AES encryption & decryption in Node.js

In this comprehensive guide, we will step through the process of implementing an AES encryption and decryption class in Node.js, ensuring your applications can also benefit from this level of security.

In the digital world, the Advanced Encryption Standard (AES) is a trustworthy ally, offering an essential layer of security for sensitive data. This robust encryption technique is utilized across various platforms to ensure that information remains confidential and protects against unauthorized access.


AES encryption in Node.js

Table of Contents


Setting up the Environment

Before diving into the code, ensure that your system is ready by installing Node.js and the ‘crypto’ module, which is built-in and does not require additional installation. This module provides cryptographic functionality that includes a set of wrappers for OpenSSL’s hash, HMAC, cipher, decipher, sign, and verify functions.


Implementing the Node.js Class

Let’s start by crafting a class called AESCipher, which will encapsulate methods for both encryption and decryption. The class will utilize AES-256-CBC encryption mode, which requires a 256-bit key and an initialization vector (IV).

class AESCipher {
  static encrypt(text, key, iv) {
    // Encryption process

  static decrypt(encryptedData, key, iv) {
    // Decryption process

The encrypt and decrypt static methods will accept text (or encrypted data), the encryption key, and the IV as parameters. For AES-256, the key must be 32 bytes and the IV must be 16 bytes long.

Full implementation of AESCipher Class

const { randomBytes, createCipheriv } = require('crypto');

class AESCipher {
  constructor() {
    this.key = randomBytes(32); // 256-bit key
    this.iv = randomBytes(16); // Initialization vector
  encrypt(text) {
    const cipher = createCipheriv('aes-256-cbc', this.key, this.iv);
    let encrypted = cipher.update(text, 'utf8', 'hex');
    encrypted +='hex');
    return encrypted;

  decrypt(encryptedData) {
    const decipher = createDecipheriv('aes-256-cbc', this.key, this.iv);
    let decrypted = decipher.update(encryptedData, 'hex', 'utf8');
    decrypted +='utf8');
    return decrypted;


  • Within the constructor of the AESCipher class, two vital properties come to life:
    • this.key: It obtains its identity as a 256-bit (32-byte) encryption key, generated randomly using the randomBytes function.
    • this.iv: Similarly, another property, this.iv, materializes as a 128-bit (16-byte) initialization vector (IV) randomly generated through the randomBytes function. The IV plays an integral role in ensuring the generation of a unique ciphertext for each encryption operation, even when handling identical plaintext.
  • To embark on encryption, the encrypt method of the AESCipher class takes a plaintext string as input. It proceeds to perform AES-256 CBC encryption on this input, harnessing the previously generated key and IV. The outcome emerges as the encrypted data, elegantly presented as a hexadecimal string.
  • To reverse the encryption process, the decrypt method of the AESCipher class takes an encrypted hexadecimal string as its input. It actively engages in AES-256 CBC decryption, leveraging the same key and IV. The final result is the decrypted plaintext, thoughtfully delivered in UTF-8 encoding.
  • One crucial improvement has been made to the code: The createDecipheriv function from the crypto module is utilized to instantaneously construct the decipher object for decryption. This enhancement ensures accuracy in the code’s execution.
  • To wrap up, here’s an example that shows how to use the AESCipher class to encrypt and decrypt messages, ensuring data security and confidentiality. This practical illustration highlights the code’s usefulness, providing a strong solution for implementing AES-256 encryption and decryption with randomly generated keys and IVs. This approach is essential for secure data handling in applications.

Encryption example Using the AESCipher class:

const myCipher = new AESCipher();
const text = 'Hello World!';
const encrypted = myCipher.encrypt(text);
console.log('Encrypted:', encrypted);


Decryption example Using the AESCipher class:

const decrypted = myCipher.decrypt(encrypted);
console.log('Decrypted:', decrypted);

Conclusive Summary

In summary, using the AES encryption standard in Node.js enhances data security, providing confidentiality and guarding against data breaches. Our AESCipher class simplifies the integration of AES-256-CBC encryption and decryption into your project. This encapsulation in a class promotes code reusability and simplifies maintenance. It’s crucial to securely manage your keys and IVs, as they play a pivotal role in the strength of your encryption.