Node.js Crypto Module:

πŸ” Node.js – Crypto Module

The crypto module provides cryptographic functionality such as:

βœ” Hashing
βœ” Encryption/Decryption
βœ” HMAC
βœ” Random values
βœ” Key generation

Crypto is a built-in module β€” no installation needed.

const crypto = require("crypto");

⭐ 1. Hashing (MD5, SHA1, SHA256, SHA512)

Hashing is one-way encryption (cannot be reversed).

Example: SHA256 Hash

const crypto = require("crypto");

const hash = crypto.createHash("sha256")
.update("Hello Node.js")
.digest("hex");

console.log(hash);

⭐ 2. HMAC (Hash-based Message Authentication Code)

Used for API security, request signing, etc.

const crypto = require("crypto");

const hmac = crypto.createHmac("sha256", "secret-key")
.update("Hello Vipul")
.digest("hex");

console.log(hmac);

⭐ 3. Generate Random Bytes

Used to generate tokens, OTP, salts, etc.

crypto.randomBytes(16, (err, buffer) => {
console.log(buffer.toString("hex"));
});

⭐ 4. Generate Random UUID

console.log(crypto.randomUUID());

⭐ 5. Symmetric Encryption & Decryption (AES)

Uses same key for encryption & decryption.

Example: AES-256 Encryption

const crypto = require("crypto");

const algorithm = "aes-256-cbc";
const key = crypto.randomBytes(32);
const iv = crypto.randomBytes(16);

// Encrypt
function encrypt(text) {
const cipher = crypto.createCipheriv(algorithm, key, iv);
let encrypted = cipher.update(text, "utf8", "hex");
encrypted += cipher.final("hex");
return encrypted;
}

// Decrypt
function decrypt(encryptedText) {
const decipher = crypto.createDecipheriv(algorithm, key, iv);
let decrypted = decipher.update(encryptedText, "hex", "utf8");
decrypted += decipher.final("utf8");
return decrypted;
}

const encrypted = encrypt("Hello Node Crypto!");
console.log("Encrypted:", encrypted);

const decrypted = decrypt(encrypted);
console.log("Decrypted:", decrypted);

⭐ 6. Password Hashing with PBKDF2

Used for secure password storage.

crypto.pbkdf2("mypassword", "salt", 100000, 64, "sha512", (err, derivedKey) => {
console.log(derivedKey.toString("hex"));
});

⭐ 7. Key Pair (Public/Private) Generation

Used for RSA, JWT, HTTPS certificates.

crypto.generateKeyPair("rsa", {
modulusLength: 2048,
publicKeyEncoding: { type: "pkcs1", format: "pem" },
privateKeyEncoding: { type: "pkcs1", format: "pem" }
}, (err, publicKey, privateKey) => {
console.log("Public Key:", publicKey);
console.log("Private Key:", privateKey);
});

⭐ 8. Sign & Verify Data (RSA)

Sign data:

const sign = crypto.createSign("SHA256");
sign.update("Hello Vipul");
sign.end();

const signature = sign.sign(privateKey, "hex");
console.log(signature);

Verify signature:

const verify = crypto.createVerify("SHA256");
verify.update("Hello Vipul");
verify.end();

console.log(verify.verify(publicKey, signature, "hex"));

⭐ 9. Create Secure Hash for Passwords (Salt + Hash)

const salt = crypto.randomBytes(16).toString("hex");
const password = "admin123";

const hash = crypto.createHmac("sha512", salt)
.update(password)
.digest("hex");

console.log({ salt, hash });

⭐ 10. Check Supported Ciphers

console.log(crypto.getCiphers());

🎯 Usage of Crypto in Real Applications

βœ” Password hashing
βœ” JWT / OAuth security
βœ” Token generation
βœ” Encryption of sensitive data
βœ” SSL/HTTPS certificates
βœ” API authentication
βœ” Digital signatures

You may also like...