Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using node-jose, how do I decrypt the data I just encrypted?

I am trying to implement simple JOSE encrypt and decrypt functions using node-jose.

My code is as follows (written using Node 8.2.1)

const { JWE } = require('node-jose');

const jose = (publicKey, privateKey) => {
  async function encrypt(raw) {
    if (!raw) throw new Error('Missing raw data.')
    const buffer = new Buffer(JSON.stringify(raw));
    return JWE.createEncrypt(publicKey).update(buffer).final();
  }

  async function decrypt(encrypted) {
    if (!encrypted) throw new Error('Missing encrypted data.')
    const buffer = new Buffer(JSON.stringify(encrypted));
    return JWE.createDecrypt(privateKey).decrypt(buffer);
  }

  return { encrypt, decrypt }
}

module.exports = jose;

I generate an RSA keypair using generate-rsa-keypair.

So testing via this code the encryption side of things works fine

const { JWK } = require('node-jose');
const keygen = require('generate-rsa-keypair');
const jose = require('./src/utils/jose');

const rawKeys = keygen();

const makeKey = pem => JWK.asKey(pem, 'pem');

async function start() {
  const publicKey = await makeKey(rawKeys.public)
  const privateKey = await makeKey(rawKeys.private)

  const raw = {
    iss: 'test',
    exp: new Date().getTime() + 3600,
    sub: {
      test: 'This is a test',
    },
  };

  const { encrypt, decrypt } = jose(publicKey, privateKey);

  return encrypt(raw).then(encrypted => decrypt(encrypted));
}

return start().then((result) => {
  console.log('decrypted', result)
}, (err) => {
  console.error(err);
});

the encrypted result is

{
  recipients: [ { encrypted_key: 'ciNiK6Unq30zCAXxIl2Dx9b8bZAi79qbpL1yUCwTFnSghFLrIZ11_D2ozt5on3r3ThUu96oDLZPcNShbqWPMV49NvQAsSNGdemhgzmTt3Lf3rJn1YiqvJvqf5NIXdmzjdoEZi-d9224mGpZGVKtIIFeT6-0hYgm5zNqq_aF_X2jy5IiF-mAGspNdXIk_KXPrTVbnU-XL9J5aAoG2Lp51Te1WzGA4Fjg4Ve5ZTzH6TLlQ5R5Ob_14liK-INrSi3armwXrtMgJcTmI_4oBtORtZp8AjaXzecFO_GzifvRVCSKx2vmpy9KaECpskMhZBHVx9RX9cvGKh7hq3Y7vsUucZw' } ],
  protected: 'eyJhbGciOiJSU0EtT0FFUCIsImtpZCI6IldLWS1ONDRXM2RnanA4U2ZxSlp3TldqV3AzUG1XZ29UczhjRDh3eWNSUWciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0',
  iv: 'wvqir2ewtQPfDHQtzl6IUg',
  ciphertext: 'ZwIrL_3739LI17rh3gWDUA6lXIL7ewkSh54FO_RwumC0qh9B0DcAr8RyXsfPbW19cV4u7SbZNSRP6B8qNOTy-2iENlqBISfE_kolDt8g5sg',
  tag: 'z8nwrJfRgOi1hYMBI9lGeQ'
}

but when I try to decrypt that I get

Error: no key found
  at processKey (node_modules/node-jose/lib/jwe/decrypt.js:157:22)

There are very few examples of using node-jose so I am unsure of the following

  1. I am assuming I ought to be decrypting with the private key. But that's just an assumption. None of the examples show use of public/private key pairs, just a single key.
  2. I'm assuming that the results of the encryption can just be strringified and turned into a buffer and passed into decrypt but perhaps that's not the case.

How does this really work?

like image 525
Dave Sag Avatar asked Aug 03 '17 04:08

Dave Sag


People also ask

How do you encrypt data in node JS?

You use symmetric encryption if you encrypt and decrypt data using the same key. Asymmetric encryption is used if different keys are used for encryption and decryption. To protect data in Node. js applications, you have to store the hashed passwords in the database.


1 Answers

  1. When using public/private key pairs, the private key is used to decrypt and the public key is used to encrypt.

  2. The input to JWEDecrypter.decrypt() is the promised output from JWEEncrypter.final().

Change your decrypt function to:

async function decrypt(encrypted) {
  if (!encrypted) throw new Error('Missing encrypted data.')
  return JWE.createDecrypt(privateKey).decrypt(encrypted);
}
like image 54
Matthew A. Miller Avatar answered Sep 21 '22 04:09

Matthew A. Miller