Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Encrypt and decrypt in javascript using node or browserify for use with openssl or php
import crypto from 'browserify-aes'
/**********************************************************************
*
* DECRYPTION MODULE FOR USE IN BROWSER DURING RUNTIME *
*
***********************************************************************/
const decrypt = hash => {
const hash = hash.data
//get IV from input, make sure its no longer than 16 bytes
const IV = hash.IV
//ein neuer cipher wird vorbereitet, mittels aes256, unserem 256 bit KEY und dem config IV
const decipher = crypto.createDecipheriv(
'aes256',
process.env.APP_CONFIG_KEY.substr(0, 32),
IV,
)
//der hash wird nun decrypted mittels dem zuvor erstellten cipher
const decrypted = Buffer.concat([decipher.update(
Buffer.from(hash, 'hex'),
), decipher.final()]).toString()
return JSON.parse(decrypted)
}
onst crypto = require('crypto')
/**********************************************************************
*
* DECRYPTION MODULE FOR USE INSIDE NODE.JS *
*
***********************************************************************/
const encryption = (data = 'TestString {} Héllöüä') => {
const secretPhrase = crypto.randomBytes(16).toString('hex')
const salt = crypto.randomBytes(128 / 8).toString('hex')
//here we generate the key and give it back as a string, we use 100k iterations
//as suggested in best practices
//We can use the key multiple times to encrypt multiple things(-30GB), we just cant use
//the same initialization vector twice
//the key for aes-256 needs to be 256 bits which equals 32 bytes or 32 characters
const configKey = crypto.pbkdf2Sync(secretPhrase, salt, 100000, 32, 'sha256').toString('hex').substr(0, 32)
//create unique IV for each encryption, the key can be reused. IV needs to always be 16 bytes
const IV = crypto.randomBytes(16)
//create ciphers for each encryption using the shared key and the unuique IV
const projectConfigCipher = crypto.createCipheriv('aes-256-cbc', configKey, IV.toString('hex').substr(0,16)
//encripting the storage location using the prepared cipher
const encrypted = Buffer.concat([configStorageCipher.update(
'STORAGE', 'utf8'
), configStorageCipher.final()]).toString('hex')
return encrypted
}
#########################################################################################
# #
# ENCRYPTION FOR CLI IN / MACOS / LINUX / WINDOWS #
# #
#########################################################################################
#encrypt with key & IV but no salt
cat config.json | openssl aes-256-cbc -iv $(cat iv) -K $(cat key) -A -nosalt -base64
#decrypt with key IV and base64
echo "encryptedString" | openssl aes-256-cbc -d -iv $(cat iv) -K $(cat key) -base64 -A
/**********************************************************************
*
* ENCRYPTION & DECRYPTION MODULE FOR PHP7+ USING OPENSSL *
*
***********************************************************************/
class AESEncryption {
//key length should be 256 bits for aes 256 this means we use a string with 32 bytes
public static $key = "5f08e0ec585393a8e2ca8f0a1a0ae752";
//iv length should be always be 128 bit / 16 bytes
public static $iv = "05d387e7f773035a";
// The AES uses a block size of sixteen octets (128 bits)
public static $Method = 'AES-256-CBC';
/**
* use the AES to encrypt plaintext data and return a base 64 string
*
* $key
*/
public static function encrypt($cleartext,$key = ''){
$key = empty($key) ? self::$key : $key;
$encrypted = openssl_encrypt($cleartext, self::$Method, $key, OPENSSL_RAW_DATA, self::$iv);
return base64_encode($encrypted);
}
/**
* use the AES to decrypt a base 64 string into plaintext
*
* $key
*/
public static function decrypt($encrypted,$key = ''){
$key = empty($key) ? self::$key : $key;
$encrypted = base64_decode($encrypted);
$decrypted = openssl_decrypt($encrypted, self::$Method, $key, OPENSSL_RAW_DATA, self::$iv);
return trim($decrypted);
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment