Skip to main content

Decrypt Text

Decrypts cipher text that was encrypted using symmetric encryption algorithms (AES or 3DES), converting it back to the original plain text. The node accepts hexadecimal-encoded cipher text and returns the decrypted plain text.

Common Properties

  • Name - The custom name of the node.
  • Color - The custom color of the node.
  • Delay Before (sec) - Waits in seconds before executing the node.
  • Delay After (sec) - Waits in seconds after executing node.
  • Continue On Error - Automation will continue regardless of any error. The default value is false.
info

If the ContinueOnError property is true, no error is caught when the project is executed, even if a Catch node is used.

Inputs

  • Cipher Text - The encrypted text in hexadecimal format to decrypt.
  • Key - The decryption key in hexadecimal format. Must be the same key used for encryption.
    • AES: 16, 24, or 32 bytes (128, 192, or 256 bits)
    • 3DES: 24 bytes (192 bits)

Options

  • Decryption Algorithm - The decryption algorithm to use (must match encryption):
    • aes - Advanced Encryption Standard
    • 3Des - Triple Data Encryption Standard

Output

  • text - The decrypted plain text in its original form.

How It Works

The Decrypt Text node reverses the encryption process to recover the original plain text:

  1. Receives the hexadecimal cipher text and decryption key
  2. Decodes both the cipher text and key from hexadecimal format
  3. Applies the selected decryption algorithm:
    • AES: Uses ECB mode for block-by-block decryption
    • 3DES: Uses CBC mode with the initialization vector from cipher text
  4. Removes PKCS7 padding from the decrypted data
  5. Returns the original plain text

Example Usage

Basic AES Decryption

// Decrypt cipher text using the same key that was used for encryption
const cipherText = "3a7c2f1e4d9b8a6c5e7f2d1a4b9c8e7f3a6d2c5e8f1b4a7c9e2d5f8a1b4c7e";
const key = "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2";

// Use Decrypt Text node
// Output: text = "Secret password: MyP@ssw0rd123"

Decrypting User Credentials

// Retrieve encrypted credentials from storage
const encryptedData = "7f3e9a2b8c1d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f";
const encryptionKey = "{{vault.encryption_key}}"; // From Robomotion Vault

// Use Decrypt Text node
// Parse the decrypted JSON
const credentials = JSON.parse(decryptedText);
// Access: credentials.username, credentials.password

Decrypting API Keys

// Decrypt stored API key for use in API calls
const encryptedApiKey = "{{msg.encrypted_api_key}}";
const masterKey = "{{vault.master_encryption_key}}";

// Use Decrypt Text node
// Use decrypted API key in subsequent API nodes

Batch Decryption

// Decrypt multiple encrypted values
const encryptedItems = [
  "a1b2c3d4e5f6...",
  "7f8e9d0c1b2a...",
  "3e4f5a6b7c8d..."
];

// Loop through array using ForEach node
// Decrypt each item with Decrypt Text node
// Store results in array

Requirements

  • Valid hexadecimal cipher text
  • Correct decryption key matching the encryption key
  • Algorithm must match the one used for encryption
  • Cipher text must be properly formatted and not corrupted

Error Handling

The node will return errors in the following cases:

  • Invalid cipher text format - Cipher text is not valid hexadecimal
  • Invalid key format - Key is not valid hexadecimal
  • Invalid key length - Key length doesn't match algorithm requirements
  • Wrong key - Decryption fails because key doesn't match
  • Corrupted data - Cipher text has been modified or corrupted
  • Algorithm mismatch - Wrong algorithm selected for the cipher text
  • Padding error - Invalid PKCS7 padding detected

Security Best Practices

  • Protect encryption keys - Store keys securely in Robomotion Vault
  • Match algorithms - Always use the same algorithm for encryption and decryption
  • Verify data integrity - Use HMAC or hash verification to detect tampering
  • Limit key access - Only authorized flows should access decryption keys
  • Audit decryption operations - Log when sensitive data is decrypted
  • Clear memory - Don't keep decrypted sensitive data in memory longer than needed
  • Secure logging - Never log decrypted sensitive data

Common Use Cases

  • Password Retrieval - Decrypt stored passwords for authentication
  • Data Processing - Decrypt data for processing in RPA workflows
  • Configuration Loading - Decrypt API keys and credentials from config files
  • Secure Data Exchange - Decrypt data received from external systems
  • Compliance - Decrypt data when needed for authorized access
  • Backup Recovery - Decrypt encrypted backup data

Tips for Effective Use

  • Always use the same key that was used for encryption
  • Ensure the algorithm matches the encryption algorithm
  • Store cipher text securely - tampering will cause decryption to fail
  • Consider implementing retry logic for transient decryption errors
  • Validate decrypted data format before using it
  • Clear or overwrite decrypted sensitive data after use
  • Test decryption in development before production deployment

Troubleshooting

Decryption Fails

  • Verify the key - Ensure you're using the exact same key used for encryption
  • Check algorithm - Confirm algorithm matches encryption algorithm
  • Validate cipher text - Ensure cipher text hasn't been modified or corrupted
  • Test with known data - Encrypt and decrypt test data to verify setup

Unexpected Output

  • Wrong encoding - Ensure cipher text is hexadecimal encoded
  • Partial decryption - Check for data truncation in storage/transmission
  • Character encoding issues - Verify UTF-8 encoding for text data

Performance Issues

  • Large data - Consider using Decrypt File for large amounts of data
  • Batch operations - Process decryption in parallel when possible
  • Encrypt Text - Encrypt plain text to create cipher text
  • Decrypt File - Decrypt entire encrypted files
  • Generate Key - Generate secure encryption keys
  • Verify - Verify encrypted data hasn't been tampered with using signatures