Javascript AES encryption

Javascript AES encryption

千笙结 发布于 2021-11-24 字数 78 浏览 897 回复 14 原文

Is there a library available for AES 256-bits encryption in Javascript?

如果你对这篇文章有疑问,欢迎到本站 社区 发帖提问或使用手Q扫描下方二维码加群参与讨论,获取更多帮助。



需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。


风苍溪 2022-06-07 14 楼

Here is the only solution that worked for me:

It's pretty basic, but simple to use and seems to work well.

べ映画 2022-06-07 13 楼

Another solution w/AES-256 support:

何其悲哀 2022-06-07 12 楼 library may be of some help.

迷鸟归林 2022-06-07 11 楼

If you are trying to use javascript to avoid using SSL, think again. There are many half-way measures, but only SSL provides secure communication. Javascript encryption libraries can help against a certain set of attacks, but not a true man-in-the-middle attack.

The following article explains how to attempt to create secure communication with javascript, and how to get it wrong:
Use JavaScript encryption module instead of SSL/HTTPS

Note: If you are looking for SSL for google app engine on a custom domain, take a look at

水中月 2022-06-07 10 楼

There is also a Stanford free lib as an alternative to Cryptojs

对岸观火 2022-06-07 9 楼

Try asmcrypto.js — it's really fast.

PS: I'm an author and I can answer your questions if any.
Also I'd be glad to get some feedback :)

猥︴琐丶欲为 2022-06-07 8 楼

Use CryptoJS

Here's the code:

And here's an online working example:

美羊羊 2022-06-07 7 楼

Judging from my own experience, asmcrypto.js provides the fastest AES implementation in JavaScript (especially in Firefox since it can fully leverage asm.js there).

From the readme:

SHA256: 51 MiB/s (9 times faster than SJCL and CryptoJS)
AES-CBC: 47 MiB/s (13 times faster than CryptoJS and 20 times faster than SJCL)

SHA256: 144 MiB/s (5 times faster than CryptoJS and 20 times faster than SJCL)
AES-CBC: 81 MiB/s (3 times faster than CryptoJS and 8 times faster than SJCL)

Edit: The Web Cryptography API is now implemented in most browsers and should be used as the primary solution if you care about performance. Be aware that IE11 implemented an earlier draft version of the standard which did not use promises.

Some examples can be found here:

素染倾城色 2022-06-07 6 楼

Recently I had the need to perform some encryption/decryption interoperability between javascript and python.


1) Using AES to encrypt in javascript and decrypt in python (Google App Engine)
2) Using RSA to encrypt in javascript and decrypt in python (Google App Engine)
3) Using pycrypto

I found lots and lots of different versions of RSA and AES floating around the web and
they were all different in their approach but I did not find a good example of end to end javascript and python interoperability.

Eventually I managed to cobble together something that suited my needs after a lot of trial and error.

Anyhow I knocked up an example of a js/webapp talking to a google app engine hosted python server that uses AES and public key and private key RSA stuff.

I though I'd include it here by link in case it will be of some use to others who need to accomplish the same thing.

and see demo at rsa-aes-demo DOT appspot DOT com

edit: look at the browser console output and also view source to get some hints and useful messages as to what's going on in the demo

edit: updated very old and defunct link to source to now point to

梦罢 2022-06-07 5 楼

This post is now old, but the crypto-js, may be now the most complete javascript encryption library.

CryptoJS is a collection of cryptographic algorithms implemented in JavaScript.
It includes the following cyphers: AES-128, AES-192, AES-256, DES, Triple DES, Rabbit, RC4, RC4Drop and hashers: MD5, RIPEMD-160, SHA-1, SHA-256, SHA-512, SHA-3 with 224, 256, 384, or 512 bits.

You may want to look at their Quick-start Guide which is also the reference for the following node.js port.

node-cryptojs-aes is a node.js port of crypto-js

无声静候 2022-06-07 4 楼

Googling "JavaScript AES" has found several examples. The first one that popped up is designed to explain the algorithm as well as provide a solution:

Movable Type Scripts: AES

家住魔仙堡 2022-06-07 3 楼

In my searches for AES encryption i found this from some Standford students. Claims to be fastest out there. Supports CCM, OCB, GCM and Block encryption.

最冷一天 2022-06-07 2 楼

Here's a demonstration page that uses slowAES.

slowAES was easy to use. Logically designed. Reasonable OO packaging. Supports knobs and levers like IV and Encryption mode. Good compatibility with .NET/C#. The name is tongue-in-cheek; it's called "slow AES" because it's not implemented in C++. But in my tests it was not impractically slow.

It lacks an ECB mode. Also lacks a CTR mode, although you could build one pretty easily given an ECB mode, I guess.

It is solely focused on encryption. A nice complementary class that does RFC2898-compliant password-based key derivation, in Javascript, is available from Anandam. This pair of libraries works well with the analogous .NET classes. Good interop. Though, in contrast to SlowAES, the Javascript PBKDF2 is noticeably slower than the Rfc2898DeriveBytes class when generating keys.

It's not surprising that technically there is good interop, but the key point for me was the model adopted by SlowAES is familiar and easy to use. I found some of the other Javascript libraries for AES to be hard to understand and use. For example, in some of them I couldn't find the place to set the IV, or the mode (CBC, ECB, etc). Things were not where I expected them to be. SlowAES was not like that. The properties were right where I expected them to be. It was easy for me to pick up, having been familiar with the Java and .NET crypto programming models.

Anandam's PBKDF2 was not quite on that level. It supported only a single call to DeriveBytes function, so if you need to derive both a key and an IV from a password, this library won't work, unchanged. Some slight modification, and it is working just fine for that purpose.

EDIT: I put together an example of packaging SlowAES and a modified version of Anandam's PBKDF2 into Windows Script Components. Using this AES with a password-derived key shows good interop with the .NET RijndaelManaged class.

EDIT2: the demo page shows how to use this AES encryption from a web page. Using the same inputs (iv, key, mode, etc) supported in .NET gives you good interop with the .NET Rijndael class. You can do a "view source" to get the javascript for that page.

a late addition: Javascript Cryptography considered harmful. Worth the read.

递刀给你 2022-06-07 1 楼

JSAES is a powerful implementation of AES in JavaScript.