ly
ly12mo ago

bad resource id with node:crypto

function test() {
  const key = randomBytes(32);
  const iv = randomBytes(16);
  const cipher = createCipheriv("aes-256-cbc", key, iv);
  const decipher = createDecipheriv("aes-256-cbc", key, iv);
  const data = "Hello World";
  const encrypted =
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
  const decrypted =
    decipher.update(encrypted, "base64", "utf8") + decipher.final("utf8");
  console.dir({ data, encrypted, decrypted });
}

test();
function test() {
  const key = randomBytes(32);
  const iv = randomBytes(16);
  const cipher = createCipheriv("aes-256-cbc", key, iv);
  const decipher = createDecipheriv("aes-256-cbc", key, iv);
  const data = "Hello World";
  const encrypted =
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
  const decrypted =
    decipher.update(encrypted, "base64", "utf8") + decipher.final("utf8");
  console.dir({ data, encrypted, decrypted });
}

test();
error: Uncaught BadResource: Bad resource ID
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
                                                   ^
    at Cipheriv.final (ext:deno_node/internal/crypto/cipher.ts:35:13)
error: Uncaught BadResource: Bad resource ID
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
                                                   ^
    at Cipheriv.final (ext:deno_node/internal/crypto/cipher.ts:35:13)
8 Replies
ly
ly12mo ago
Any idea’s 😅
pyrote
pyrote12mo ago
It looks like its a bug/unfinished feature in Deno's node:crypto implementation. If you change your code to use 'aes-128-cbc' and the key to randomBytes(16) it will run. Can you use Deno's native crypto.subtle encryption/decryption?
ly
ly12mo ago
If I figure out how to translate it then yea
pyrote
pyrote12mo ago
crypto.subtle isn't quite as user friendly since you have to handle all the Buffer conversions yourself. Here's an example of your original code rewritten with crypto.subtle. 
import {
  decode as base64Decode,
  encode as base64Encode,
} from "https://deno.land/std/encoding/base64.ts";

const text_decode = (d) => new TextDecoder().decode(new Uint8Array(d));
const text_encode = (e) => new TextEncoder().encode(e);

async function test() {
  const key = await crypto.subtle.generateKey(
    {
      name: "AES-CBC",
      length: 256,
    },
    false,
    [
      "encrypt",
      "decrypt",
    ],
  );

  const iv = await crypto.getRandomValues(new Uint8Array(16));
  const data = "Hello World";
  const encoded = text_encode(data);

  const encrypted = await crypto.subtle.encrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    encoded,
  ).then((buffer) => base64Encode(buffer)).catch((err) => {
    throw new Error(`Error encrypting ${err}`);
  });

  const decrypted = await crypto.subtle.decrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    base64Decode(encrypted),
  ).then((buffer) => text_decode(buffer)).catch((err) => {
    throw new Error(`Error decrypting ${err}`);
  });

  console.dir({ data, encrypted, decrypted });
}

test();
import {
  decode as base64Decode,
  encode as base64Encode,
} from "https://deno.land/std/encoding/base64.ts";

const text_decode = (d) => new TextDecoder().decode(new Uint8Array(d));
const text_encode = (e) => new TextEncoder().encode(e);

async function test() {
  const key = await crypto.subtle.generateKey(
    {
      name: "AES-CBC",
      length: 256,
    },
    false,
    [
      "encrypt",
      "decrypt",
    ],
  );

  const iv = await crypto.getRandomValues(new Uint8Array(16));
  const data = "Hello World";
  const encoded = text_encode(data);

  const encrypted = await crypto.subtle.encrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    encoded,
  ).then((buffer) => base64Encode(buffer)).catch((err) => {
    throw new Error(`Error encrypting ${err}`);
  });

  const decrypted = await crypto.subtle.decrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    base64Decode(encrypted),
  ).then((buffer) => text_decode(buffer)).catch((err) => {
    throw new Error(`Error decrypting ${err}`);
  });

  console.dir({ data, encrypted, decrypted });
}

test();
bartlomieju
bartlomieju12mo ago
@shansbiggestfan could you open a bug report in the repo? It appears to be actual bug that we need to fix on our side
Hexagon
Hexagon12mo ago
Here's another example of native deno aes encryption/decryption (from an old just-for-fun-project of mine) https://github.com/Hexagon/lock/blob/master/src/encryption.ts
GitHub
lock/src/encryption.ts at master · Hexagon/lock
Single binary cli application to encrypt or decrypt files - Hexagon/lock
ly
ly12mo ago
what repo would this be in deno_std or deno
bartlomieju
bartlomieju12mo ago
Deno repo
More Posts
Close a Deno.serve() connection?Is it possible to close a Deno.serve() connection?Relative import path "preact" not prefixed with / or ./ or ../ at https://deno.land/x/fresh@1.4.Please help. ``` deno 1.36.1 (release, aarch64-apple-darwin) v8 11.6.189.12 typescript 5.1.6 ```Problems with Deno KV```ts import InputLoop from "https://deno.land/x/input@2.0.3/index.ts"; const kv = await Deno.openKFile differs only by case errorI'm getting a strange error from TypeScript. For some reason it thinks the case of my file name is Possible to have multiple http servers listening to different ports in the same module?I'm porting a service mesh platform we wrote for NodeJS over to Deno and it is based on the idea of How to have private state in embedded deno_core JsRuntime?I need to either keep a reference in rust to an object I then `delete globalThis.__context`, but I cIssues getting local environment running in VSCode and Visual Studio 2022I'm a windows user trying to contribute on an github issue, but I've run into a few blockers. Using Relative import path "ioredis" not prefixed with / or ./ or ../```ts // main.ts import Redis from "ioredis"; ``` ```json // deno.json { "imports": { "ioredisPixi.js breaks DenoI'm trying to import Pixi in a Fresh island: ``` import { Sprite, Stage } from "npm:@pixi/react@7.1Confused by deno vendor-related behaviorsI created a main.ts containing this code: ``` import * as thrift from "npm:thrift"; let connection =