Node.js cipher.setAAD() Method
The cipher.setAAD() method is used in Node.js to set the additional authenticated data (AAD) for an encrypt/decrypt stream. The AAD is a chunk of data that is authenticated but not encrypted. It is useful for sending data alongside an encrypted message that needs to be authenticated but does not need to be kept secret.
Syntax:
cipher.setAAD(aad[, options]);
Parameters: The cipher.setAAD() method takes two parameters:
- aad: A Buffer or TypedArray containing the additional authenticated data to set.
- options: (optional): An object containing options for setting the AAD. This object may include the plaintextLength property, which specifies the length of the plaintext data (in bytes) that will be encrypted.
Example 1: In the below example, the cipher.setAAD() method is used to set the additional authenticated data to authenticated but not encrypted data. When the data is encrypted, the AAD will be authenticated but not included in the encrypted output.
Javascript
const crypto = require( 'crypto' ); const iv = Buffer.alloc(16, 0); const key = Buffer.alloc(32, 1); const aad = Buffer.from( 'authenticated but not encrypted data' ); const cipher = crypto.createCipheriv( 'aes-256-gcm' , key, iv); cipher.setAAD(aad); const encrypted = cipher.update( 'some secret data' , 'utf8' , 'hex' ) + cipher.final( 'hex' ); console.log(encrypted); |
Output:
02c5112376449247c35e9c3cea4242fd
Example 2: This example creates a new cipher object using the aes-256-gcm algorithm, and sets some additional authenticated data (AAD) using the setAAD() method. It then encrypts some data and generates an authentication tag using the getAuthTag() method. This example uses the utf8 encoding for the input and output data, but you can use any of the supported encoding options (such as hex, base64, etc.) depending on your needs.
Javascript
const crypto = require( 'crypto' ); async function main() { // Generate a random key and iv const key = crypto.randomBytes(32); const iv = crypto.randomBytes(16); // Create a new cipher object const cipher = crypto.createCipheriv( 'aes-256-gcm' , key, iv); // Set the AAD (additional authenticated data) cipher.setAAD(Buffer.from( 'some additional data' )); // Encrypt some data const encrypted = cipher.update ( 'some data to encrypt' , 'utf8' , 'hex' ); encrypted += cipher.final( 'hex' ); // Generate the authentication tag const tag = cipher.getAuthTag(); // Create a new decipher object const decipher = crypto.createDecipheriv( 'aes-256-gcm' , key, iv); // Set the AAD and authentication tag decipher.setAAD(Buffer.from( 'some additional data' )); decipher.setAuthTag(tag); // Decrypt the data const decrypted = decipher.update(encrypted, 'hex' , 'utf8' ); decrypted += decipher.final( 'utf8' ); console.log(decrypted); } main(); |
Output:
some data to encrypt
Reference: https://nodejs.org/api/crypto.html