I Used Crypto Package In Golang For Encryption Decryption and using GCM for that , so when i used same package in node js it can encrypt my document and decrypt that same document in node js , but when i tried to that node js encrypted document i can not decrypt that document in golang ,
it gives me error like this
“panic: crypto/cipher: incorrect nonce length given to GCM”
Node Js EncryptFunction Code
const crypto = require('crypto');
let secureKey = "755c3d6bea1da40ddd684c57a3b210331994ccf07c05f76ec4418cdf9b859e70"
let algorithm = "aes-256-gcm"
let ivBytes = 16
let doc = {
"firstName": "ABC",
"lastName": "xyz"
}
const encryption = function (doc) {
// Generate Random Initialization Vector.
let iv = crypto.randomBytes(ivBytes);
console.log("IV Bytes " + ivBytes)
// Creating the cipher from algo, key and iv
const cipher = crypto.createCipheriv(algorithm, Buffer.from(secureKey, 'hex'), iv);
console.log("Algoritham " + algorithm)
console.log("Algoritham " + secureKey)
// Updating the encrypted text...
let encrypted = cipher.update(doc, 'utf8', 'base64');
// Merge IV and Authentication Tag with Encrypted Data.
// We are using AES-256 GCM algorithm so it will generate Authentication Tag so we need to put this tag in encryption text.
encrypted += cipher.final('base64') + '.' + iv.toString('base64') + '.' + cipher.getAuthTag().toString('base64');
//return encrypted;
return encrypted;
};
Golang Decryption Code
package main
import (
"crypto/aes"
"crypto/cipher"
"encoding/base64"
"encoding/hex"
"fmt"
"strings"
)
func main() {
algorithm := "aes-256-gcm"
secureKey := "755c3d6bea1da40ddd684c57a3b210331994ccf07c05f76ec4418cdf9b859e70"
doc := "jRE0AIeruQBW0FlcCqZ1ohtdMX3/tWOvKPLTa+p5U6pmrV0O.55+hEW4Im3CQDtd3ckXlqg==.95ZM5fFDtiD5rrSTF9c4zw=="
decrypt(algorithm, secureKey, doc)
}
func decrypt(algorithm string, secureKey string, doc string) (string, error) {
data := strings.Split(doc, ".")
fmt.Println("Data:", data[0])
skey, err := hex.DecodeString(secureKey)
if err != nil {
fmt.Println("Securekey hex Decodestring Error")
panic(err)
}
iv, err := base64.StdEncoding.DecodeString(data[1])
if err != nil {
fmt.Println("iv base64 Decodestring error")
panic(err)
}
decipher := algorithm + string(skey) + string(iv)
fmt.Println(decipher)
authtag, err := base64.StdEncoding.DecodeString(data[2])
if err != nil {
fmt.Println("authtag base64 Decodestring error")
panic(err)
}
fmt.Println("IV Length:=", len(iv))
fmt.Println("Authentication Tag:=", authtag)
// Ensure the length of the IV is correct (12 bytes for AES GCM)
if len(iv) != 16 {
fmt.Println("IV length is incorrect")
panic("IV length is incorrect")
}
// Create the AES cipher block using the provided secureKey
block, err := aes.NewCipher(skey)
if err != nil {
fmt.Println("aes cipher block error")
panic(err)
}
fmt.Println("Block:=", block)
//iv1 := iv[:aes.BlockSize]
//iv = iv[aes.BlockSize:]
//stream := cipher.NewCFBDecrypter(block, iv1)
// XORKeyStream can work in-place if the two arguments are the same.
//stream.XORKeyStream(iv, iv)
// Create a new GCM instance using the AES cipher block
aesgcm, err := cipher.NewGCM(block)
if err != nil {
fmt.Println("aes GCM error")
panic(err)
}
//-------------------------Error Starts Here--------------------------------------------
fmt.Println("AESGCM", aesgcm)
// Decrypt the ciphertext using the GCM mode
plaintext, err := aesgcm.Open(nil, iv, []byte(data[0]), authtag)
if err != nil {
fmt.Println("aesgcm Opening Error")
panic(err)
}
return string(plaintext), nil
}