node-rsa errors when trying to decrypt message with private key

Question

So I've been trying to use node with node-rsa and javascript with jsencrypt to create a website (for an assignment) where the javascript client gets the public key generated by the server (node-rsa), encrypts the message (jsencrypt) that the user has entered, sends it to the server and gets the server to decrypt it (node-rsa). The generation of the keys works, the encryption works however the decryption doesn't. When I start the node script I do the following for the encryption...

var NodeRSA = require('node-rsa');
var myDecrypter = new NodeRSA({b: 512});

When the client requests the key (I am using express) the following is ran.

app.get('/getPublicKey', function(req, res){
    var publicKeyJson = {"Key": ""};
    console.log(myDecrypter.exportKey('public'));
    publicKeyJson.Key = myDecrypter.exportKey('public');
    res.json(JSON.stringify(publicKeyJson));
});

The client then saves that key like this...

var myEncrypter = new JSEncrypt();
var myJson  = "";
$.getJSON( "getPublicKey", function( data ) {
    myJson = JSON.parse(data).Key;
        setKey();
});
function setKey() {
    myEncrypter.setPublicKey(myJson);
}

When I got to encrypt and send the message on the client I do this...

function messageEncrypt() {
    message = document.getElementById("message").value;
    var encrypted = myEncrypter.encrypt(message);
    myMessage = {"username": "", "userId": 0.0, "message": ""};
    myMessage.username = me.username;
    myMessage.userId = me.userId;
    myMessage.message = encrypted;
    console.log(encrypted);
    $.post("sendMessage", myMessage);
}

When the server receives a message this is what happens, this is where I get the errors.

app.post('/sendMessage', function(req, res){
    var message = req.body;
    var user = message.username;
    var id = message.userId;
    console.log("What a mess, " + user + " said " + message.message + " what on earth does that mean");
    //This line below errors
    var clearMessage = myDecrypter.decrypt(message.message, 'utf8');
    console.log(user + " said " + clearMessage);
});

The error I get is ...

Error: Error during decryption (probably incorrect key). Original error: Error: error:040A1079:rsa routines:RSA_padding_check_PKCS1_OAEP_mgf1:oaep decoding error
    at Error (native)
    at NodeRSA.module.exports.NodeRSA.$$decryptKey (/home/node_modules/node-rsa/src/NodeRSA.js:295:19)
    at NodeRSA.module.exports.NodeRSA.decrypt (/home/node_modules/node-rsa/src/NodeRSA.js:243:21)
    at /home/securechat/securechat.js:36:36
    at Layer.handle [as handle_request] (/home/node_modules/express/lib/router/layer.js:95:5)
    at next (/home/node_modules/express/lib/router/route.js:131:13)
    at Route.dispatch (/home/node_modules/express/lib/router/route.js:112:3)
    at Layer.handle [as handle_request] (/home/node_modules/express/lib/router/layer.js:95:5)
    at /home/node_modules/express/lib/router/index.js:277:22
    at Function.process_params (/home/node_modules/express/lib/router/index.js:330:12)

Here however is where it gets interesting, to get that error message above I had a private key of...

-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBAIhdx31QICGN1LKRW4WngeL3RtzPh7cEHmhFJB8m4bQUSTcSi4eg
sUvMeZkWyaF9gOxtZKzk5TI6q+8hg8TY6S8CAwEAAQJASds423cVH/c4NsqhXh8e
KvYwjBFeeNIjQegIq1KctbHmKNM5MMb4jnDqdY/S5XHHS22EGvLNheLgV8tlRjwG
UQIhANpNmbl215eOsGPJ0jqz1XPMBrO35V6I3P04kvr66R1JAiEAn+oL0jtAFETR
4PRfenye5MAu9US3V5MoDN8xUoEvKrcCIQDQT2ZWNNIrHAyzXB2QyJPxqInoqp1j
5QPDWl3ewtj5iQIgY3E1nKw/stsA8LTGUvMAFBv2l4r9wDXAaBC7KSUwYY0CIAj4
0gA9etDbPm3H/XDwK4WXs9mXkKroyxewkWoOoAw/
-----END RSA PRIVATE KEY-----

and the public key sent to the client was...

-----BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAIhdx31QICGN1LKRW4WngeL3RtzPh7cE
HmhFJB8m4bQUSTcSi4egsUvMeZkWyaF9gOxtZKzk5TI6q+8hg8TY6S8CAwEAAQ==
-----END PUBLIC KEY-----

The encrypted messages (stackoverflow) was ...

XDViV0InCSnpyBxbNu5Herut0JYSsp87buvhzM4g2f9z3khIx2zA8Ou0Uq0TtmqtvBBVtZi5wZbcS6em/vB78g==

The interesting thing is that when I used the demo on jsencrypt website and enter my private key as well as the encrypted message I get the correct decrypted message.

So my question is...

What am I doing wrong with my node-rsa decryption???

If you need anymore information/code please put it in the comments below.

Answer 1

To answer your question @Curious_Programmer be default node-rsa uses pkcs1_oaep for encryption and decryption while jsencrypt uses pkcs1. Thankfully node lets you change the encryptionScheme, what you need to do is add ...

myDecrypter.setOptions({encryptionScheme: 'pkcs1'});

under

var myDecrypter = new NodeRSA({b: 512});

and all will work like a charm, I hoped I helped you ;)

Answer 2

It seems that the ciphertext is a buffer, i.e. binary data. Then it is transported using JSON, which consists of text. You need to use a text encoding over the binary data to transport it over a text based interface.

---

Check the following definition of the encrypt method:

key.encrypt(buffer, [encoding], [source_encoding]);

with the reminder that the default is 'buffer' for [encoding].

So you should be using:

var encrypted = myEncrypter.encrypt(message, 'base64', 'utf-8');

where 'base64' is for the ciphertext encoding and 'utf-8' is for the plaintext encoding.

---

The decryption routine should automatically use base64 decoding of the ciphertext:

var clearMessage = myDecrypter.decrypt(message.message, 'utf8');

should be just fine.