Help with JSON module crypto

Fri, 30 Jan 2026 18:37:33 -0800 

Hello, devs,
I need a bit of help getting some of the encryption/decryption working
with the guacamole-auth-json module. Specifically, I'm trying to do
the encryption of the JSON data with JavaScript, and am hitting a
couple of issues. The basic JavaScript code I've got going is
relatively simple:

===
var json = '{ ... }'
var encoder = new TextEncoder();
var encoded = encoder.encode(json);
var key = '2c1a6b6438c580e4281ded6639f22e65';
var keyData = encoder.encode(key);
var keyObj1 = await
window.crypto.subtle.importKey("raw",keyData,{name:"HMAC",
hash:"SHA-256"},false,["sign"]);
var signature = await window.crypto.subtle.sign("HMAC", keyObj1, encoded);
var signedData = signature.toString() + json;
var zeroiv = new Uint8Array([0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]);
let keyObj2 = await
window.crypto.subtle.importKey("raw",keyData,{name:"AES-CBC"},false,["encrypt"]);
let encrypted = await crypto.subtle.encrypt({name:"AES-CBC", zeroiv},
keyObj2, encoder.encode(signedData));
var base64String = btoa(String.fromCharCode.apply(null, new
Uint8Array(encrypted)));
==

When I take the base64 output and feed it to a curl command:

curl --data-urlencode "data=<base64String from above>" -k
https://server.example.com/api/tokens

I get an error:

==
{"message":"Permission
denied.","translatableMessage":{"key":"APP.TEXT_UNTRANSLATED","variables":{"MESSAGE":"Permission
denied."}},"statusCode":null,"expected":[],"patches":null,"type":"INVALID_CREDENTIALS"}
==

And, if I look at my Tomcat logs, I see the following:

==
ERROR: o.a.g.auth.json.user.UserDataService - Decryption of received
data failed: javax.crypto.BadPaddingException: Given final block not
properly padded. Such issues can arise if a bad key is used during
decryption.
==

>From my reading about JavaScript's subtle crypto methods, it looks
like it is using PKCS7 padding, whereas the JSON module uses
AES/CBC/PKCS5Padding. However, I found a couple of assertions that
Java actually uses PKCS7 rather than PKCS5, and that the PKCS5 name is
actually a misnomer: https://crypto.stackexchange.com/a/9044.

Any hints on this?

-Nick

Reply via email to