Click here to Skip to main content
15,921,884 members
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
I have a scenario I have a cipher text and RSA private key (encrypted form) along with AES 256 Key. My concern is I want JavaScript code that will first decrypt RSA private key using AES 256 key I don’t have initialization vector(which is randomly generated 16 bit). The decrypted RSA private key is then used to decrypt the main cipher text.
We can decrypt the data with below ruby code but we want to achieve same in Javascript

The ruby code:
Ruby
require 'openssl'
require 'base64'
private_key_path = 'C:\Users\User\Documents\Ruby\private3.pem'
passphrase = 'xxxxxxxxxxxxxxxxxx'
begin
private_key = OpenSSL::pKey::RSA.new(File.read(private_key_path), passphrase)
encrypted_ssn = File.read('C:\Users\User\Documents\RubyC=\input_case.txt')
decrypted_ssn = private_key.private_decrypt(Base64.decode64(encrypted_ssn))
puts "Decrypted SSN: #{decrypted_ssn}"
rescue Errno::ENOENT => e
puts "Error: #{e.message}. Make sure the file paths are correct."
rescue OpenSSL::pKey::RSAError => e
puts "Error: #{e.message}. Check if the private key or passphrase is correct."
end


Key Formats

(Input Case)
Cipher Text Format: rnIlnXweYGYX107Lz7nAIYSASUpZsZoAAUS9zueA=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Private key:

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,A7AF3A76C321D9FFFFFFFFFFFFFF

SOj8/nY3qkQKKcpjIXxCSIJey8LVuvYLMeZL+8BRrdnxM1RTNAMLeO3Gd7hD7PLJ
oBRsLmynXYVwIM6l0G1B+KBjXjb1K9iwnyrGFSbA3Fx8LnNaMHnfW+A3+bUUiBt0XXXXXXXXXXXXX…

-----END RSA PRIVATE KEY-----

What I have tried:

I have tried this code getting error Initialization vector incorrect? What is resolution to this issue???
Posted
Updated 5-Jun-23 2:12am
v2

1 solution

Basically, don't.
Javascript is executed on the client and can be viewed by anyone capable of pressing F12 in chrome. Which means that the keys and suchlike are also viewable - which defeats the whole point of encryption!

In addition, the Javascript can't access the file system either on the client or the server, so you need to transfer the whole encrypted message to the client browser in order for the Javascript to get access in order to decrypt.

I think you need to rethink the whole idea - this is probably not going to be possible in the way you envisage.
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900