What is cryptojs?
cryptojs is a library in javascript complete with cryptographic functions including encryption, decryption, and hashing functions. crypto-js is licensed under the MIT license. This library’s purpose is to perform cryptographic operations in an easy-to-use syntax, providing functions for you instead of writing vanilla JavaScript code to perform the same functionality.
crypto-js/hmac-sha256
An HMAC is a message authentication code that uses a hash algorithm. In this example, an HMAC is demonstrated using the sha256 algorithm, but any supported algorithm will work.
var hmac = CryptoJS.HmacSHA256("message", "secretkey");
cryptojs aes encrypt
AES (Advanced Encryption Standard) is a popular symmetric encryption algorithm that uses a shared secret key for both encryption and decryption. The example demonstrates AES encryption with a shared secret key “secretkey”.
function encryptWithSecretOnly() {
var encrypted = CryptoJS.AES.encrypt("plain text", "secretkey");
}
cryptojs aes decrypt
The example demonstrates the decryption of the previously encrypted data, using the shared secret key “secretkey”.
function decrypt() {
var encrypted = CryptoJS.AES.encrypt("plain text", "secretkey");
var bytes = CryptoJS.AES.decrypt(encrypted, "secretkey");
var decrypted = bytes.toString(CryptoJS.enc.Utf8);
}
crypto-js hashing algorithm examples
See https://csrc.nist.gov/projects/hash-functions for a more in-depth analysis of the hashing algorithms before making a choice on which algorithm you should use. The following examples will demonstrate how to perform hashing operations in a simple manner.
cryptojs sha1
SHA1 is a secure hash algorithm that produces a 160 bit output. SHA1 has recently been deemed not secure, and members of the SHA2 family are recommended for cryptographic hashing.
var sha1 = CryptoJS.SHA1(document.getElementById("password").value);
cryptojs sha256
It generates a 32-byte output and is one of the more commonly used hashing algorithms today.
var sha256 = CryptoJS.SHA256(document.getElementById("password").value);
cryptojs sha224
While meeting the security requirement for 112-bits of security, it is 32 bits shorter than SHA256.
var sha224 = CryptoJS.SHA224(document.getElementById("password").value);
cryptojs sha512
Produces 512 bits of output and is probably overkill in the near future.
var sha512 = CryptoJS.SHA512(document.getElementById("password").value);
cryptojs sha384
Useful to generating a 256-bit HMAC key and 128-bit encryption key.
var sha384 = CryptoJS.SHA384(document.getElementById("password").value);
cryptojs sha3
SHA3 is not meant to replace SHA2 but is merely an additional tool in the NIST toolkit.
var sha3 = CryptoJS.SHA3(document.getElementById("password").value);
cryptojs ripemd160
Considered a robust algorithm and alternative to the SHA family.
var ripemd160 = CryptoJS.RIPEMD160(document.getElementById("password").value);
cryptojs md5
MD5 was once one of the more popular hashing algorithms, but has many vulnerabilities and is not recommended today.
var md5 = CryptoJS.MD5(document.getElementById("password").value);
How to install crypto-js with npm
To install, run the following command:
npm install crypto-js
The library may also be used by including the source in a script tag. The sources can be found in the Cloudfare CDN.
jsfiddle examples
The following examples will provide for how to perform encryption and hashing with the library in a simple manner.
jsfiddle cryptojs aes encryption and decryption example
jsfiddle crypto-js hashing algorithm examples
Conclusion
This article covered encryption and hashing with javascript, specifically the crypto js library. Let us know in the comments if you would like to see additional hashing or encryption examples. Head over to our article on encryption vs hashing vs salting for a more in-depth approach to each operation. Have fun coding crypto with JavaScript! Happy Coding!
Leave a Reply