aes-256-cbc decrypt error without setAutoPadding(false)

[kigawas]

Version: Deno 2.2.2

The following error occurs when decrypting with aes-256-cbc

error: Uncaught (in promise) TypeError: Cannot unpad the input data
    at Decipheriv.final (ext:deno_node/internal/crypto/cipher.ts:158:5)
    at Object.decrypt (file:///Users/user/my-project/node_modules/.pnpm/@ecies+ciphers@file+.._@noble+ciphers@1.2.1/node_modules/@ecies/ciphers/dist/_node/compat.js:44:34)
    at file:///Users/user/my-project/main.js:43:37

I digged the code, it looks like the auto_pad variable defaults to false when encrypting but to true when decrypting. This behaviour is inconsistent with node.

      (Aes256Cbc(encryptor), true) => {
        let _ = (*encryptor)
          .encrypt_padded_b2b_mut::<Pkcs7>(input, output)
          .map_err(|_| CipherError::CannotPadInputData)?;
        Ok(None)
      }
      (Aes256Cbc(mut encryptor), false) => {
        encryptor.encrypt_block_b2b_mut(
          GenericArray::from_slice(input),
          GenericArray::from_mut_slice(output),
        );
        Ok(None)
      }

[littledivy]

Can you share some code to help reproduce the error? I tried @ecies/ciphers's aes256cbc example and it works with Deno 2.2.2

[kigawas]

@littledivy Its current version is using @noble/ciphers, you need to edit the package.json to change it to node.js

https://github.com/ecies/js-ciphers/blob/main/package.json#L40

[kigawas]

@littledivy

By the way, there's also a related problem. Deno does not support indirect export:

When there is a package A with exports deno condition, if we import A directly with deno, deno export works. If we import package B using package A, deno export will not work

#17964 (reply in thread)

That's to say, even if we specify @noble/ciphers in @ecies/ciphers for chacha20-poly1305, it dependents still fall back to node:crypto, which makes it unusable.