Javascript 如果secret作为文本vs变量传递，nodejs crypto hmac将生成不同的哈希_Javascript_Node.js_Hash_Node Webkit_Hmac

Javascript 如果secret作为文本vs变量传递，nodejs crypto hmac将生成不同的哈希

javascript node.js hash

Javascript 如果secret作为文本vs变量传递，nodejs crypto hmac将生成不同的哈希,javascript,node.js,hash,node-webkit,hmac,Javascript,Node.js,Hash,Node Webkit,Hmac,我试图使用nodejs的crypto库中的createHmac函数问题：当给定（看起来）相同的参数时，它会产生不同的散列。唯一的区别在于“secret”参数是字符串变量还是字符串文本以下SPA解决了这个问题。我正在使用nwjs（NodeWebKit）SDK V0.14.2在OS X El Cap上运行此代码感谢您的帮助和建议 index.html <!DOCTYPE html> <html> <head> <title>Context M

我试图使用nodejs的crypto库中的createHmac函数

问题：当给定（看起来）相同的参数时，它会产生不同的散列。唯一的区别在于“secret”参数是字符串变量还是字符串文本

以下SPA解决了这个问题。我正在使用nwjs（NodeWebKit）SDK V0.14.2在OS X El Cap上运行此代码

感谢您的帮助和建议

index.html

<!DOCTYPE html>
<html>
<head>
  <title>Context Menu</title>
  <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"
    rel="stylesheet" 
    integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" 
    crossorigin="anonymous">
</head>
<body style="width: 100%; height: 100%;">

<div id="wrapper">
</div>

<script   src="https://code.jquery.com/jquery-2.2.3.min.js"   
    integrity="sha256-a23g1Nt4dtEYOj7bR+vTu7+T8VP13humZFBJNIYoEJo="   
    crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js" 
    integrity="sha384-0mSbJDEHialfmuBBQP6A4Qrprq5OVfW37PRR3j5ELqxss1yVqOtnepnHVP9aJ7xS" 
    crossorigin="anonymous"></script>
<script type="text/javascript" src="./index.js"></script>
</body>
</html>

隔离一个问题，并为艰难但公平的人群写一个解释，这是一种纪律，它似乎总能自行解决问题

因此，我为这一“问与答”道歉。有了一个解决办法我就放心了

进一步的试验产生了以下见解：

通过将参数强制为单独的对象

secret=新字符串（…）

在节点的加密库中导致故障：

TypeError：不是缓冲区

这是一条线索

将用户输入转换为缓冲区后，再将其作为机密传递给createHmac，这将导致两个调用之间的行为一致

更新的js

var nodeCrypto = require('crypto');

var payload = 'twas brillig and the slithy toves did gyre and gimble in the wabe';

//
// simple UI to get a user-entered secret
// and echo the results.
// enter 'wibble' in input element to demo the problem to match hard coded literal
//
$('#wrapper').append (
    $('<div>').addClass('form-group')
        .append (
            $('<label>').attr('for','userinput').text('Tell me a secret:'),
            $('<input>').addClass('form-control').attr('type','text').attr('id','userinput')
        ),
    $('<p>').attr('id', 'hash'),
    $('<p>').attr('id', 'nash')
);

$('input').on('change', function (ev) {

    // compute hash based on user input
    var hash = nodeCrypto.createHmac ('sha256', $(this).val())
        .update (payload)
        .digest ('hex');            
    console.log ('hash: ' + hash);
    $('p[id=hash]').text('secret: ' + $(this).val() + ', hash: ' + hash);
    // logs hash: f7b4ae1aaa35b813571f00bca7c81d08176b56cb3a1d1f8c8ba95a17ba6f6f29
    // as long as user enters 'wibble'

    // compute hash based on string literal
    var nash = nodeCrypto.createHmac ('sha256', 'wibble')
                .update (payload)
                .digest ('hex');            
    console.log ('nash: ' + nash);
    $('p[id=nash]').text('secret: wibble, hash: ' + nash);
    // logs hash: c9592948b3de038c9aa339f94b61928de803417183a6c95b1829a04c69fe6bf6

});

// compute hash based on user input
    var secretStr = $(this).val();
    var hash = nodeCrypto.createHmac ('sha256', secretStr)
        .update (payload)
        .digest ('hex');            
    console.log ('hash: ' + hash);
    $('p[id=hash]').text('secret: ' + $(this).val() + ', hash: ' + hash);
    // logs hash: f7b4ae1aaa35b813571f00bca7c81d08176b56cb3a1d1f8c8ba95a17ba6f6f29
    // as long as user enters 'wibble'

    // compute hash based on string literal
    var nash = nodeCrypto.createHmac ('sha256', 'wibble')
        .update (payload)
        .digest ('hex');            
    console.log ('nash: ' + nash);
    $('p[id=nash]').text('secret: wibble, nash: ' + nash);
    // logs nash: c9592948b3de038c9aa339f94b61928de803417183a6c95b1829a04c69fe6bf6

    // compute hash based on Buffer initialised from user input
    var secretBuf = Buffer.from($(this).val());
    var mash = nodeCrypto.createHmac ('sha256', secretBuf)
        .update (payload)
        .digest ('hex');            
    console.log ('nash: ' + nash);
    $('p[id=mash]').text('secret: wibble, mash: ' + nash);
    // logs mash: c9592948b3de038c9aa339f94b61928de803417183a6c95b1829a04c69fe6bf6

// compute hash based on user input
    var secretStr = $(this).val();
    var hash = nodeCrypto.createHmac ('sha256', secretStr)
        .update (payload)
        .digest ('hex');            
    console.log ('hash: ' + hash);
    $('p[id=hash]').text('secret: ' + $(this).val() + ', hash: ' + hash);
    // logs hash: f7b4ae1aaa35b813571f00bca7c81d08176b56cb3a1d1f8c8ba95a17ba6f6f29
    // as long as user enters 'wibble'

    // compute hash based on string literal
    var nash = nodeCrypto.createHmac ('sha256', 'wibble')
        .update (payload)
        .digest ('hex');            
    console.log ('nash: ' + nash);
    $('p[id=nash]').text('secret: wibble, nash: ' + nash);
    // logs nash: c9592948b3de038c9aa339f94b61928de803417183a6c95b1829a04c69fe6bf6

    // compute hash based on Buffer initialised from user input
    var secretBuf = Buffer.from($(this).val());
    var mash = nodeCrypto.createHmac ('sha256', secretBuf)
        .update (payload)
        .digest ('hex');            
    console.log ('nash: ' + nash);
    $('p[id=mash]').text('secret: wibble, mash: ' + nash);
    // logs mash: c9592948b3de038c9aa339f94b61928de803417183a6c95b1829a04c69fe6bf6