npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@webbuf/aesgcm

v3.8.0

Published

Rust/wasm optimized AES-GCM authenticated encryption for the web, node.js, deno, and bun.

Downloads

81

Readme

@webbuf/aesgcm

AES-GCM authenticated encryption, optimized with Rust/WASM.

AES-GCM is an AEAD cipher — it provides both confidentiality and integrity in a single operation (no separate MAC needed).

Installation

npm install @webbuf/aesgcm

Usage

import { aesgcmEncrypt, aesgcmDecrypt } from "@webbuf/aesgcm";
import { WebBuf } from "@webbuf/webbuf";
import { FixedBuf } from "@webbuf/fixedbuf";

const key = FixedBuf.fromRandom<32>(32); // AES-256
const plaintext = WebBuf.fromUtf8("Hello, AES-GCM!");

// Encrypt (nonce generated automatically)
const ciphertext = aesgcmEncrypt(plaintext, key);

// Decrypt (nonce extracted from ciphertext)
const decrypted = aesgcmDecrypt(ciphertext, key);
console.log(decrypted.toUtf8()); // "Hello, AES-GCM!"

Output Format

[12-byte nonce] + [ciphertext] + [16-byte auth tag]

The nonce is prepended automatically on encrypt and extracted automatically on decrypt.

API

| Function | Description | | -------------------------------------------------- | -------------------------- | | aesgcmEncrypt(plaintext, key, iv?, aad?): WebBuf | Encrypt and authenticate | | aesgcmDecrypt(ciphertext, key, aad?): WebBuf | Decrypt and verify the tag |

Parameters:

  • keyFixedBuf<16> (AES-128) or FixedBuf<32> (AES-256)
  • iv — optional FixedBuf<12> nonce (random if not provided)
  • aad — optional WebBuf of Additional Authenticated Data; defaults to empty (see below)

Authenticated context (AAD)

Both aesgcmEncrypt and aesgcmDecrypt accept an optional trailing aad parameter. AAD is authenticated by AES-GCM but not encrypted and not included in the output bytes — the recipient must supply the exact same AAD the sender used, or decryption fails with an authentication-tag error.

const aad = WebBuf.fromUtf8("protocol-v1:alice:bob");

// Sender binds context into the tag
const ciphertext = aesgcmEncrypt(plaintext, key, undefined, aad);

// Recipient must rebuild the same AAD bytes; mismatch throws.
const decrypted = aesgcmDecrypt(ciphertext, key, aad);

Use AAD to bind any context that should be inseparable from the message: protocol version, sender / recipient identity, message type, transcript state, sequence number — anything where mismatch should mean "this isn't the message I think it is."

Properties:

  • Backward-compatible. Calls with no aad argument behave identically to before (empty AAD is mathematically equivalent to no AAD in AES-GCM).
  • No wire-format change. Ciphertext length is unchanged; only the AES-GCM authentication tag changes when AAD is non-empty.
  • No key-schedule change. AAD enters the GHASH computation only, not the AES key.

This was added in issue 0006. The same aad? parameter is propagated through the post-quantum encryption packages @webbuf/aesgcm-mlkem and @webbuf/aesgcm-p256dh-mlkem.

License

MIT