Is AES the same in libraries PyCrypto & Node.JS Crypto


I am beginnging to wonder if the implementation of AES is different across libraries..

Currently i have a plaintext encrypted with PyCrypto.
Im trying to decrypt the ciphertext with Node.js's Crypto Library..

Basically with PyCrypto..
im using AES-128-CBC with a random generated IV. (which decrypts perfectly in PyCrypto)

On Node.js im doing this

var buf = new Buffer(ciphertext)
var decipher = crypto.createDecipher('aes-128-cbc',aeskey)
buf = decipher.update(buf,'binary', 'binary')
buf +='binary')

Which spits out a bunch of Garbage.... ( changing 'binary' to hex/utf8 doesnt help)

As i am using CBC (Cipher Block Chaining)...
i am prepending the IV to the beginning of the ciphertext (16 blocks).. In PyCrypto this works perfectly, similarly to the specification of PGP, CFB usage..

Does anyone know for what reason this is not working???

Am i expecting too much of Node.js's standard libraries?

By : Arenstar


AES is a rijndael standard. It shouldn't be different. You should look into data types and default settings that are hidden. Something must be set different between the two. The key sizes might be different as 128 bit "hello" is padded with zeros I think and a smaller key would start with "hello" but have a smaller padding, therefore different.

By : Will03uk

The short answer to your question is: Yes, AES is the same in PyCrypto and Node.js' crypto module. Node's crypto is just a wrapper around openssl on your system, and PyCrypto is interoperable with OpenSSL (see

Having said that, there are definitely bugs in the Node crypto module (though I've only experienced problems with base64 encoding, myself). So whether it's a bug or not, the problems you're experiencing are almost certainly happening in the data encoding/decoding stages.

What does your ciphertext look like? Is it a hexadecimal string? If so, then you need to do

buf = decipher.update(buf, 'hex', 'binary')

That's not how IV works in Node, you have to use crypto.createDecipheriv(cipher, key, iv) instead, otherwise you get a default baked-in one. Even in PyCrypto you should be using the third argument to as the IV, not stuffing it into the bytestream.

This video can help you solving your question :)
By: admin