Skip to main content

Encrypt Text

Encrypts plain text using symmetric encryption algorithms (AES or 3DES), converting it into a secure cipher text format. The encrypted output is encoded as a hexadecimal string for safe storage and transmission.

Common Properties

  • Name - The custom name of the node.
  • Color - The custom color of the node.
  • Delay Before (sec) - Waits in seconds before executing the node.
  • Delay After (sec) - Waits in seconds after executing node.
  • Continue On Error - Automation will continue regardless of any error. The default value is false.
info

If the ContinueOnError property is true, no error is caught when the project is executed, even if a Catch node is used.

Inputs

  • Text - The plain text to encrypt. Can be any string value.
  • Key - The encryption key in hexadecimal format. Key length requirements:
    • AES: 16, 24, or 32 bytes (128, 192, or 256 bits)
    • 3DES: 24 bytes (192 bits)

Options

  • Encryption Algorithm - The encryption algorithm to use:
    • aes - Advanced Encryption Standard (recommended for most use cases)
    • 3Des - Triple Data Encryption Standard (legacy support)

Output

  • cipher_text - The encrypted text encoded as a hexadecimal string.

How It Works

The Encrypt Text node transforms plain text into encrypted cipher text using symmetric key encryption:

  1. Receives the plain text and hexadecimal encryption key
  2. Decodes the key from hexadecimal format
  3. Applies PKCS7 padding to the plain text to match block size requirements
  4. Encrypts the text using the selected algorithm:
    • AES: Uses ECB mode with block-by-block encryption
    • 3DES: Uses CBC mode with a random initialization vector (IV)
  5. Encodes the encrypted output as a hexadecimal string
  6. Returns the cipher text for storage or transmission

Example Usage

Basic AES Encryption

// Generate a 256-bit AES key (64 hex characters)
const key = "a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9d0e1f2";

// Encrypt sensitive data
const plainText = "Secret password: MyP@ssw0rd123";
// Use Encrypt Text node with the text and key
// Output: cipher_text = "3a7c2f1e4d9b8a6c5e7f2d1a4b9c8e7f3a6d2c5e8f1b4a7c9e2d5f8a1b4c7e"

Encrypting User Credentials

// Encrypt username and password before storing
const credentials = JSON.stringify({
  username: "john.doe@example.com",
  password: "SecurePass123!"
});

// Use Encrypt Text node
// Store the cipher_text in database or file

Encrypting API Keys

// Protect API keys in configuration
const apiKey = "sk_live_51H7yXKJD8E9pQ2R1vW3bN5mC7xT8zK4aF6gP1sL9hJ2dV0nM3cY8rB5wQ7tE";

// Use Encrypt Text node
// Save encrypted key to vault or config file

Requirements

  • Valid hexadecimal encryption key of appropriate length
  • Key must be securely generated and stored (use Generate Key node)
  • Same key required for decryption

Error Handling

The node will return errors in the following cases:

  • Invalid key format - Key is not valid hexadecimal
  • Invalid key length - Key length doesn't match algorithm requirements
  • Empty text input - No text provided to encrypt
  • Encryption failure - Internal encryption error occurred

Security Best Practices

  • Use AES over 3DES - AES is more secure and efficient for modern applications
  • Use 256-bit keys - For AES, prefer 256-bit keys (64 hex characters) for maximum security
  • Store keys in Vault - Never hardcode encryption keys in your flows
  • Generate random keys - Use the Generate Key node to create secure random keys
  • Rotate keys regularly - Change encryption keys periodically for sensitive data
  • Secure key transmission - Use secure channels when transferring keys between systems
  • Keep plaintext and ciphertext separate - Don't log or store plaintext alongside encrypted data

Common Use Cases

  • Password Storage - Encrypt passwords before database storage
  • Sensitive Data Protection - Encrypt PII, credit card numbers, or confidential information
  • Secure Configuration - Encrypt API keys and tokens in configuration files
  • Data Transmission - Encrypt data before sending over networks
  • Compliance - Meet encryption requirements for GDPR, HIPAA, PCI-DSS
  • File Content Encryption - Encrypt text content before writing to files

Tips for Effective Use

  • Always decrypt using the same algorithm that was used for encryption
  • Store the cipher text in a safe location or database
  • Consider using the File Encrypt node for encrypting entire files
  • Combine with hashing for data integrity verification
  • Use HMAC Signature node to ensure encrypted data hasn't been tampered with
  • Test encryption/decryption with sample data before production use
  • Decrypt Text - Decrypt cipher text encrypted by this node
  • Generate Key - Generate secure random encryption keys
  • Encrypt File - Encrypt entire files instead of text
  • HMAC Signature - Create authentication codes for encrypted data