Aminadav Aminadav - 22 days ago 6
Node.js Question

NodeJS aes decrypt not working

I using online tools for encrpyt using AES. I'm using my module to decrypt. But I get not the same results. Why?

I used one of those tool for encrypt:



This is the data I provided:


  • This is the text to encrpyt:
    Hello World

  • This is the password:
    12345

  • This is the result of the tool:
    U2FsdGVkX19HLG+YDMe3kYl+MYwEMlnC5mK78s3rZZg=



Now I try to decrypt it using node, and it is not giving me same results. But everything works welll

var crypto = require('crypto'),
algorithm = 'aes-128-ctr',
password = '12345';

module.exports.decrypt=function(text){
var decipher = crypto.createDecipher(algorithm,password)
var dec = decipher.update(text,'base64','utf8')
dec += decipher.final('utf8');
return dec;
}

text=module.exports.decrypt('U2FsdGVkX1+OOp0KE3lv6qcKQeS/JDFPF8YhgdU131o=')
text





I tried to change to AES-192, and got the same issue.




Update: (Based on zaph response)

This is the new data I entered here: https://www.tools4noobs.com/online_tools/encrypt/


  • key: 0123456789abcdef (16 bytes) Rijndael-128. mode: CBC. encode:hex.

  • This is the result: 8b25e846b6a2d52ad87f38f8134906c3



I cannot decrypt it. Here is my code:

var crypto = require('crypto'),
algorithm = 'aes-128-cbc',
password = '0123456789abcdef';

module.exports.decrypt=function(text){
var decipher = crypto.createDecipher(algorithm,password)
var dec = decipher.update(text,'hex','utf8')
dec += decipher.final('utf8');
return dec;
}
if(!module.parent){
var text=module.exports.decrypt('8b25e846b6a2d52ad87f38f8134906c3')
console.log(text)
}

Answer

Use an encryption key that is an exact length in order to avoid non-standard padding (there is not standard on handling keys of incorrect lengths). AES supports 128 192 and 256 bit length passwords (16, 24 and 32 bytes). Obviously 12345 does not meet the supported password lengths.

It is generally best not to use CTR mode, is is very easy to get it wrong. The issue is that the same key and counter must never be reused. Generally CBC mode is used with a random IV and PKCS#7 padding is used to accommodate input that is not a multiple of the block size.

The output U2FsdGVkX19HLG+YDMe3kYl+MYwEMlnC5mK78s3rZZg= is Base encoded 32 bytes, twice the block size, so there is something else than the encrypted data in the output.

Entering the password and text into https://www.tools4noobs.com/online_tools/encrypt/ in Rijndael-128 (which is AES) in CTR mode produces 53TI1is8kfYkztQ=, not the resulty in the question. Note that this tool used mcrypt that only supports non-standard padding.