We are trying to follow Integrating Zoom Into Your EMR Platform to decrypt data passed to us from Epic.
Assumptions:
Encryption algorithm: AES-128 with an empty IV
Encrypted data is BASE64 encoded and URL encoded before passed to us as the ‘data=’ parameter.
Secret key is BASE64 encoded.
Our server is NodeJS and we are trying to decrypt using the built in Crypto library that comes with Node. Our code goes something like this:
import crypto from 'crypto';
const decodeBuffer = buffer => (Buffer.from( decodeURIComponent(buffer), 'base64' ));
export const decrypt = cipherText => {
let decodedText = decodeBuffer(cipherText);
let decipher = crypto.createDecipher(algorithm, decodeBuffer(secretKey));
let plainText = decipher.update(decodedText);
plainText = Buffer.concat([plainText, decipher.final()]);
return plainText.toString();
}
This fails during the .final() call with a ‘bad decrypt’ error. If we call this on a cipher text obtained using this matching encrypt() function it works fine:
export const encrypt = text => {
const cipher = crypto.createCipher(algorithm, decodeBuffer(secretKey));
const encrypted = Buffer.concat([cipher.update(text), cipher.final()]);
return encodeURIComponent(encrypted.toString('base64'));
};
I suspect that the assumption around the encoding of the key and/or encrypted data is false. It there documentation about this somewhere?
Thanks,
Henrik