Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encrypt then decrypt node issue with more than 16 chars message #47

AquiGorka opened this issue May 20, 2019 · 4 comments


Copy link

commented May 20, 2019




Encrypt -> Decrypt is not working with node@v12.2.0 with phrases more than 16 chars in length


  • Environment: node (originally found with node + browser, but could repro in node only too)


  const publicKey =
   const privateKey =
   let randomStr
   let answer
   let challenge
   try {
     randomStr = crypto.randomBytes(6).toString('hex')
     //randomStr = '1234567889012345'
     console.log('randomStr: ', randomStr)
     challenge = await encryptWithPublicKey(publicKey, Buffer.from(randomStr))
     console.log('challenge: ', challenge)                                                                                                                        
     answer = await decryptWithPrivateKey(privateKey, challenge)
   } catch (e) {
     console.log('Error: ', JSON.stringify(e, null, 2))
  console.log('----> ', randomStr === answer)

Error thrown (only node@12.2.0):

Error:  {
  "library": "digital envelope routines", 
  "function": "EVP_DecryptFinal_ex",
  "reason": "bad decrypt",
---->  false

Node@11.4.0 gives a satisfactory: ----> true


This comment has been minimized.

Copy link

commented Jul 8, 2019

Yes it is not decrypting message with more than 16 characters

pubkey added a commit that referenced this issue Aug 3, 2019


This comment has been minimized.

Copy link

commented Aug 3, 2019

I added a test in the attached commit.
I think this has something to do with the openssl version. Can you run openssl version and post the output?


This comment has been minimized.

Copy link

commented Aug 3, 2019

Some things I noticed:
npm install fails because of recipe for target 'Release/' failed see here

Then because of the failed build there is a MODULE_NOT_FOUND with Reverting to browser version. On the browser-version there is a different kind of padding of the public key which results in the error EVP_DecryptFinal_ex.

The current workaround is to downgrade to node v11.
I think this must be solved by eccrypto or secp256k1


This comment has been minimized.

Copy link

commented Aug 3, 2019

I opened bitchan/eccrypto#42

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
3 participants
You can’t perform that action at this time.