JavaScript AES encryption and decryption (Advanced Encryption Standard)

Question

How to implement encryption and decryption using AES (Advanced Encryption Standard) in JavaScript.

Why AES (Advanced Encryption Standard) ?

Security:

Answer 1

If you are building a react or nodejs app, you can simply use this library ncrypt-js to encrypt and decrypt your data.

See example on codesandbox

usage:

es5

var ncrypt = require('ncrypt-js'); // or var { encrypt, decrypt } = require('ncrypt-js);

let encryptData = ncrypt.encrypt('super secret data', 'secret_key');
// or
// let encryptData = encrypt('super secret data', 'secret_key');

console.log(encryptData); // 11ab949601eb136f58ac3fe846e30d76.f9ce133b20adc35eef32af95957547abbb6fbfc5cb91cd14f5b0a088bd031883963cde1a56fd62fe2aeb75451a065d21
var decryptedData = ncrypt.decrypt(encryptData);
// or
// var decryptedData = decrypt(encryptData);

console.log(decryptedData); // super secret data

es6

import ncrypt from 'ncrypt-js'; // or import { encrypt, decrypt } from 'ncrypt-js';

const encryptData = ncrypt.encrypt('super secret data', 'secret_key');
// or
// const encryptData = encrypt('super secret data', 'secret_key');

console.log(encryptData); // 11ab949601eb136f58ac3fe846e30d76.f9ce133b20adc35eef32af95957547abbb6fbfc5cb91cd14f5b0a088bd031883963cde1a56fd62fe2aeb75451a065d21
const decryptedData = ncrypt.decrypt(encryptData);
// or
// const decryptedData = decrypt(encryptData);

console.log(decryptedData); // super secret data

Answer 2

I've built an NPM package called encrypt-with-password which allows you to encrypt and decrypt text and JavaScript objects with a password, using AES and deriving the AES key from the password with PBDKF2.

Installation:

npm install encrypt-with-password

or:

yarn add encrypt-with-password

To Encrypt and Decrypt Text:

const encryptpwd = require('encrypt-with-password');

const text = 'Hello, World!';
const password = 'examplepassword';

const encrypted = encryptpwd.encrypt(text, password); // ---> this is the encrypted (output) value

// example encrypted value: 'e68e7ccd9e908665818a49f111c342ed:c9b83ff7624bb3b26af8cc853d61cd2f7959cecc4308383c39a0924e90637889'

const decrypted = encryptpwd.decrypt(encrypted, password) // ---> this decrypts the encrypted value and yields the original text

To Encrypt and Decrypt JavaScript Objects:

const encryptpwd = require('encrypt-with-password');

const jsObject = {
  aString: 'Lorem ipsum dolor sit amet, consectetur adipisicing elit.',
  aNumber: 5,
  anArray: [1, 2, 3, 4, 5],
  anObj: {
    aKey: 'a value'
  }
};
const password = 'examplepassword2';

const encrypted = encryptpwd.encryptJSON(jsObject, password); // ---> this is the encrypted value

// example encrypted value: 'f953284ffe3e44a7b9de8487b50c3449:123378b5c481399488f520ebb774b076b85a12bc0f9a67cf8faf359eb4f804fc0594bc42374a20b4216b1312d7a408cf94517e19dfcada5513c49f6d13d26c982c562904306900a3f777b9c19b9c002e12dd216984f68566684f9f0259a45e007a0cecb2325333faafb18ed0e751933d8b1195b02b2adda29269cf1c6fa6fff73f0bac4abcf58b391521e0382c06a5f01f31c1243d827f8c7076f81d7f530259a3ae459e524bee80230672f153ab6a4e'

const decrypted = encryptpwd.decryptJSON(encrypted, password) // ---> this decrypts the encrypted value and yields the original object

The code behind this package is open sourced: https://github.com/xtrp/encrypt-with-password.

Answer 3

AES is very Simple and powerful encryption and decryption method. Please see my below example that will very easy to use in your ready code.

Just need to call encryptMessage and decryptMessage fnuction. I already provided running example below.

How to called these methods:

code.encryptMessage('Welcome to AES !','your_password');
code.decryptMessage('U2FsdGVkX1/S5oc9WgsNyZb8TJHsuL7+p4yArjEpOCYgDTUdkVxkmr+E+NdJmro9','your_password')

let code = (function(){
    return{
      encryptMessage: function(messageToencrypt = '', secretkey = ''){
        var encryptedMessage = CryptoJS.AES.encrypt(messageToencrypt, secretkey);
        return encryptedMessage.toString();
      },
      decryptMessage: function(encryptedMessage = '', secretkey = ''){
        var decryptedBytes = CryptoJS.AES.decrypt(encryptedMessage, secretkey);
        var decryptedMessage = decryptedBytes.toString(CryptoJS.enc.Utf8);

        return decryptedMessage;
      }
    }
})();

console.log(code.encryptMessage('Welcome to AES !','your_password'));
console.log(code.decryptMessage('U2FsdGVkX1/S5oc9WgsNyZb8TJHsuL7+p4yArjEpOCYgDTUdkVxkmr+E+NdJmro9','your_password'))

<!DOCTYPE html>
<html>
<head>
	<title>E2EE</title>
	<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>
</head>
<body>

</body>
</html>

You can also refer my github code repository for more references.

https://github.com/shedagemayur/JavaScriptCode/tree/master/AES

Answer 4

below code was worked for me

encryptMessage: function(messageToencrypt = '', secretkey = ''){
    var encryptedMessage = CryptoJS.AES.encrypt(messageToencrypt, secretkey);
    return encryptedMessage.toString();
},
decryptMessage: function(encryptedMessage = '', secretkey = ''){
    var decryptedBytes = CryptoJS.AES.decrypt(encryptedMessage, secretkey);
    var decryptedMessage = decryptedBytes.toString(CryptoJS.enc.Utf8);

    return decryptedMessage;
}

Thanks

Answer 5

Why would you want to implement AES in JavaScript? it would be extremely slow compared to a native (or wasm) implementation. Luckily, you have access to a native implementation right in the browser (even IE11 if you change a few things). It's very fast (hundreds of times faster according to some benchmarks posted a while ago on the Webkit blog) and it doesn't require 50kb libraries.

Using GCM in this example but you can use CTR mode if you don't need the authentication:

const key = await crypto.subtle.generateKey({name: 'AES-GCM', length: 128}, true, ['encrypt', 'decrypt'])
const text = "confidential message"
// IV must be the same length (in bits) as the key
const iv = await crypto.getRandomValues(new Uint8Array(16))
const cyphertext = await crypto.subtle.encrypt({name: 'AES-GCM', tagLength: 32, iv}, key, new TextEncoder().encode(text))

That will result in cyphertext containing an ArrayBuffer with the encrypted string and a 4-byte authentication tag (that's specific to GCM, other AES modes will just produce the encrypted data). You can decrypt it just as easily, as long as you have the key and IV used for encryption.

const cleartext = await crypto.subtle.decrypt({name: 'AES-GCM', tagLength: 32, iv}, key, cyphertext)
console.log(new TextDecoder().decode(cleartext))

Answer 6

function encrypt(message = '', key = ''){
    var message = CryptoJS.AES.encrypt(message, key);
    return message.toString();
}
function decrypt(message = '', key = ''){
    var code = CryptoJS.AES.decrypt(message, key);
    var decryptedMessage = code.toString(CryptoJS.enc.Utf8);

    return decryptedMessage;
}
console.log(encrypt('Hello World'));
console.log(decrypt('U2FsdGVkX1/0oPpnJ5S5XTELUonupdtYCdO91v+/SMs='))

<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>