Encrypt/Decrypt Data between Python 3 and JavaScript (AES algorithm)
This storie was referenced in a work of the University of Barcelona : “Wordle Crypto: Una aplicacicio Web3” by Jordi Bonet Valiente. You can check the paper here:
Python part of encrypting/decrypting
First of all choosing a Python encryption library
There is various encryption library for python. You can check it here
I choose PyCryptodome which is well documented and supports Python 2.7, Python 3.5 and newer, and PyPy. Just for information PyCrypto is no more maintened, so would not recommend using it.
Installing PyCryptodome:
pip install pycryptodomeAfter that we can test an encryption to check if everything is OK!
Importing the necessary libraries in our test.py file:
import base64
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad,unpad
from Crypto.Random import get_random_bytes #only for AES CBC modeIn our case we gonna work with this 2 modes: AES ECB and CBC mode. The first one ECB mode is interessant for som case use where you cannot send the intialization Vector(IV) to the JavaScript code (even if its possible to put it in the header of a post HTTP request) I do not recommend using AES ECB for production. Over the net use CBC. But that not the purpose of this post if you want to learn more about cryptografy there a lot of good text on the web.
we gonna make an AES128 encryption. 128-bit keys are sufficient to ensure a good security, but is up to you to choose an AES192 or AES256.
AES ECB MODE
Encryption and decryption AES128 ECB mode in Python
Output:
python test.py>>encrypted ECB Base64: gfp6wzvTH3lN5TO2B37yWQ==
>>data: I love Medium
We have now a base 64 string that can be passed to JavaScript
For the AES CBC mode we just have one diference the IV ( Initialization Vector) which should be 128 bits pr 16 char too. We can use a fix IV or random IV. That’s up to you the random is more secure both should be passed to the Javascript for decryption.
AES CBC MODE
Encryption and decryption AES128 CBC mode in Python with Fix IV
Output:
python test.py>>encrypted CBC base64 : VEX7Eequ5TM9+jlgrwnkNw==
>>data: I love Medium
Encryption and decryption AES128 CBC mode in Python with random IV
for this one we gonna import get_random_bytes from Crypto to generate the 128 bits IV.
Output:
python test.py>>random IV : HlR8EJsTuXi9hFx8GINO5A==
>>encrypted CBC base64 : CyL3j8VSHrGPBcujlo4b4Q==
>>data: I love Medium
OK everything fine with Python.
You can test it live here:
As you see all bytesdata are transformed in base64 for an easy manipulation.
Now we can see how we can decrypt thes datas with Javascript!
JavaScript part of encrypting/decrypting
JavaScript encryption library
lets decode it in javascript!
I used crypto-js true CDN in our .html file.
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js"></script>From python we got various base64 string for all of our 3 cases:
For the ECB encryption we get :
gfp6wzvTH3lN5TO2B37yWQ==Output in the developper console:
test.html>>I love Medium
For the CBC encryption we get :
random IV : l5I5Toqn5RoX0JfTLQB9Pw==
encrypted CBC base64 : uJrS9Zp1R5WjOEUkSK9clQ==Output in the developper console:
test.html>>I love Medium
Just comment the PYTHON FIX IV ENCRYPTION AND PYTHON FIX IV and uncomment the //PYTHON RANDOM IV ENCRYPTION AND PYTHON RANDOM IV to test the random solution :
//PYTHON FIX IV ENCRYPTION AND PYTHON FIX IV
//var Base64CBC ='VEX7Eequ5TM9+jlgrwnkNw==';
//var iv = CryptoJS.enc.Utf8.parse('BBBBBBBBBBBBBBBB');//PYTHON RANDOM IV ENCRYPTION AND PYTHON RANDOM IV
var Base64CBC ='uJrS9Zp1R5WjOEUkSK9clQ==';
var iv = CryptoJS.enc.Base64.parse('l5I5Toqn5RoX0JfTLQB9Pw==');
To encrypt in Javascript:
output :
VEX7Eequ5TM9+jlgrwnkNw== same output as our python CBC with fix iv
Txi+ue8bqPCHrcVORbiSrg== not the same. We generate random iV in JS
gfp6wzvTH3lN5TO2B37yWQ== same output as our python ECBTo answer Annisa Urahmi for the AES-GCM method:
Python Code to encrypt AES-GCM:
Javascript code to decrypt the message encoded in Python AES-GCM :
Thats it!!!
