cryptojs (crypto-js) – Encryption and hashing with JavaScript

What is cryptojs?

cryptojs is a library in javascript complete with cryptographic functions including encryption, decryption, and hashing functions. crypto-js is licensed under the MIT license. This library’s purpose is to perform cryptographic operations in an easy-to-use syntax, providing functions for you instead of writing vanilla JavaScript code to perform the same functionality.

crypto-js/hmac-sha256

An HMAC is a message authentication code that uses a hash algorithm. In this example, an HMAC is demonstrated using the sha256 algorithm, but any supported algorithm will work.

var hmac = CryptoJS.HmacSHA256("message", "secretkey");

cryptojs aes encrypt

AES (Advanced Encryption Standard) is a popular symmetric encryption algorithm that uses a shared secret key for both encryption and decryption. The example demonstrates AES encryption with a shared secret key “secretkey”.

function encryptWithSecretOnly() {
   var encrypted = CryptoJS.AES.encrypt("plain text", "secretkey");
}

cryptojs aes decrypt

The example demonstrates the decryption of the previously encrypted data, using the shared secret key “secretkey”.

function decrypt() {
  var encrypted = CryptoJS.AES.encrypt("plain text", "secretkey");
  var bytes  = CryptoJS.AES.decrypt(encrypted, "secretkey");
  var decrypted = bytes.toString(CryptoJS.enc.Utf8);
}

crypto-js hashing algorithm examples

See https://csrc.nist.gov/projects/hash-functions for a more in-depth analysis of the hashing algorithms before making a choice on which algorithm you should use. The following examples will demonstrate how to perform hashing operations in a simple manner.

cryptojs sha1

SHA1 is a secure hash algorithm that produces a 160 bit output. SHA1 has recently been deemed not secure, and members of the SHA2 family are recommended for cryptographic hashing.

var sha1 = CryptoJS.SHA1(document.getElementById("password").value);

cryptojs sha256

It generates a 32-byte output and is one of the more commonly used hashing algorithms today.

var sha256 = CryptoJS.SHA256(document.getElementById("password").value);

cryptojs sha224

While meeting the security requirement for 112-bits of security, it is 32 bits shorter than SHA256.

var sha224 = CryptoJS.SHA224(document.getElementById("password").value);

cryptojs sha512

Produces 512 bits of output and is probably overkill in the near future.

var sha512 = CryptoJS.SHA512(document.getElementById("password").value);

cryptojs sha384

Useful to generating a 256-bit HMAC key and 128-bit encryption key.

var sha384 = CryptoJS.SHA384(document.getElementById("password").value);

cryptojs sha3

SHA3 is not meant to replace SHA2 but is merely an additional tool in the NIST toolkit.

var sha3 = CryptoJS.SHA3(document.getElementById("password").value);

cryptojs ripemd160

Considered a robust algorithm and alternative to the SHA family.

var ripemd160 = CryptoJS.RIPEMD160(document.getElementById("password").value);

cryptojs md5

MD5 was once one of the more popular hashing algorithms, but has many vulnerabilities and is not recommended today.

var md5 = CryptoJS.MD5(document.getElementById("password").value);

How to install crypto-js with npm

To install, run the following command:

npm install crypto-js

The library may also be used by including the source in a script tag. The sources can be found in the Cloudfare CDN.

jsfiddle examples

The following examples will provide for how to perform encryption and hashing with the library in a simple manner.

jsfiddle cryptojs aes encryption and decryption example

jsfiddle crypto-js hashing algorithm examples

Conclusion

This article covered encryption and hashing with javascript, specifically the crypto js library. Let us know in the comments if you would like to see additional hashing or encryption examples. Head over to our article on encryption vs hashing vs salting for a more in-depth approach to each operation. Have fun coding crypto with JavaScript! Happy Coding!

Read more of our content.