bcrypt is a password-hashing algorthm, not an encryption scheme. If we used bcrypt for the credentials, we'd never be able to decrypt them.
The code Node-RED uses to encrypt/decrypt credentials is here: