Fullstack AES-GCM encryption-decryption in node.js and the client-side
TL;DR
You can find the fully workable gist code here.
AES(Advanced Encryption Standard) is a symmetric kind of cryptographic method which has different modes that you can read further here.
Without any further let’s get to the point. I wanted to encrypt some messages on the server side (Node.js) and send that encrypted message back to the client-side which can be pretty anything, e.g. React, Vue, Angular, vanilla JS, etc.
Since cryptographic stuff is sensitive, I wanted to do so using Native APIs that browser offers out of the box but I occurred some weird problems due to lack of enough resources for AES-GCM method, but finally I go the solution.
I think the code is expressive enough but the take away is line 30, which we should concatenate the encrypted and authentication tag together and passed it to the decrypt method of the subtle crypto API.
If you’ve got any question, I’m here to answer!!!
Good luck, Shahin.
