 success). if want text output of process, should instead call subprocess.check_output() .
Read more

javascript - How do I use URL parameters to change link href on page? -

i change href value of link using url parameters. example: default <a id="dlink" href="link-1">link</a> but, when user goes https://url.com/?dlink=link-2 it swaps out link new link <a id="dlink" href="link-2">link</a> first need value url. if you're not using javascript framework can create function using jquery. please check get url parameter jquery or how query string values in js it. after that, element "a" id , set value there. $("#dlink").attr("href", hreffromparam);
Read more

amazon web services - AWS Route53 Trying To Get Site To Resolve To www -

so have domain nameservers pointed aws route 53. site hosted on ec2 instance , reachable resolves site.com, if input www.site.com. i'm curious how site resolve www.site.com. have under route53 domains hosted zone 2 additional record sets outside of ns , soa: a site.com ec2 elastic ip cname www.site.com ec2 public dns i can reach site using both site.com , www.site.com, resolve site.com. there way make if enter either, resolves www.site.com? at first, both should record set. a site.com ec2 elastic ip www.site.com ec2 elastic ip and need redirect setting in web server (nginx, apache, ..) following. (source: how redirect www non-www nginx on centos 7 ) redirect non-www www if want redirect users plain, non-www domain www domain, add server block: server { server_name example.com; return 301 $scheme://www.example.com$request_uri; } save , exit. configures nginx redirect requests "example.com" "www.example.com". not
Read more