encryption algorithm crypto
It's hard for me to imagine that md5 encryption in php is only a method of three characters, but it is so long before it is encapsulated in node.js! !
Encryption method that cannot be decompiled
Without further ado, let's go directly to the code tasting.
onst crypto = require('crypto');
function l(param) {
console.log(param);
}
const md5 = crypto.createHash('md5');//创建一个md5 hash算法
md5.update('aa');//添加要转化的值
md5.update('cc');//与前面的要转化的值进行拼接
l(md5.digest('hex'));//打印16进制的密文,
const sha1 = crypto.createHash('sha1');//创建一个sh1 hash算法
sha1.update('bbbb');
l(sha1.digest('hex'));
const hmac = crypto.createHmac('md5', 'key');//创建一个带秘钥的sha1或者md5算法
hmac.update('aacc');
l(hmac.digest('hex'));The final output is
aa794f68b4f6ae5e590e9ed34e94d639
8aed1322e5450badb078e1fb60a817a1df25a2ca
b03d8471e2c5f212289c3e2dcb95bd47 It
really outputs a bunch of hexadecimal characters, but it seems very troublesome to simply generate a ciphertext.
Generally used for password storage and login registration and other services
Decompiled encryption algorithm
//AES 对称加密算法的一种。
//创建加密算法
function aesEncode(data, key) {
const cipher = crypto.createCipher('aes192', key);
var crypted = cipher.update(data, 'utf8', 'hex');
crypted += cipher.final('hex');
return crypted;
}
//创建解密算法
function aesDecode(encrypted, key) {
const decipher = crypto.createDecipher('aes192', key);
var decrypted = decipher.update(encrypted, 'hex', 'utf8');
decrypted += decipher.final('utf8');
return decrypted;
}
var data = '我是一个大傻瓜';
var key = 'keykey';
l(aesEncode(data, key));
l(data);
l(aesDecode(aesEncode(data, key), key));The final output is
3094e920cf4208e9cf1b209d4be9a2f018541c70db89b4e4fdcf3bda12d3abc7
I am a big fool
I am a big fool
This word feels like it can be used for general ciphertext communication.
DH Negotiation Key Algorithm
Under http, it is really called someone else to capture the packet, and all the information will be leaked. Even if you use cipher text to communicate, you need a key to decode it. This key cannot be transmitted by thought or needs to be transmitted through the network, so There is still the possibility of being hacked again, so a magical secret key algorithm was created. Two machines only need to pass a few values to each other to know the final secret key, and even if these passed values are captured. Now, it is impossible to decipher the final key because the key values are only stored on the terminal and are not transmitted.
Okay on the code
//DH算法协商秘钥
/**
* 主动方使用的协商方法
* @returns array():say是要传达给被动方的三个数据 one是自己要用的一个数据
*/
function dhOneSay() {
var one = crypto.createDiffieHellman(512);
var one_key = one.generateKeys();
var prime = one.getPrime();
var generator = one.getGenerator();
var say = {
prime: prime, generator: generator, one_key: one_key
};
return [say, one];
}
/**
* 被动方使用的协商方法已经可以得到秘钥
* @param {prime: prime, generator: generoter, one_key: one_key} props
* @returns array() two_key是要返回给主动方的秘数,theSecret是计算出来的秘钥
*/
function dhTwoGetSay(props) {
var two = crypto.createDiffieHellman(props.prime, props.generator);
var two_key = two.generateKeys();
var theSecret = (two.computeSecret(props.one_key)).toString('hex');
return [ two_key, theSecret ];
}
/**
* 主动方收到被动方给予的秘钥后
* @param str two_key 被动方返回的密数
* @param str one 主动方最初的随机数
* @returns str 计算出来的秘钥
*/
function dhOneGet(two_key,one){
return (one.computeSecret(two_key)).toString('hex');
}
//主动方自己产生数据
var oneSay=dhOneSay();
//被动方接受主动方传过来的数据进行计算,产生握手数据和最终的秘钥
var twoGetSay=dhTwoGetSay(oneSay[0]);
//主动方接收到被动方传来的数据进行计算得到最终秘钥
var oneSecret=dhOneGet(twoGetSay[0],oneSay[1]);
//被动方的秘钥早已产生了直接读取
var twoSecret=twoGetSay[1];
l(oneSay);
l(twoGetSay);
l(oneSecret);
l(twoSecret);The end result is
[ { prime: <Buffer ca 7c 9c 21 0d 90 68 4e 69 0b 49 c0 77 0c 4e aa de 92 91 a7 ac 50 17 a4 c2 26 1c 9f a2 32 e0 8c 76 88 de d6 f0 83 5c cd f7 eb 3a 8a 51 49 70 11 93 d3 ... >,
generator: <Buffer 02>,
one_key: <Buffer 20 75 74 5d 50 6b 32 59 19 68 87 36 a3 0e 6e a8 6b db 2f c5 48 5d 21 9c 35 3b 3d ce 15 fe b0 65 2d ea e0 b3 49 80 34 33 f5 f9 c4 5b 77 bd bb f9 fe 31 ... > },
DiffieHellman { _handle: { verifyError: 0 }, verifyError: 0 } ]
[ <Buffer 47 46 86 88 b9 49 5f 6e 52 2a 26 9b c7 ce 5b d3 17 23 fa fa 6c 6d d1 9a 73 aa 8a e7 1a 16 7b 78 d5 40 85 00 da 29 8b 52 0e d5 a4 cb 37 72 49 e5 c5 26 ... >,
'91de86d30fae396603a64ef3f38f24f82d7d505c5f546f6c6ef2d14d7e77c2511744d76f8b26ff15d2870090620cd7339987806cc0b8519f39eb7b1fa63a0e7b' ]
91de86d30fae396603a64ef3f38f24f82d7d505c5f546f6c6ef2d14d7e77c2511744d76f8b26ff15d2870090620cd7339987806cc0b8519f39eb7b1fa63a0e7b
91de86d30fae396603a64ef3f38f24f82d7d505c5f546f6c6ef2d14d7e77c2511744d76f8b26ff15d2870090620cd7339987806cc0b8519f39eb7b1fa63a0e7bIt can be found that the values of the last two secret keys are exactly the same (the secret keys generated by each run are different, as long as the secret keys are the same, it means that they correspond), so that in order to strengthen the security of data interaction each time Before the important data is transmitted, a process of negotiating the secret key can be carried out first (you can save it after negotiation, or you can negotiate it again each time), and then take the negotiated secret key with a fixed number of bits as the key for aes encryption and decryption, which will be much safer. .