user163

Please complete your test data. Without the keys in *encryption_private_key.pem* and *signing_public_key.pem* no repro is possible.

@csandels - Regarding your first comment: *PBEWITHSHA256AND128BITAES-CBC-BC* follows PKCS#12. node-forge provides the function `forge.pki.pbe.generatePkcs12Key()` that can be used to derive key and IV according to PKCS#12: ```js var forge =...

As workaround the too short ciphertext can be padded manually to the length of the modulus with 0x00-values. Of course, it would be better if the bug would be fixed....

Yes, the fix works, even in your case. I have tested it successfully with your code using several examples. I just posted a comment and an [update](https://stackoverflow.com/a/60728041/9014097) on SO.

JSEncrypt, i.e. `encrypt.encrypt(message)` returns the ciphertext Base64 encoded, which is why a Base64 decoding is required in the node forge part: `privateK.decrypt(forge.util.decode64(encrypedQuery))`, see https://jsfiddle.net/f4scdvka/.

When encrypting with the private RSA key, JSEncrypt extracts the public RSA key from the private RSA key and performs a _**regular**_ RSA encryption with the extracted public RSA key...

This is not a bug. For efficiency reasons, the `update()`-calls only decrypt complete ciphertext blocks, the rest of the ciphertext remains in the buffer. Decryption is finalized with a `finish()`...