Encrypt in Java, decrypt in the browser (or seed JS-encrypted payloads into Java). Sounds straightforward. It’s not.

You hit landmines like:

Mismatched IV/tag defaults (Java Crypto API vs WebCrypto)

Conflicting key formats (X.509 vs JWK vs raw)

Varied Base64 implementations and encoding subtleties

I spent hours chasing these. So I made Dual-Crypt, a fully working example:

AES-256-GCM + RSA-2048, wired correctly across Java ↔ JS

Uses spki for public key, pkcs8 for private key, 12-byte IV, 128-bit tag

Copy-paste ready code and a live demo

Read how I hacked it into existence, and try it yourself: https://muthuishere.medium.com/dual-crypt-cross-platform-encryption-spring-boot-react-that-actually-works-c713ecdbb89c Live demo here: https://dualcrypt.muthuishere.site