Error: Invalid key length

wheresvic / mongoose-field-encryption

A simple symmetric encryption plugin for individual fields. Dependency free, only mongoose peer dependency.

MIT License

74 stars 32 forks source link

Error: Invalid key length #50

Closed carmensancheez closed 2 years ago

carmensancheez commented 3 years ago

I created a new entry to my collection and added the field 'password' encrypted with mongooseFieldEncryption. Now when I try to decrypt that field, I have the following error: (node:7362) UnhandledPromiseRejectionWarning: Error: Invalid key length at Decipheriv.createCipherBase (internal/crypto/cipher.js:103:19) at Decipheriv.createCipherWithIV (internal/crypto/cipher.js:121:20) at new Decipheriv (internal/crypto/cipher.js:262:22) at Object.createDecipheriv (crypto.js:131:10)

PTAL! I need to decrypt the field ASAP

wheresvic commented 3 years ago

Hi @carmensancheez ,

Sorry to hear that you have this issue, could you please provide the code that you used?

Note that this error likely occurs when the secret you provided is not correct / empty.

amitistyping commented 3 years ago

@carmensancheez I resolved this by making secret length 32 characters.

But then I ran into this error - error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt.

I am trying to decrypt data like this - fieldEncryption.decrypt(messageObj.messageData.receiver, 'my secret key)

@wheresvic Can you suggest some solution for this?

amitistyping commented 3 years ago

@wheresvic What I want to do is get decrypted data after I have created a document.

igisav commented 3 years ago

Same pain as @lazzyn - first one error and with 32 byte secret you get another...

OpenSSL: LibreSSL 2.8.3 Mac Catalina 10.16.6



@plugin(fieldEncryption, {
  fields: ['password'],
  secret:  'my secret',
})
export class MyEndpoint extends BaseModel<MyEndpoint> {
  @prop()
  password: string;
  .....
}

...

const decryptedPassword = decrypt(myEndpoint.password, 'my secret');```

wheresvic commented 3 years ago

So to be fair decrypt is an internal function, ideally you want to call the static function decryptFieldsSync and get the decrypted object. See this test for example usage: https://github.com/wheresvic/mongoose-field-encryption/blob/master/test/test-statics.js

Please let me know if this does not work, thanks!

igisav commented 3 years ago

Thanks a lot, @wheresvic! decryptFieldsSync works on created Document and decrypt was wrong method for me.

additional question: Are there types for Typescript for this library?

wheresvic commented 3 years ago

Hi @igisav good to hear that you were able to resolve your issue.

Unfortunately, there are no typescript types for this library - feel free to file and issue and I'll see if I can make some.

Cheers!