If you take the encrypted cipher resulting from any CBC operation and decrypt the message using the same IV, key, key size, etc, the decrypted string is longer than expected and results in gremlins being appended to the end of the decrypted text.

SlowAES seems to only work in a round-trip scenario where the unencrypted text is known at the time.

Using Josh Davis' implementation, you can see the issue first hand:

http://josh-davis.org/ecmaScrypt

Password: Test001! 256 Bit Hex Key: e8cfe0b4e39dcc886ca83116b21db375ca231eeebf1df98f0b38163221385fcd CBC Encrypted String: 88ff1654ef2badfc22bc7dfa6c0d5d145cbfa547bce4d87c663473b09ce8d9c3

The result you will get is 'Hello, World! This is a test' but at the end there will be extra characters at the end.

I tried using the fix submitted here: http://code.google.com/p/slowaes/issues/detail?id=6

which works correctly unless I pass in a 16 character hex string as the plain text.

I committed r39 which should fix this