Node.js cryptography spike (Mocha Test) in order to get it talking with Java PBE which uses PBKDF1 instead of the more popular (and secure) PBKDF2. This is not pretty and uses an insecure algorithm (DES and MD5) but it illustrates the point. I'll work on refactoring it into a real lib for Zuul at some point.

crypto-spike-tests.js

var should = require('should'),
    crypto = require('crypto');

describe('Crypto Spike Tests', function () {
    var password = new Buffer('test', 'utf8');
    var KDF = function(password, salt, iterations) {
        var key = Buffer.concat([password, salt]);
        for (var i = 0; i < iterations; i++) {
            key = crypto.createHash("md5").update(key).digest();
        }
        return key;
    };

    it('should encrypt and decrypt its own dog food', function () {
        var cipher = crypto.createCipher("des", password);
        cipher.update('abc', "utf8", "base64");
        var encrypted = cipher.final('base64');
        var decipher = crypto.createDecipher('des', password);
        decipher.update(encrypted, 'base64', 'utf8');
        var decrypted = decipher.final('utf8');
        decrypted.should.eql('abc');
    });
    it('should decrypt unsalted value from open-ssl cli', function () {
        var encrypted = "B2cwwIuwcNM=";
        var decipher = crypto.createDecipher('des', password);
        decipher.update(encrypted, 'base64', 'utf8');
        var decrypted = decipher.final('utf8');
        decrypted.should.eql('abc');
    });
    it('should decrypt salted value from open-ssl cli', function () {
        var encryptedBuffer = new Buffer('U2FsdGVkX18/6u1/bhh43rHWG2AHeza4', 'base64');
        var salted = encryptedBuffer.slice(0, 8);
        var salt = encryptedBuffer.slice(8, 16);
        var payload = encryptedBuffer.slice(16);


        var key = KDF(password, salt, 1);
        var keyBuffer = new Buffer(key, 'binary').slice(0, 8);
        keyBuffer.toString('hex').toUpperCase().should.eql('F6E0671CBA4D6BFD');

        var ivBuffer = new Buffer(key, 'binary').slice(8, 16);
        ivBuffer.toString('hex').toUpperCase().should.eql('528265BD40F6EDCF');

        var decipher = crypto.createDecipheriv('des', keyBuffer, ivBuffer);
        var msg = [];
        msg.push(decipher.update(payload));
        msg.push(decipher.final());
        var decrypted = msg.join("");
        decrypted.should.eql('abc');
    });
    it('should decrypt PBEWithMD5AndDES with 1 hash iteration', function () {
        var encryptedBuffer = new Buffer('RA+2Samob9M+O5AfGMCy8A==', 'base64');
        var salt = encryptedBuffer.slice(0, 8);
        var payload = encryptedBuffer.slice(8);

        var key = KDF(password, salt, 1);
        var keyBuffer = new Buffer(key, 'binary').slice(0, 8);
        var ivBuffer = new Buffer(key, 'binary').slice(8, 16);

        var decipher = crypto.createDecipheriv('des', keyBuffer, ivBuffer);
        var msg = [];
        msg.push(decipher.update(payload));
        msg.push(decipher.final());
        var decrypted = msg.join("");
        decrypted.should.eql('abc');
    });
    it('should decrypt PBEWithMD5AndDES with 1000 hash iterations', function () {
        var encryptedBuffer = new Buffer('/w5a6LHjfwbjhTLUAKiPKg==', 'base64');
        var salt = encryptedBuffer.slice(0, 8);
        var payload = encryptedBuffer.slice(8);

        var key = KDF(password, salt, 1000);

        var keyBuffer =  new Buffer(key, 'binary').slice(0,8);
        var ivBuffer = new Buffer(key, 'binary').slice(8,16);


        var decipher = crypto.createDecipheriv('des', keyBuffer, ivBuffer);
        var msg = [];
        msg.push(decipher.update(payload));
        msg.push(decipher.final());
        var decrypted = msg.join("");
        decrypted.should.eql('abc');
    });
});