Community Snippets / admin / Web Crypto — AES-GCM Encrypt & Decrypt
JavaScript

Web Crypto — AES-GCM Encrypt & Decrypt

by @admin
9h ago
Apr 28, 2026
Public
Encrypts and decrypts text using AES-GCM (256-bit) via the browser's native Web Crypto API — no external library needed. A random 96-bit IV is generated per encryption and prepended to the output so decryption can recover it. Suitable for encrypting sensitive data client-side before storage.
JavaScript 
const enc = new TextEncoder();
const dec = new TextDecoder();

async function deriveKey(password) {
  const raw = await crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, ['deriveKey']);
  return crypto.subtle.deriveKey(
    { name: 'PBKDF2', salt: enc.encode('savesnippets-salt'), iterations: 100_000, hash: 'SHA-256' },
    raw, { name: 'AES-GCM', length: 256 }, false, ['encrypt', 'decrypt']
  );
}

async function encrypt(plaintext, password) {
  const key = await deriveKey(password);
  const iv  = crypto.getRandomValues(new Uint8Array(12));
  const ct  = await crypto.subtle.encrypt({ name: 'AES-GCM', iv }, key, enc.encode(plaintext));
  const out = new Uint8Array(iv.byteLength + ct.byteLength);
  out.set(iv); out.set(new Uint8Array(ct), iv.byteLength);
  return btoa(String.fromCharCode(...out));
}

async function decrypt(ciphertext, password) {
  const key  = await deriveKey(password);
  const data = Uint8Array.from(atob(ciphertext), (c) => c.charCodeAt(0));
  const iv   = data.slice(0, 12);
  const ct   = data.slice(12);
  const pt   = await crypto.subtle.decrypt({ name: 'AES-GCM', iv }, key, ct);
  return dec.decode(pt);
}

// Usage
const token = await encrypt('super secret', 'myPassword');
console.log(await decrypt(token, 'myPassword')); // 'super secret'
Tags
crypto security encryption webcrypto

Save your own code snippets

Create a free account and build your private vault. Share publicly whenever you want.

Get Started Free Sign In