kool79 · February 19, 2021 23:51 · Sep 19, 2017 · Sep 19, 2017 · Sep 19, 2017
diff --git a/demo.js → crypto-aes-256-gcm-demo.js b/demo.js → crypto-aes-256-gcm-demo.js
diff --git a/demo.js b/demo.js
@@ -0,0 +1,44 @@
+const buffer = require('buffer');
+const crypto = require('crypto');
+
+// Demo implementation of using `aes-256-gcm` with node.js's `crypto` lib.
+const aes256gcm = (key) => {
+  const ALGO = 'aes-256-gcm';
+
+  // encrypt returns base64-encoded ciphertext
+  const encrypt = (str) => {
+    // Hint: the `iv` should be unique (but not necessarily random).
+    // `randomBytes` here are (relatively) slow but convenient for
+    // demonstration.
+    const iv = new Buffer(crypto.randomBytes(16), 'utf8');
+    const cipher = crypto.createCipheriv(ALGO, key, iv);
+
+    // Hint: Larger inputs (it's GCM, after all!) should use the stream API
+    let enc = cipher.update(str, 'utf8', 'base64');
+    enc += cipher.final('base64');
+    return [enc, iv, cipher.getAuthTag()];
+  };
+
+  // decrypt decodes base64-encoded ciphertext into a utf8-encoded string
+  const decrypt = (enc, iv, authTag) => {
+    const decipher = crypto.createDecipheriv(ALGO, key, iv);
+    decipher.setAuthTag(authTag);
+    let str = decipher.update(enc, 'base64', 'utf8');
+    str += decipher.final('utf8');
+    return str;
+  };
+
+  return {
+    encrypt,
+    decrypt,
+  };
+};
+
+const KEY = new Buffer(crypto.randomBytes(32), 'utf8');
+
+const aesCipher = aes256gcm(KEY);
+
+const [encrypted, iv, authTag] = aesCipher.encrypt('hello, world');
+const decrypted = aesCipher.decrypt(encrypted, iv, authTag);
+
+console.log(decrypted); // 'hello, world'