CharlesO

CharlesO

Need help with basic crypto in Erlang/Elixir: Decryption Error: Failed to decrypt:

I have been battling with some code:

I have 2 variants I have been testing:

  def ds4 do
    try do
      private_key_pem = File.read!("priv/flows/private_unencrypted.pem")

      # Decode PEM key explicitly
      private_key_entry = :public_key.pem_decode(private_key_pem) |> hd()
      IO.inspect(private_key_entry, label: "Private Key Entry")

      # Correctly decode the private key
      case private_key_entry do
        {:RSAPrivateKey, rsa_key} ->
          IO.inspect(rsa_key, label: "RSA Private Key Structure")

          # Decrypt AES key
          encrypted_aes_key =
            Base.decode64!(
              "i/j13zUEy37M00eFJYchyIyk+HIlmLs8X6gmJLO9UfiljUmQCX1kYVPYfVRbS+5moWKtkIc0K/KG59CObmT8sMbhSXFEbnCKL7bbLka80NC5lqoill4LKrAtOaWJ/Zxbw7YjWS1+zinkIZZCbJ0OGZjH24XVgx3pVx5PYK53JDSYt6kUo1Kt15uc5M7zne1/T46c5YCw2BnSGDvXX+74W7T8xo+dTl6krOzFGuxNXFOYtG3coFK3Ad4eteMIhlsxpoRjFggfIWv9VuA7TT9AOQ9mdF2juN98Hu0hm3kSi5IHHGagTq+UwrspnMl76kw+GZXinjQNSI2ZV8yYYHxQ=="
            )

          decrypted_aes_key =
            :crypto.private_decrypt(:rsa, encrypted_aes_key, rsa_key,
              rsa_padding: :rsa_pkcs1_oaep_padding,
              oaep_hash: :sha256
            )

          IO.inspect(decrypted_aes_key, label: "Decrypted AES Key")
          decrypted_aes_key

        other ->
          IO.inspect(other, label: "Unexpected Private Key Structure")
          {:error, :unexpected_private_key_structure}
      end
    rescue
      e ->
        IO.inspect("Failed to decrypt: #{inspect({e, __STACKTRACE__})}",
          label: "Decryption Error"
        )

        {:error, e}
    end
  end

  def ds5 do
    try do
      private_key_pem = File.read!("priv/flows/private_unencrypted.pem")

      # Remove PEM headers and decode base64
      private_key_der =
        private_key_pem
        |> String.replace(~r/-----BEGIN RSA PRIVATE KEY-----/, "")
        |> String.replace(~r/-----END RSA PRIVATE KEY-----/, "")
        |> Base.decode64!()

      # Decode DER-encoded private key
      {:Ok, private_key, _} = :public_key.der_decode(private_key_der, :RSAPrivateKey)

      IO.inspect(private_key, label: "RSA Private Key Structure")

      m = %{
        encrypted_aes_key:
          "i/j13zUEy37M00eFJYchyIyk+HIlmLs8X6gmJLO9UfiljUmQCX1kYVPYfVRbS+5moWKtkIc0K/KG59CObmT8sMbhSXFEbnCKL7bbLka80NC5lqoill4LKrAtOaWJ/Zxbw7YjWS1+zinkIZZCbJ0OGZjH24XVgx3pVx5PYK53JDSYt6T6kUo1Kt15uc5M7zne1/T46c5YCw2BnSGDvXX+74W7T8xo+dTl6krOzFGuxNXFOYtG3coFK3Ad4eteMIhlsxpoRjFggfIWv9VuA7TT9AOQ9mdF2juN98Hu0hm3kSi5IHHGagTq+UwrspnMl76kw+GZXinjQNSI2ZV8yYYHxQ==",
        encrypted_flow_data:
          "esYLI3l/ZREnkg3EDoipH/TeF8fL6goV1GELcV/Jv+WWVkB/5JcJ5NRoFzfnDZrTKA==",
        initial_vector: "65SPDGDmgHlG4MiRzy5abQ=="
      }

      # Decrypt AES key
      encrypted_aes_key = Base.decode64!(m.encrypted_aes_key)

      decrypted_aes_key =
        :crypto.private_decrypt(:rsa, encrypted_aes_key, private_key,
          rsa_padding: :rsa_pkcs1_oaep_padding,
          oaep_hash: :sha256
        )

      IO.inspect(decrypted_aes_key, label: "Decrypted AES Key")
      decrypted_aes_key
    rescue
      e ->
        IO.inspect("Failed to decrypt: #{inspect({e, __STACKTRACE__})}",
          label: "Decryption Error"
        )

        {:error, e}
    end
  end

I’m at a loss for the errors I keep getting:

 FL.ds4
Private Key Entry: {:PrivateKeyInfo,
 <<48, 130, 4, 190, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1,
   5, 0, 4, 130, 4, 168, 48, 130, 4, 164, 2, 1, 0, 2, 130, 1, 1, 0, 162, 144,
   53, 31, 174, 226, 155, 127, 205, 227, ...>>, :not_encrypted}
Unexpected Private Key Structure: {:PrivateKeyInfo,
 <<48, 130, 4, 190, 2, 1, 0, 48, 13, 6, 9, 42, 134, 72, 134, 247, 13, 1, 1, 1,
   5, 0, 4, 130, 4, 168, 48, 130, 4, 164, 2, 1, 0, 2, 130, 1, 1, 0, 162, 144,
   53, 31, 174, 226, 155, 127, 205, 227, ...>>, :not_encrypted}
{:error, :unexpected_private_key_structure}
15:36:33.174 DB "get_inactive_agents"
15:36:33.193 DB "summarize_1"
15:36:33.227 DB "summarize_2"
15:36:33.423 {:sse, "stats-refresh"}
 FL.ds5
Decryption Error: "Failed to decrypt: {%ArgumentError{message: \"non-alphabet character found: \\\"-\\\" (byte 45)\"}, [{Base, :bad_character!, 1, [file: ~c\"lib/base.ex\", line: 137]}, {Base, :\"-decode64base!/2-lbc$^0/2-0-\", 2, [file: ~c\"lib/base.ex\", line: 642]}, {Base, :decode64base!, 2, [file: ~c\"lib/base.ex\", line: 640]}, {FL, :ds5, 0, [file: ~c\"lib/chatflow/fl.ex\", line: 222]}, {:elixir, :eval_external_handler, 3, [file: ~c\"src/elixir.erl\", line: 386]}, {:erl_eval, :do_apply, 7, [file: ~c\"erl_eval.erl\", line: 750]}, {:elixir, :eval_forms, 4, [file: ~c\"src/elixir.erl\", line: 364]}, {Module.ParallelChecker, :verify, 1, [file: ~c\"lib/module/parallel_checker.ex\", line: 112]}]}"
{:error, %ArgumentError{message: "non-alphabet character found: \"-\" (byte 45)"}}

Any help and insight would be appreciated :palms_up_together:

Also, i have updated the question to include the requirements from META:

Implementing Endpoints for Flows - WhatsApp Flows (facebook.com)

Request Decryption and Encryption
The incoming request body is encrypted, you need to decrypt it first, then you need to encrypt the server response before returning it to the client.

You can find code examples of decryption/encryption in various programming languages in the Code Examples section.

For data_api_version “3.0” you should follow below instructions to decrypt request payload:

extract payload encryption key from encrypted_aes_key field:
decode base64-encoded field content to byte array;
decrypt resulting byte array with the private key corresponding to the uploaded public key using RSA/ECB/OAEPWithSHA-256AndMGF1Padding algorithm with SHA256 as a hash function for MGF1;
as a result, you’ll get a 128-bit payload encryption key.
decrypt request payload from encrypted_flow_data field:
decode base64-encoded field content to get encrypted byte array;
decrypt encrypted byte array using AES-GCM algorithm, payload encryption key and initialization vector passed in initial_vector field (which is base64-encoded as well and should be decoded first). Note that the 128-bit authentication tag for the AES-GCM algorithm is appended to the end of the encrypted array.
result of above step is UTF-8 encoded clear request payload.
For data_api_version “3.0” you should follow below instructions to encrypt the response:

encode response payload string to response byte array using UTF-8;
prepare initialization vector for response encryption by inverting all bits of the initialization vector used for request payload encryption;
encrypt response byte array using AES-GCM algorithm with the following parameters:
secret key - payload encryption key from request decryption stage;
initialization vector for response encryption from above step;
empty AAD (additional authentication data) - many libraries assume this by default, check the documentation of the library in use;
128-bit (16 byte) length for authentication tag - many libraries assume this by default, check the documentation of the library in use;
append authentication tag generated during encryption to the end of the encryption result;
encode the whole output as base64 string and send it in the HTTP response body as plain text.

Marked As Solved

CharlesO

CharlesO

I eventually used NodeJS : {:nodejs, "~> 2.0"} to call the encryption.js file provided in Meta’s examples.

works like a charm!

Also Liked

cmkarlsson

cmkarlsson

Assuming this: https://developers.facebook.com/docs/whatsapp/flows/guides/implementingyourflowendpoint/#request-decryption-and-encryption is the original instructions, it says:

using RSA/ECB/OAEPWithSHA-256AndMGF1Padding algorithm with SHA256 as a hash function for MGF1; being the important part in this case.

private_decrypt defaults to RSA PCKS1 padding (which should no longer be used as it is not secure)

I’m not sure erlang crypto module supports RSA/ECB/OAEPWIthSHA-256andMGF1Padding mode.

You can try with:
:public_key.decrypt_private(cipher, key, [rsa_padding: :rsa_pkcs1_oaep_padding]) but I am pretty sure that uses SHA1 instead of SHA256.

In addition public_key:decrypt_private2/3 and the equivalent in crypto module are deprecated. I have not found what they are replaced with though. It seems that the original intent was not for encrypt/decrypt but for signing and verification. The docs suggest that they have been replaced with :public_key.sign/verify which will not help you much.

Might give you additional options to try.

We used erlang for a crypto heavy application but we used a port (Ports — Erlang System Documentation v29.0.2) to do all the asymmetric crypto operations rather than the built-in and it performed very well with stable latency compared to our java and golang equivalent apps.

voltone

voltone

If you want to use :public_key to decode PEM-encoded keys you need to use :public_key.pem_entry_decode/1 on the data returned by :public_key.pem_decode/1.

If you want to extract the DER entry from the PEM yourself you’re going to have to do a bit more work to remove extra whitespace (e.g. newlines).

P.S. you can save yourself a lot of trouble by using x509:slight_smile:

D4no0

D4no0

Cryptography stuff from scratch is very hard, even if you know the theory, you might still fail to implement it correctly.

If there isn’t a ready solution available, I would always consider first using Ports or another mechanism to borrow the implementation from another ecosystem, as I’ve fallen myself into this trap of spending countless days debugging myself.

Where Next?

Popular in Questions Top

chokchit
** (DBConnection.ConnectionError) connection not available and request was dropped from queue after 2733ms. You can configure how long re...
New
gshaw
What is the idiomatic way of matching for not nil in Elixir? E.g., First way: defp halt_if_not_signed_in(conn, signed_in_account) when...
New
shahryarjb
Hello, I get Persian date from my client and convert it to normal calendar like this: def jalali_string_to_miladi_english_number(persi...
New
alice
Hey, Just curious what are the main benefits of Elixir compared to Clojure? When is Elixir more useful than Clojure and vice versa? Th...
New
RisingFromAshes
I’ve read in another post that it may be possible with a router helper - but I couldn’t find an appropriate one, and tbh, I’m still just ...
New
sergio_101
I am VERY much an elixir newbie. I have taken one elixir course and one phoenix course on Udemy. During that course, I saw the instructor...
New
fayddelight
I tried installing elixir 1.11.2 erlang 23.3.4 via asdf in my zsh shell. Enabled the versions locally and globally. When I list them ...
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New

Other popular topics Top

malloryerik
Hi, this is for people who, like me, have had some friction using .html.heex templates in VSCode. The solution seems to be, in a hyphena...
New
vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
dokuzbir
I want to highlight html closing tags when i click a html tag. That works in .html files but doesnt work for html.eex templates. How can...
New
sergio_101
I am VERY much an elixir newbie. I have taken one elixir course and one phoenix course on Udemy. During that course, I saw the instructor...
New
fayddelight
I tried installing elixir 1.11.2 erlang 23.3.4 via asdf in my zsh shell. Enabled the versions locally and globally. When I list them ...
New
shijith.k
I am trying to start a new phoenix project with elixir 1.9, but mix phx.new does not work. It says that ** (Mix) The task "phx.new" could...
New
axelson
This post is a wiki (feel free to hit the edit button near the bottom right of this post to add your own changes!) This post collects co...
239 47930 226
New
joaquinalcerro
Hi there, I am working with Ecto-Postgresql and I need to call all of the records from a specific table but the table has 40,000 records...
New
Qqwy
Update: How to use the Blogs &amp; Podcasts section You can post links to your blog posts or podcasts either in one of the Official Blog...
3271 126479 1222
New

We're in Beta

About us Mission Statement