AES keys sent by the frontend are invalid
The key is binary, but the content of the file is sent as a JSON string to the backend, which is then decoded as UTF-8, which it is not. It should be base64'ed beforehand, and maybe also in the backend Plus, they should be validated with a AES checker (create an AES object from the received key)