Node.js Crypto类返回更新版本的不同结果
下面的代码为添加到页面的单个登录按钮生成HTML输出。在节点版本0.5.x中,服务器在单击按钮时接受密钥,但升级到0.10.x后,密钥不起作用,并生成不同的输出。没有错误。加密类是否已更改?请注意,密钥、url和iv已稍微更改,以避免发布安全信息,但长度正确Node.js Crypto类返回更新版本的不同结果,node.js,cryptography,aes,Node.js,Cryptography,Aes,下面的代码为添加到页面的单个登录按钮生成HTML输出。在节点版本0.5.x中,服务器在单击按钮时接受密钥,但升级到0.10.x后,密钥不起作用,并生成不同的输出。没有错误。加密类是否已更改?请注意,密钥、url和iv已稍微更改,以避免发布安全信息,但长度正确 var util = require('util'); var crypto = require('crypto'); var fs = require('fs'); var dateFormat = require('dateformat
var util = require('util');
var crypto = require('crypto');
var fs = require('fs');
var dateFormat = require('dateformat');
var AESCrypt = {};
AESCrypt.encrypt = function(cryptkey, iv, cleardata) {
var encipher = crypto.createCipheriv('aes-256-cbc', cryptkey, iv),
encryptdata = encipher.update(cleardata);
encryptdata += encipher.final('binary');
encode_encryptdata = new Buffer(encryptdata, 'binary').toString('hex');
return encode_encryptdata;
}
function getKey(email){
var now = new Date();
var key = new Buffer("F4553ECE8E0039675E8DA176D23BD82D455BB6272B574FDD6185296432CE1AD9",'hex'),
iv = new Buffer("D95897EA52A8A0C8DF231C8F2DBE59A7",'hex'),
key_bin = key.toString('binary'),
iv_bin = iv.toString('binary'),
text = new Buffer('mystring','ascii'),
text_bin = text.toString('binary');
var enc = AESCrypt.encrypt(key_bin, iv_bin, text_bin);
var page = '<form method="POST" action="https://somedomain.com/AES.aspx"><input type="hidden" name="key" value="'+enc+'"/><input type="hidden" name="ouid" value="1"/><input type="submit" value="Log ine"/></form>';
return page;
}
if(process.argv[2]) {
email = process.argv[2];
console.log(getKey(email));
}
else{
console.log('Something may be wrong with your email address>')
}
var util=require('util');
var crypto=require('crypto');
var fs=需要('fs');
var dateFormat=require('dateFormat');
var AESCrypt={};
AESCrypt.encrypt=函数(cryptkey,iv,cleardata){
var encypher=crypto.createCipheriv('aes-256-cbc',cryptkey,iv),
encryptdata=加密更新(cleardata);
encryptdata+=encypher.final('binary');
encode_encryptdata=新缓冲区(encryptdata,'binary')。toString('hex');
返回编码数据;
}
功能getKey(电子邮件){
var now=新日期();
变量键=新缓冲区(“F4553ECE8E0039675E8DA176D23BD82D455BB6272B574FDD6185296432CE1AD9”,十六进制),
iv=新的缓冲区(“D95897EA52A8A0C8DF231C8F2DBE59A7”,“十六进制”),
key_bin=key.toString('binary'),
iv_bin=iv.toString(“二进制”),
text=新缓冲区('mystring','ascii'),
text_bin=text.toString('binary');
var enc=AESCrypt.encrypt(key\u bin、iv\u bin、text\u bin);
变量页=“”;
返回页面;
}
if(process.argv[2]){
email=process.argv[2];
console.log(getKey(email));
}
否则{
console.log('您的电子邮件地址可能有问题>')
}
至少对于NodeJS的更高版本,似乎需要使用缓冲区.concat()
而不是+=
运算符。工作代码:
var crypto = require('crypto');
var ecr = function(str)
{
var cipher = crypto.createCipher('aes-256-cbc', 'passphase');
var cryptedBuffers = [cipher.update(new Buffer(str))];
cryptedBuffers.push(cipher.final());
var crypted = Buffer.concat(cryptedBuffers);
return crypted;
};
var dcr = function(str)
{
var dcipher = crypto.createDecipher('aes-256-cbc', 'passphase');
var dcryptedBuffers = [dcipher.update(new Buffer(str))];
dcryptedBuffers.push(dcipher.final());
var dcrypted = Buffer.concat(dcryptedBuffers)
.toString('utf8');
return dcrypted;
};
console.log(dcr(ecr('hello test')));
您是否尝试过使用
Buffer.concat
而不是+=?我回答了另一个问题,+=
无法正常工作。您好,您已经尝试过了吗?对不起,是的,这很有效