Question

172

How to encrypt data that needs to be decrypted in node.js?

rated 0 times [ 176] [ 4] / answers: 1 / hits: 99637 / 13 Years ago, fri, august 5, 2011, 12:00:00

We are using bcrypt for hashing passwords and data that never needs to be decrypted. What should we do to protect other user information that does need to be decrypted?

For example, let's say that we didn't want a user's real name to be in plain text in case someone was to obtain access to the database. This is somewhat sensitive data but also needs to be called from time to time and displayed in plain text. Is there a simple way to do this?

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

haylie

Add To Favorites

Follow

Total Points: 26

Total Questions: 108

Total Answers: 104

Location: France

Member since Thu, Oct 27, 2022

2 Years ago

answered 13 Years ago collinisaaka · Accepted Answer

You can use the crypto module:

var crypto = require('crypto');

var assert = require('assert');



var algorithm = 'aes256'; // or any other algorithm supported by OpenSSL

var key = 'password';

var text = 'I love kittens';



var cipher = crypto.createCipher(algorithm, key);  

var encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex');

var decipher = crypto.createDecipher(algorithm, key);

var decrypted = decipher.update(encrypted, 'hex', 'utf8') + decipher.final('utf8');



assert.equal(decrypted, text);

Edit

Now createCipher and createDecipher is deprecated instead use createCipheriv and createDecipheriv