AES decryption issue using aes-128-ecb

The NodeJS-code has several issues: First, createDecipher is used instead of createDecipheriv. createDecipher (meanwhile deprecated by the way) interprets the 2nd parameter as passphrase and generates a key from it, while CreateDecipheriv interprets the 2nd parameter directly as key.

Second, when creating the buffer buf, an encoding must be used (here base64). However, this step can be omitted since the update-method can also process a string (here the second parameter specifies the input-encoding).

Finally, PKCS7-padding was used to encrypt the data, which is the default padding, so it must not be disabled for decryption.

With the following changes the ciphertext can be decrypted:

var crypto = require('crypto'); var encData = '2WSGjqFJJ0Zxl7Ao6uT9+CpESHBPz+ejTlzPN+ELPtdFbL2cr3hJo/NM2XJXt1UKefdyJFjPxz//suRHM7PyorNtoVAoP8hdbcUndUtFEOpUihzVcllffRI3aoQ57iD5+5NZQEAncDwY/+fve/ocOCgBGJMRGN6CvjSJ9dIKFD2L0u452oBoMFBdkdNEslFabXFTxBut95BO1H+itJjOFCb9pQh0mK9HetzmUMjX7PZ55LysZRvddAracs7Fj3Jc'; //var buf = Buffer.from(encData); //var encDataBase64 = buf.toString('base64'); var key = '<your obfuscated secret key>'; //var mykeydec = crypto.createDecipher('aes-128-ecb', key); // Use createDecipheriv var mykeydec = crypto.createDecipheriv('aes-128-ecb', key, null); //mykeydec.setAutoPadding(false); // Don't disable PKCS7-Padding //var mystrdec = mykeydec.update(encDataBase64, 'base64', 'ascii'); // Decrypt the Base64-encoded ciphertext directly var mystrdec = mykeydec.update(encData, 'base64', 'ascii'); mystrdec += mykeydec.final("ascii"); console.log("dec data", mystrdec); 

In addition: You have revealed so much information in your question that I was able to find your obfuscated key in a few minutes, which is why I was able to decrypt your ciphertext and hence verify my code changes. In other words, this key is compromised and must not be used anymore!

I am unsure what your exact issue is. It could be a lot of things. How is the data encrypted? Is the length of the string a multiple of the block size?

It could be that padding is needed if that is not the case.

In this example, it all works fine:

const crypto = require("crypto"); //Encrypt const data = "{\"msg\":\"This data should be protected at all cost! But it is pretty long, so you need to use all chunks...\"}"; const key = "SecretKeyOfExactlyAndOnly32Bytes"; const chunks = []; const encoder = crypto.createCipher("aes-128-ecb", Buffer.from(key)); encoder.setAutoPadding(true); // This does not match the block size, so padding is needed... chunks.push(encoder.update(data).toString("base64")); chunks.push(encoder.final().toString("base64")); let cipherText = chunks.join(""); console.log("\nCiphertext: ", cipherText,"\n"); //Decrypt let decoder = crypto.createDecipher("aes-128-ecb", key); decoder.setAutoPadding(true); // setting this to false yields garbage data on the end because of padding... let clearText = decoder.update(cipherText, "base64", "ascii"); clearText += decoder.final().toString("ascii"); console.log("\nClear Text: ", clearText); //Verify Valid JSON console.log(JSON.parse(clearText).msg);