The {AES3} part is used as a prefix, so that doesn’t count. The remainder is a base64 encoded string containing the encrypted value. When you base64-decode that part, you end up with the actual AES encrypted value and if you’re right it’s length should be divisible by 16. I’m not familiar with these encryption methods, so I’m not sure about the math, but at least you should consider the fact that the value is base64 encoded on top of being encrypted.
Hi there!
Probably this question is outdated, but I ran into the same question as developing api endpoint to a mendix app.
As per the java code I saw in mendix module it is concatenating:
- prefix({AES3})
- base64 encoded iv (initial vector used for encryption)
- semicolon ";"
- base64 encoded encrypted value
Hope this helps future devs!
Regards