DEV Community

San
San

Posted on

How to encrypt a text using Python (key and text) and decrypt that cipher in JavaScript using the same key.

Here's an example of how to encrypt a text using Python and decrypt it using JavaScript using the same key.

First, let's write the encryption function in Python:

import base64
from Crypto.Cipher import AES

def encrypt(key, text):
    cipher = AES.new(key.encode(), AES.MODE_ECB)
    text = text.encode()
    while len(text) % 16 != 0:
        text += b' '
    encrypted_text = cipher.encrypt(text)
    return base64.b64encode(encrypted_text).decode()

Enter fullscreen mode Exit fullscreen mode

This function uses the PyCryptodome library to perform AES encryption in ECB mode. It takes in a key and a text to encrypt, and returns the encrypted text in base64-encoded format.

Now, let's write the decryption function in JavaScript:

function decrypt(key, encrypted_text) {
    var decipher = crypto.createDecipheriv('aes-256-ecb', key, '');
    var decrypted_text = decipher.update(encrypted_text, 'base64', 'utf8');
    decrypted_text += decipher.final('utf8');
    return decrypted_text;
}
Enter fullscreen mode Exit fullscreen mode

This function uses the built-in crypto module in Node.js to perform AES decryption in ECB mode. It takes in a key and the encrypted text (in base64-encoded format), and returns the decrypted text.

Note that we need to use the same key and mode of operation (ECB) in both the Python and JavaScript functions.

Here's an example usage:
In python:

key = 'mysecretkey'
text = 'Hello, world!'
encrypted_text = encrypt(key, text)
print(encrypted_text)

Enter fullscreen mode Exit fullscreen mode

In javascript:

var key = 'mysecretkey';
var encrypted_text = 'ryd7yQJ4h8gkSYJxKxHqKA==';
var decrypted_text = decrypt(key, encrypted_text);
console.log(decrypted_text);
Enter fullscreen mode Exit fullscreen mode

This should output Hello, world! in both Python and JavaScript.

Note that ECB mode is generally not considered secure for encryption, as it can leak information about the plaintext. It's better to use a more secure mode like CBC or GCM.

Let us now try the same problem using one of the more secure ways. Here's an example using AES in CBC mode with PKCS7 padding in Python and Node.js:

Python Encryption:

import base64
from Crypto.Cipher import AES
from Crypto.Util.Padding import pad

def encrypt(key, text):
    iv = b'\x00' * 16 # initialization vector, must be random for real-world use
    cipher = AES.new(key.encode(), AES.MODE_CBC, iv)
    text = text.encode()
    padded_text = pad(text, AES.block_size, style='pkcs7')
    encrypted_text = cipher.encrypt(padded_text)
    return base64.b64encode(iv + encrypted_text).decode()

Enter fullscreen mode Exit fullscreen mode

JavaScript decryption:

const crypto = require('crypto');

function decrypt(key, encrypted_text) {
    const encrypted_bytes = Buffer.from(encrypted_text, 'base64');
    const iv = encrypted_bytes.slice(0, 16);
    const ciphertext = encrypted_bytes.slice(16);
    const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv);
    decipher.setAutoPadding(false); // disable automatic padding
    const decrypted_text = decipher.update(ciphertext);
    const unpadded_text = Buffer.concat([decrypted_text, decipher.final()]);
    return unpadded_text.toString('utf8');
}
Enter fullscreen mode Exit fullscreen mode

Here, we use AES in CBC mode with a random initialization vector (IV) for each encryption. We also use PKCS7 padding, which is a commonly used padding scheme that ensures that the plaintext is a multiple of the block size before encryption. In addition, we disable automatic padding in the JavaScript decryption function, since we need to handle padding manually.

Here's an example usage:
python version:

key = 'mysecretkey'
text = 'Hello, world!'
encrypted_text = encrypt(key, text)
print(encrypted_text)
Enter fullscreen mode Exit fullscreen mode

JavaScript version:

const key = 'mysecretkey';
const encrypted_text = 'WwOzn2/Cyaa1/Hpnv2PrMhB6g0m6o9PbyiG4z4HiW0w=';
const decrypted_text = decrypt(key, encrypted_text);
console.log(decrypted_text);
Enter fullscreen mode Exit fullscreen mode

This should output Hello, world! in both Python and JavaScript.

Note that the key should always be kept secret and should be shared securely between the encrypting and decrypting parties. In addition, the IV should be random for each encryption to ensure security.

In this article, we demonstrated how to encrypt a text using Python with AES encryption in CBC mode and PKCS7 padding, and how to decrypt the encrypted text using JavaScript with the same key. The Python function used the PyCryptodome library for AES encryption, while the JavaScript function used the built-in crypto module in Node.js.

We also discussed the importance of using a secure encryption mode like CBC and using a random initialization vector (IV) for each encryption to ensure security. Finally, we highlighted that the key should always be kept secret and shared securely between the encrypting and decrypting parties.

Top comments (0)