Encryption Helpers
Encryption helpers provide functions to encrypt and decrypt sensitive data using AES-GCM with PBKDF2 key derivation.
WARNING
Encryption secures data content but has performance trade-offs compared to signing. It requires more CPU resources and processing time. For edge runtimes like Cloudflare Workers, ensure you have sufficient CPU time budget (recommend >200ms per request) for encryption operations.
ts
import { decrypt, encrypt } from '@orpc/server/helpers'
const secret = 'your-encryption-key'
const sensitiveData = '[email protected]'
const encryptedData = await encrypt(sensitiveData, secret)
// 'Rq7wF8...' (base64url encoded, unreadable)
const decryptedData = await decrypt(encryptedData, secret)
// '[email protected]'INFO
The decrypt helper accepts undefined or null as encrypted value and returns undefined for invalid inputs, enabling seamless handling of optional data.