Javascript/NodeJS equivalent code for the Java code Cipher.doFinal(byte[])?

Question

I am migrating some server-side Java code to a new NodeJS server. I am looking for an equivalent method call in Javascript to Java's Cipher.doFinal(byte[]) Note that I can't use NodeJS Buffers because they don't support negative Byte values. So to do my encryption, I'll need a method that accepts an array of positive and negative numbers.

Here's all of what I currently have that is related to this problem:

Node JS / Javascript:
var crypto = require('crypto'); var cipher = crypto.createCipher('aes256',key);

Java (javax.crypto.Cipher):

Cipher cipher;
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
try {
    cipher = Cipher.getInstance("AES");
} catch (NoSuchAlgorithmException e) {
} catch (NoSuchPaddingException e) {
}try {
      cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
} catch (InvalidKeyException e) {
}

later in the Java code, I call this method where Iv represents Initialization Vector: byte[] newIv = cipher.doFinal(myIv);

How can I get the same result in JavaScript as I do in the doFinal Java method?

Answer 1

Byte handling

You can use NodeJS buffers. The byte arrays in Java may just consist of signed bytes, but those bytes are not handled any differently from unsigned bytes. Only the value of the actual bits matter. If you need to treat bytes directly, it is often best to use hexadecimals instead. You can convert to an positive integer value by performing b & 0xFF and you can do the opposite by performing (byte) b .

You could of course also do something similar in NodeJS to make NodeJS handle signed numbers, but it is common to treat keys, IV's etc. as unsigned.

Cipher selection

Now for the Java AES encryption, you are using the unsafe "AES/ /PKCS5Padding" mode, as the Oracle Java JCE provider defaults to ECB mode of encryption and PKCS#7 padding (incorrectly named "PKCS5Padding" by Java). /PKCS5Padding"模式，因为Oracle Java JCE提供程序默认为ECB加密模式和PKCS＃7填充（Java不正确地命名为"PKCS5Padding" ）。 ECB does not use an IV, so you can ignore the value of the IV. Strangely enough, you do have to use crypto.createCipheriv(algorithm, key, iv) as the crypto.createCipher(algorithm, password) uses a password instead of a key. Of course you should also use algorithm "AES-256-ECB" for NodeJS/OpenSSL - if your key is indeed 256 bits in size.

Answer 2

Turns out you can place an empty IV as follows:

var cipher = require('crypto').createCipheriv('aes-256'ecb', key, '');

As for the replacement method, simply store your old IV temporarily as a new IV and then attempt to update that new IV using the old one. Here's how it would look like in NodeJS using some of the above code on Initialization Vectors created as buffers:
var newIV = oldIV.slice(); newIV = cipher.update(newIV); oldIV = newIV;