On 3/11/20 5:46 PM, AC Gomez wrote:
> I'm trying to encrypt/decrypt between javascript and postgresql.
>
> I'm using this:
> https://gist.github.com/vlucas/2bd40f62d20c1d49237a109d491974eb algorithm to
> encrypt my text, and then in PostgreSQL I use PGCRYPTO.decrypt_iv to
> decrypt the text.
>
> I pass in 'ThisISMySign' to the Encrypt function.
>
> Encrypted string returned from
> above: "fc9a03cbc8a57d4061570575f197c29c:a319a4bf354516f392ba96a895478af6"
A quick walk through the JS code found:
...
let decipher = crypto.createDecipheriv('aes-256-cbc',
Buffer.from(ENCRYPTION_KEY), iv);
let decrypted = decipher.update(encryptedText);
decrypted = Buffer.concat([decrypted, decipher.final()]);
return decrypted.toString();
where
const ENCRYPTION_KEY = process.env.ENCRYPTION_KEY;
Pretty sure the below does not have access to the above.
>
> I have to remove the colon to get something out...and so this:
>
> select
> decrypt_iv(decode('fc9a03cbc8a57d4061570575f197c29ca319a4bf354516f392ba96a895478af6','hex')::bytea,
> 'sKCx49VgtHZ59bJOTLcU0Gr06ogUnDJi'::bytea, 'null'::bytea,
> 'aes-cbc/pad:pkcs');
>
> Gives me this: 6 á¶ðÒÿÆÛÏBSïÅThisISMySign
In my instance(12.1) I get:
decrypt_iv
------------------------------------------------------------
\x36df9ec98ff4ad80b9a4b0425390baed5468697349534d795369676e
>
> "ThisISMySign" was the original string. So I'm getting the right result
> in half of the decrypted string.
>
> The paremeter after the key, 3rd parameter, it can be any string. That
> just changes the first part of the output, the garbage part.
>
> In decrypt_iv I tried using the encryption algorithm name in the
> javascript used to encrypt, but that gets me nowhere.
>
> I cannot see what i'm missing here.
>
> Thanks
--
Adrian Klaver
adrian.klaver@aklaver.com