NodeJS crypto RSA, not compatible with PublicKey?

Hi all,

I’m having trouble trying to decrypt in Elixir (using ExCrypto - which is a only a wrapper around crypto and public_key) encrypted by NodeJS Crypto.

Here’s what works :

  • encrypt_public in NodeJS -> decrypt_private NodeJS (Works)
  • encrypt_public in Elixir -> decrypt_pricate in Elixir (Works)

But :

  • encrypt_public in NodeJS -> decrypt_private in Elixir (Does Not Work)

It seems that an encrypt_publicfrom Node, can’t be decrypted by a decrypt_private in Elixir.
I even tried the hard way directly with the Erlang module public_key, it gives me the same result.

Here’s what I tried :

var fs = require("fs")
var crypto = require("crypto")

var rsa_key = fs.readFileSync('./priv/public.key').toString()
var rsa_priv = fs.readFileSync('./priv/private.key').toString()
var buffer = Buffer.from("Hello world")
var encrypted_auth = crypto.publicEncrypt({key: rsa_key}, buffer)
console.log("copy/paste this in iex: ", encrypted_auth.toString("Base64"))
var crypted_buffer = Buffer.from(encrypted_auth)
var decrypted_auth = crypto.privateDecrypt({key: rsa_priv, passphrase: "my_pass_phrase"}, crypted_buffer)
console.log("--- Res: ", decrypted_auth.toString())

But as soon as you copy/paste the Base64 generated in Node Here’s what I get :

key = ExPublicKey.load!("./priv/private.key", "my_pass_phrase")
ExPublicKey.decrypt_private(cipher, key)

returns :error

I have suspected the rsa padding to be different, but it doesn’t seems to be that… Does anyone have a clue ?

This is just an assumption as I’m on mobile, but have you tried to decode the base64 first?

Yes, the Base64 is valid and the binary is equal to the one I can print on NodeJS

That’s not what I meant. I meant decoding it into a binary and then decrypt that.

I have done that when tried to use the :crypto module directly…
The ExPublicKey.decrypt_private function asks for a Base64 String (Apparently ?)

Ok, I found the issue.

Actually it was 2 incompatibility back to back.

The crypto is encoding the base64 not URL safe, while ExPublicKey default option is to set it to true for decoding…
The second one was the wrong rsa padding by default
Node is using : RSA_PKCS1_OAEP_PADDING

while Erlang crypto uses rsa_pkcs1_padding
Setting Node to RSA_PKCS1_PADDING

everything worked finally…

1 Like