I have the following encrypted data:
echo "U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o" | openssl enc -d -aes-256-cbc -a -k password
Made with Gibberish\n
var decipher = crypto.createDecipher('aes-256-cbc', "password");
var dec = decipher.update("U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o",
dec += decipher.final('utf8');
TypeError: DecipherFinal fail
The encrypted data starts with a 8 byte "magic" indicating that there is a salt. Then the next 8 bytes is the salt. Now the bad news: Node.js does not seem to use the salt for the EVP_BytesToKey method:
int key_len = EVP_BytesToKey(cipher, EVP_md5(), NULL, (unsigned char*) key_buf, key_buf_len, 1, key, iv);
NULL is the salt.
This has been verified using a Java test application (using the right salt) - the result string was returned.
Please leave out the salt using the OpenSSL
-nosalt switch and try again.
openssl enc -aes-256-cbc -nosalt -a -k password owlstead Mh5yxIyZH+fSMTkSgkLa5w==
var crypto=require('crypto') var cipher=crypto.createDecipher('aes-256-cbc', "password") var enc = cipher.update("Mh5yxIyZH+fSMTkSgkLa5w==", 'base64', 'utf8') enc += cipher.final('utf8')
[LATE EDIT] Note that using secret key derivation with a salt and large work factor may be paramount to security. You'd better use a very unique, high entropy password otherwise your encrypted data may be at risk.