Using same “Crypto” Module aes-256-gcm , base64 encoding and With IV = 16!!
decrypt document which was encrypted in Nodejs with IV=16 & setAuthTag Use key which was any 32 or 64 char long and to decrypt golang i used crypto/cipher , crypto/aes to decrypt encrypted document in Nodejs
I found solution.
package main
import (
"crypto/aes"
"crypto/cipher"
"encoding/base64"
"encoding/hex"
"fmt"
"strings"
)
const (
ivBytes = 16
algorithm = "aes-256-gcm"
secureKey = "<Your Secure Key>"
)
func main() {
doc := "<Your Encrypted String>"
decrypted, err := decrypt(doc)
if err != nil {
fmt.Println("Decryption error:", err)
return
}
fmt.Println("Encrypted text:", decrypted)
}
func decrypt(encrypted string) (string, error) {
// Split the encrypted string into ciphertext, IV, and authentication tag
data := strings.Split(encrypted, ".")
fmt.Println("Data[0]:", data[0])
fmt.Println("Data[1]:", data[1])
fmt.Println("Data[2]:", data[2])
if len(data) != 3 {
return "", fmt.Errorf("invalid encrypted string format")
}
// Decode base64 strings
ciphertext, err := base64.StdEncoding.DecodeString(data[0])
if err != nil {
return "", err
}
fmt.Println("CipherTextDecodeString:=", ciphertext)
iv, err := base64.StdEncoding.DecodeString(data[1])
if err != nil {
return "", err
}
fmt.Println("Length IV=", len(iv))
fmt.Println("IV values=", iv)
authTag, err := base64.StdEncoding.DecodeString(data[2])
if err != nil {
return "", err
}
fmt.Println("authTag values=", authTag)
//Use this to getAuthTag which is setAuthTag Method setting AuthTag in NodeJs
ciphertext = append(ciphertext, authTag...)
// Decode the secure key from hex
key, err := hex.DecodeString(secureKey)
if err != nil {
return "", err
}
fmt.Println("key values=", key)
// Create the AES cipher block using the decoded key
block, err := aes.NewCipher(key)
if err != nil {
return "", err
}
fmt.Println("block values=", key)
aesgcm, err := cipher.NewGCMWithNonceSize(block, ivBytes)//using this when you have IV=16 size or you can use cipher.NewGCM() when IV=12 size
if err != nil {
return "", err
}
fmt.Println(aesgcm)
// Decrypt the ciphertext using the GCM mode
plaintext, err := aesgcm.Open(nil, iv, ciphertext, nil)
if err != nil {
return "", fmt.Errorf("decryption failed: %v", err)
}
return string(plaintext), nil
Here’s the Golang code to decrypt the document, assuming you have the ciphertext, key, IV, and authentication tag:
`Gopackage main
import (
“crypto/aes”
“crypto/cipher”
“encoding/base64”
“fmt”
)
func main() {
// Ciphertext, key, IV, and authentication tag (base64-encoded strings)
ciphertextB64 := “your_ciphertext_base64”
keyB64 := “your_key_base64”
ivB64 := “your_iv_base64”
authTagB64 := “your_auth_tag_base64”
// Decode base64 strings
ciphertext, _ := base64.StdEncoding.DecodeString(ciphertextB64)
key, _ := base64.StdEncoding.DecodeString(keyB64)
iv, _ := base64.StdEncoding.DecodeString(ivB64)
authTag, _ := base64.StdEncoding.DecodeString(authTagB64)
// Create a new cipher block
block, err := aes.NewCipher(key)
if err != nil {
// Handle error
fmt.Println("Error creating cipher:", err)
return
}
// Create a GCM cipher
aesgcm, err := cipher.NewGCM(block)
if err != nil {
// Handle error
fmt.Println("Error creating GCM:", err)
return
}
// Decrypt the ciphertext
plaintext, err := aesgcm.Open(nil, iv, ciphertext, authTag)
if err != nil {
// Handle decryption error
fmt.Println("Decryption failed:", err)
return
}
// Print the decrypted plaintext
fmt.Println("Decrypted plaintext:", string(plaintext))
}`
Use code with caution. Learn more
content_copy
Remember:
- Replace placeholders with actual base64-encoded values for ciphertext, key, IV, and authentication tag.
- Handle potential errors gracefully.
- Ensure compatibility between Node.js and Golang encryption implementations.
- Use secure key and IV handling practices.
1 Like