How to use password encryption and decryption in NodeJs?

Node.js offers an integrated module called crypto that you could use to encrypt and decrypt strings, numbers, buffers, streams, and more. This module gives cryptographic capability that consists of a fixed of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and confirm functions.

In this blog, you will discover ways to use the Node.js crypto module to carry out cryptographic operations on information. I'll display you a way to encrypt information with a mystery key after which decrypt the usage of the identical mystery key whilst required.

For the sake of simplicity, I am going to apply the AES (Advanced Encryption System) set of rules CTR encryption mode. Here is a superb dialogue on StackOverflow for selecting the proper AES encryption mode.

Create a new directory in your local file system and switch to that by writing the following:

$ mkdir crypto && cd crypto

Now perform the following instructions to start a new Node.js project:

$ npm init -y

The above command will produce a new package.json file in the root directory. check that you have already installed Node.js on your machine before issuing the above command. The crypto module is already included in pre-built Node.js binaries by design. But if you've installed Node.js manually, crypto may not be shipped with it. You can install it, however, by executing the following command:

$ npm install crypto --save

Encrypt and decrypt text or passwords

Let's build the crypto.js file in the root directory of the project and describe our encryption and decryption features as follows:

crpyto.js

const crypto = require('crypto');

const algorithm = 'aes-256-ctr';
const secretKey = 'vOVH6sdmpNWjRRIqCc7rdxs01lwHzfr3';
const iv = crypto.randomBytes(16);

const encrypt = (text) => {

    const cipher = crypto.createCipheriv(algorithm, secretKey, iv);

    const encrypted = Buffer.concat([cipher.update(text), cipher.final()]);

    return {
        iv: iv.toString('hex'),
        content: encrypted.toString('hex')
    };
};

const decrypt = (hash) => {

    const decipher = crypto.createDecipheriv(algorithm, secretKey, Buffer.from(hash.iv, 'hex'));

    const decrpyted = Buffer.concat([decipher.update(Buffer.from(hash.content, 'hex')), decipher.final()]);

    return decrpyted.toString();
};

module.exports = {
    encrypt,
    decrypt
};

The following example illustrates how text data (strings, numbers, etc.) can be encrypted and decrypted using the functions above:

crpyto-text.js

const { encrypt, decrypt } = require('./crypto');

const hash = encrypt('Hello World!');

console.log(hash);

// {
//     iv: '237f306841bd23a418878792252ff6c8',
//     content: 'e2da5c6073dd978991d8c7cd'
// }

const text = decrypt(hash);

console.log(text); // Hello World!

Encrypt and decrypt buffers

By using the functions mentioned above, you can also encrypt and decrypt buffers. In place of the string, just move the buffer and it should work:

crpyto-buffer.js

const { encrypt, decrypt } = require('./crypto');

const hash = encrypt(Buffer.from('Hello World!', 'utf8'));

console.log(hash);

// {
//     iv: '692e44dbbea073fc1a8d1c37ea68dffa',
//     content: 'bbffd902d55d7a00f3a0504e'
// }

const text = decrypt(hash);

console.log(text); // Hello World! 

Encrypt and decrypt streams

By using the crypto module, you can also encrypt and decrypt streams, as seen in the following example:

crpyto-stream.js

const crypto = require('crypto');
const fs = require('fs');

const algorithm = 'aes-256-ctr';
const secretKey = 'vOVH6sdmpNWjRRIqCc7rdxs01lwHzfr3';
const iv = crypto.randomBytes(16);

// input file
const r = fs.createReadStream('file.txt');

// encrypt content
const encrypt = crypto.createCipheriv(algorithm, secretKey, iv);

// decrypt content
const decrypt = crypto.createDecipheriv(algorithm, secretKey, iv);

// write file
const w = fs.createWriteStream('file.out.txt');

// start pipe
r.pipe(encrypt)
    .pipe(decrypt)
    .pipe(w); 

Concluding remarks

In this blog , using the Node.js built-in crypto module, we investigated how to perform cryptographic operations on text, buffers, and streams. If you need to encrypt confidential data including secret keys before storing them in a folder, this is incredibly useful.