ly
ly16mo ago

bad resource id with node:crypto

function test() {
  const key = randomBytes(32);
  const iv = randomBytes(16);
  const cipher = createCipheriv("aes-256-cbc", key, iv);
  const decipher = createDecipheriv("aes-256-cbc", key, iv);
  const data = "Hello World";
  const encrypted =
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
  const decrypted =
    decipher.update(encrypted, "base64", "utf8") + decipher.final("utf8");
  console.dir({ data, encrypted, decrypted });
}

test();
function test() {
  const key = randomBytes(32);
  const iv = randomBytes(16);
  const cipher = createCipheriv("aes-256-cbc", key, iv);
  const decipher = createDecipheriv("aes-256-cbc", key, iv);
  const data = "Hello World";
  const encrypted =
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
  const decrypted =
    decipher.update(encrypted, "base64", "utf8") + decipher.final("utf8");
  console.dir({ data, encrypted, decrypted });
}

test();
error: Uncaught BadResource: Bad resource ID
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
                                                   ^
    at Cipheriv.final (ext:deno_node/internal/crypto/cipher.ts:35:13)
error: Uncaught BadResource: Bad resource ID
    cipher.update(data, "utf8", "base64") + cipher.final("base64");
                                                   ^
    at Cipheriv.final (ext:deno_node/internal/crypto/cipher.ts:35:13)
8 Replies
ly
lyOP16mo ago
Any idea’s 😅
pyrote
pyrote16mo ago
It looks like its a bug/unfinished feature in Deno's node:crypto implementation. If you change your code to use 'aes-128-cbc' and the key to randomBytes(16) it will run. Can you use Deno's native crypto.subtle encryption/decryption?
ly
lyOP16mo ago
If I figure out how to translate it then yea
pyrote
pyrote16mo ago
crypto.subtle isn't quite as user friendly since you have to handle all the Buffer conversions yourself. Here's an example of your original code rewritten with crypto.subtle. 
import {
  decode as base64Decode,
  encode as base64Encode,
} from "https://deno.land/std/encoding/base64.ts";

const text_decode = (d) => new TextDecoder().decode(new Uint8Array(d));
const text_encode = (e) => new TextEncoder().encode(e);

async function test() {
  const key = await crypto.subtle.generateKey(
    {
      name: "AES-CBC",
      length: 256,
    },
    false,
    [
      "encrypt",
      "decrypt",
    ],
  );

  const iv = await crypto.getRandomValues(new Uint8Array(16));
  const data = "Hello World";
  const encoded = text_encode(data);

  const encrypted = await crypto.subtle.encrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    encoded,
  ).then((buffer) => base64Encode(buffer)).catch((err) => {
    throw new Error(`Error encrypting ${err}`);
  });

  const decrypted = await crypto.subtle.decrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    base64Decode(encrypted),
  ).then((buffer) => text_decode(buffer)).catch((err) => {
    throw new Error(`Error decrypting ${err}`);
  });

  console.dir({ data, encrypted, decrypted });
}

test();
import {
  decode as base64Decode,
  encode as base64Encode,
} from "https://deno.land/std/encoding/base64.ts";

const text_decode = (d) => new TextDecoder().decode(new Uint8Array(d));
const text_encode = (e) => new TextEncoder().encode(e);

async function test() {
  const key = await crypto.subtle.generateKey(
    {
      name: "AES-CBC",
      length: 256,
    },
    false,
    [
      "encrypt",
      "decrypt",
    ],
  );

  const iv = await crypto.getRandomValues(new Uint8Array(16));
  const data = "Hello World";
  const encoded = text_encode(data);

  const encrypted = await crypto.subtle.encrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    encoded,
  ).then((buffer) => base64Encode(buffer)).catch((err) => {
    throw new Error(`Error encrypting ${err}`);
  });

  const decrypted = await crypto.subtle.decrypt(
    {
      name: "AES-CBC",
      iv,
    },
    key,
    base64Decode(encrypted),
  ).then((buffer) => text_decode(buffer)).catch((err) => {
    throw new Error(`Error decrypting ${err}`);
  });

  console.dir({ data, encrypted, decrypted });
}

test();
bartlomieju
bartlomieju16mo ago
@shansbiggestfan could you open a bug report in the repo? It appears to be actual bug that we need to fix on our side
Hexagon
Hexagon16mo ago
Here's another example of native deno aes encryption/decryption (from an old just-for-fun-project of mine) https://github.com/Hexagon/lock/blob/master/src/encryption.ts
GitHub
lock/src/encryption.ts at master · Hexagon/lock
Single binary cli application to encrypt or decrypt files - Hexagon/lock
ly
lyOP16mo ago
what repo would this be in deno_std or deno
bartlomieju
bartlomieju16mo ago
Deno repo