Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
This is a sample of AES encryption + decryption using CryptoJS. This is a bit different from the examples out there because this one uses a COMPANY header + payload. There's a little bit more processing going on. I also used a CDN for CryptoJS. I hope someone finds this useful.
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/core-min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/sha256.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script>
<script>
function toWordArray(str){
return CryptoJS.enc.Utf8.parse(str);
}
function toString(words){
return CryptoJS.enc.Utf8.stringify(words);
}
function toBase64String(words){
return CryptoJS.enc.Base64.stringify(words);
}
function encrypt(input, key){
var PROTOCOL_AES256 = 2;
var secret_key = CryptoJS.SHA256(key);
var header = toWordArray("AMAZON" + String.fromCharCode(PROTOCOL_AES256));
var iv = CryptoJS.lib.WordArray.random(16);
var body = CryptoJS.AES.encrypt(json_payload, secret_key, {iv: iv});
// construct the packet
// HEADER + IV + BODY
header.concat(iv);
header.concat(body.ciphertext);
// encode in base64
return toBase64String(header);
}
function decrypt(input, key){
// convert payload encoded in base64 to words
var packet = CryptoJS.enc.Base64.parse(input);
// helpers to compute for offsets
var PROTOCOL_AES256 = 2;
var secret_key = CryptoJS.SHA256(key);
var header = toWordArray("AMAZON" + String.fromCharCode(PROTOCOL_AES256));
var iv = CryptoJS.lib.WordArray.random(16);
// compute for offsets
var packet_size = packet.words.length - (iv.words.length + header.words.length);
var start = iv.words.length + header.words.length;
var end = packet.words.length;
var ciphertext = CryptoJS.lib.WordArray.create(packet.words.slice(start, end));
var parsed_iv = CryptoJS.lib.WordArray.create(packet.words.slice(header.words.length, iv.words.length+1));
ciphertext = toBase64String(ciphertext);
var decrypted = CryptoJS.AES.decrypt(ciphertext, secret_key, {iv: parsed_iv});
return toString(decrypted);
}
// data
var key = "ZxlNEnojO5HbQngiYvrqu32Br6V";
var data = {};
data["name"] = "andrew";
data["company"] = "amazon";
var json_payload = JSON.stringify(data);
console.log(json_payload);
var payload = encrypt(json_payload, key);
var decoded = decrypt(payload, key);
console.log(decoded);
</script>
@bfugl
Copy link

bfugl commented May 22, 2019

Thanks. The one thing I could not get right until I saw your code, was to pass a base64 string to CryptoJS.AES.decrypt().

@DineshGuptaa
Copy link

DineshGuptaa commented Jan 28, 2020

Thanks for code.
But code is not working. I can see encrypted String but decrypt method return empty string. Please guide

@maxijonson
Copy link

maxijonson commented Sep 22, 2020

Maybe I'm wrong but on line 24, you are using json_payload instead of input?

@ismailisimba
Copy link

ismailisimba commented Jul 29, 2022

Thank you, this just fit like a glove for a setup I'm thinking of.

@ismailisimba
Copy link

ismailisimba commented Jul 29, 2022

Maybe I'm wrong but on line 24, you are using json_payload instead of input?

I think this fix is right.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment