Good morning !
I need help to figure out if my scenario is possible to be done:
I have an app which is made in angularjs and in the app I use one outsystems rest api to do business logic in backend. To encrypt the data and send it encrypted to the rest api service it´s fine, no problem, but the problem is that I can´t decrypt it in OutSystems because the Rest API don´t allow me to use the javascript from the CryptoJS library. I also tried to use only the decrypt function from CryptoAPI from forge but it doesn´t work.
Do you guys have any idea on how can I decrypt data on rest api service on outsystems when the data comes encrypted from my angularjs app ? In time: I´m using O10.
Thank you
Hello Guilherme,
Hope to find you well.
Are you trying to decrypt an hash?
Best Regards
JS.
Hello José,
thanks for replaying.
I´m using crypto-js library to encrypt the data in my angularjs app. The library has a function to decrypt it passing the secret key.
Here´s the example extracted from the github of the library:
var CryptoJS = require("crypto-js");
// Encrypt
var ciphertext = CryptoJS.AES.encrypt('my message', 'secret key 123').toString();
// Decryptvar
bytes = CryptoJS.AES.decrypt(ciphertext, 'secret key 123');
var originalText = bytes.toString(CryptoJS.enc.Utf8);
console.log(originalText); // 'my message'
The main problem here is that I can´t use CryptoJS.AES.decrypt function on OutSystems, because I would need to add the javascript there and use it on the rest api service.
Yes, actually on a REST API you won't be able to use the Crypto-js to decrypt the message.
You mentioned that you tried to use CryptoAPI and it didn't worked, to guarantee the compatibility between the crypto-js and CryptoAPI to encrypt/decrypt, you need to make sure both libraries are using the same hash algorithm, the same message code authentication and the same padding scheme, so make sure crypto is using:
• The AES-256;
• HMAC for message code authentication.
• PKCS7 padding (is the default scheme).
Hope it helps.
Regards,
José