Node.js decrypting external PHP aes-256-cbc, then encrypting it

Question

I have Node.js decrypting a php AES-256-cbs encrypted string working thanks to the node-rijndael module, but I can't quite get it to encrypt properly using the externally provided hex shared key. Here is info on using node node-rijndael to decrypt php AES-256-cbs https://stackoverflow.com/a/25107892/2141980

I'm very close, just some garbage characters mixed in the result of node encryption

//-- file: rijndael.js (just a wrapper module for node-rijndael) --

var Rijndael = require('node-rijndael');

function rtrim(string, chr) {
    for (var i = string.length - 1; i >= 0; i--)
        if (string[i] !== chr)
            return string.slice(0, i + 1);

    return '';
}

function rpad(string, chr, length) {
    var extra = string.length % length;
    if (extra === 0)
        return string;

    var pad_length = length - extra;
    // doesn't need to be optimized because pad_length will never be large
    while (--pad_length >= 0) {
        string += chr;
    }
    return string;
 }



function encrypt (text_in, input_key, input_iv) {
    var rijndael = new Rijndael(input_key, {
        mode: Rijndael.MCRYPT_MODE_CBC,  
        encoding: 'hex',
        iv: input_iv
    }); 

    var padded = rpad(text_in, '\0', Rijndael.blockSize);
    return rijndael.encrypt(padded , 'binary', 'base64');
}


function decrypt (ciphertext, input_key, input_iv) {
    var rijndael = new Rijndael(input_key, {
        mode: Rijndael.MCRYPT_MODE_CBC,
        encoding: 'hex', // shared_key encoding   ignored if a buffer  */
        iv: input_iv
    });

    return rtrim(rijndael.decrypt(ciphertext, 'base64', 'binary'), '\0');
}

exports.decrypt = decrypt;
exports.encrypt = encrypt;
/-- END file: rijndael.js --


// Star here:

// include the above wrapper module:
var rijndael = require('rijndael');
var crypto = require('crypto');

// can use, set Rijndael encoding to 'hex'
var key = '24 8b 2d c7 3e 98 0b 3b 5b 9a 93 1e 41 e6 a1 43 70 dd 06 c7 1e a9 c9 67 ce d8 36 00 52 66 3b 49'; 
key = key.replace(/ /g, '');


var plain_text = "DANGER WILL ROBINSON...A horse is a horse of course...Lucy, you've got some explaining to do...Marsha Marsha Marsha";

var aes_iv = crypto.randomBytes(32).toString('base64');

// in: binary, out: base64                        
var encrypted   = rijndael.encrypt (plain_text, key, aes_iv);
console.log("encrypted, base64:\n" + encrypted);


// in: base64, out: binary  
var back_again = rijndael.decrypt (encrypted, key, aes_iv);
console.log("decrypted :" + back_again);   
console.log("typeof: " + typeof back_again);




/* php version of above
$shared_secret_key = '24 8b 2d c7 3e 98 0b 3b 5b 9a 93 1e 41 e6 a1 43 70 dd 06 c7 1e a9 c9 67 ce d8 36 00 52 66 3b 49';
$shared_secret_key = str_replace(' ', '', $shared_secret_key);
$shared_secret_key = pack('H*', $shared_secret_key); 

$plain_text = "DANGER WILL ROBINSON...A horse is a horse of course...Lucy, you've got some explaining to do...Marsha Marsha Marsha";

// generate 32 byte random binary string
$aes_iv =  mcrypt_create_iv(32, MCRYPT_RAND);

// encrypt:
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $shared_secret_key,     $plain_text, MCRYPT_MODE_CBC, $aes_iv);

$encrypted_encoded  = base64_encode($encrypted ); 
echo $encrypted_encoded;  # compare with Node.js

// decrypt:
$response = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $shared_secret_key, $encrypted , MCRYPT_MODE_CBC, $aes_iv);
$response = rtrim($response, "\0"); // AES adds null characters to the end of short strings, so we should strip them out

echo "\n", $response;

*/

Answer 1

There's a bug in node-rijndael when using a hex shared key that causes garbage characters in the first 32 characters of the decrypted output. Solution is to just convert hex key to base64 and and set node-rijndael shared key encoding option accordingly.