Craig Bruce

End to End Browser Crypto

In my previous post on JavaScript crypto we looked at decrypting simple data in the browser using CryptoJS. In this post we will tackle a more complex end to end file encryption scenario, also taking a look at some nuances of the HTML5 File Api as we go.


First of all we need to get a file off the file system.

// create a key and initializationVector .. 
// this can be done by CryptoJS or your own server-side technology

const { key, iv } = await getKeyPerhapsFromServer();
const reader = new FileReader();
const file = document.getElementById('file-input').files[0]; // user selected file

reader.onload = (e) => {
  const encrypted = CryptoJS.AES.encrypt(
    //convert to a word array via CryptoJS. 'this' is the file reader, 'result' is the file.

    //our server generated key happens to be in Base64. 
    //We need to convert it to a word array
      iv: CryptoJS.enc.Base64.parse(iv)

  const blob = new Blob([encrypted], { type: file.type });


We need to call FileReader.readAsArrayBuffer as using any of the other string based variants will mess around with encoding when encrypting. I found this through much trial and error.

Then we just need to construct a new Blob with the encrypted result, assign it to our blob variable and upload it to the server.


When we download a file from the server we need to intercept it, decrypt the contents and then hand it off to the browser as though it is a normal file download.

const file = await getFileFromServer("url/to/file");
const { key, iv } = await getKeyPerhapsFromServer();

const decrypted = CryptoJS.AES.decrypt(
        iv: CryptoJS.enc.Base64.parse(iv)

//we need to jump through a hoop or two here
const blob = new Blob([new Uint8Array(toArrayBuffer(decrypted))], 
                        {type: file.mimeType});

const url = (window.webkitURL || window.URL).createObjectURL(blob);

// we'll bust out the yayQuery for brevity.
const a = $("<a>")
    .attr("id", id)
    .attr("download", filename)
    .attr("href", url)
    .attr("textContent", "Download ready")

(window.webkitURL || window.URL).revokeObjectURL(url);

There are a few things going on here:

  1. Download the encrypted content
  2. We need to decrypt using the same key and initialisation vector as when we encrypted
  3. We then create a new Blob where the contents are converted to a Uint8Array using CryptoJS functions
  4. The mime type is something we determined on upload and is stored on our server.
  5. We need to generate a Url via createObjectURL
  6. Then we are relying on an anchor tag with the download attribute from HTML5 to get a seamless download experience.
  7. Simulate a click and watch the decrypted file pop into your browser's download list.

That's it.