Open Atom Training Camp (Season 1) Brass Lock Detective: Based on the copper lock, the login password is encrypted at the front end to achieve privacy and data confidentiality

This article will tongsuoimplement the front-end encryption of user login passwords based on the copper lock ( ) open source basic password library, so as to achieve the confidentiality of front-end private data.

First of all, the Tongsuo cryptographic library is an open-source basic cryptographic library that provides modern cryptographic algorithms and secure communication protocols. It provides powerful capabilities in Chinese commercial cryptographic algorithms, such as SM2, SM3, SM4, and Zu Chongzhi. In addition, it also provides functions for cryptography such as international mainstream algorithms and same-stage encryption algorithms. For more detailed functions, please refer to the official documentation .

Next, I dockerwill implementUbuntu 20.04 the encryption of user login passwords in the environment, based on the container image, combined with .nodejs

install docker

First, please download and install docker. Click the link to go to the download address.

I am using a macOS system, so I choose the macOS version of docker here. Please select the corresponding version according to your own system.

After successfully installing docker, open your command line tool and execute the following command to create a docker container:

docker run -d -it --name tongsuolab ubuntu:20.04 bash

In the above code, an ubuntu20.04 container named tongsuolab is created, as shown in the figure below:

At this point, open the docker application, and you can also find it in the docker Containerspage :

Then, continue to execute the following command on the command line , into the docker container:

docker exec -it tongsuolab bash

At this point, you have successfully installed docker and successfully created a container.

Download Brass Lock Password Library

We will download the coworker cryptography library in the container. Because ubuntu has its own apt command, you can use the apt command to install the git command to download the copper lock password library, and compile it through the make command.

Now, let's update the package index first, execute the following command:

apt update

Then install git gcc, make, nodejs 开发工具:

apt install git gcc make -y

Now, we have the git tool installed. Therefore, you can use the git command to clone the code of the copper lock password library, and execute the following command:

git clone https://github.com/Tongsuo-Project/Tongsuo

Next, perform some configurations on the copper lock password library, enter Tongsuothe folder , and execute the following commands:

cd Tongsuo
./config --prefix=/opt/tongsuo enable-ntls enable-ssl-trace -Wl,-rpath,/opt/tongsuo/lib64
--debug

Finally, execute the following commands to compile and install:

make -j
make install

At this point, you have successfully installed the copper lock password library. You can also check the installation status with the following command:

ls -l /opt/tongsuo

And check the version of the copper lock password library through /opt/tongsuo/bin/tongsuo versionthe command :

Write front-end code

Install the development environment

In the front end, we will implement the encryption of user login passwords through nodejs. In this article, we will use both SM3 and SM4 for demonstration.

Since NodeJS is not installed in the ubuntu20.04 version, we also need to install it through the apt command, execute the following command:

apt install nodejs
node -v
v10.19.0
apt install npm
npm -v

However, the highest version of nodejs in ubuntu20.04 is limited 10.19.0, not the latest version. Therefore, we also need to update the version of nodejs.

Update the version of nodejs with the following command:

apt install curl

npm install n -g

n stable

When you execute n stablethe command , you will be promptedthe node command changed location and the old location may be remembered in your current shell.

It means that although the new version of nodejs is installed, the system still remembers the old version of nodejs.

At this time, you only need to execute the following command to switch to the new version of nodejs:

hash -r

At this point, you have successfully installed the environment required by the front end. However, we also need to edit the file, so we also need to install vimthe tool , execute the following command:

apt install vim

Write code

Now, let's start writing the code. To execute shell statements in the front end, it is generally more convenient to execute through a third-party dependency package, which is recommended here shelljs.

Now, create a folder webappcalled :

mkdir webapp

Next, go to webappthe folder , vimcreate and edit index.jsthe file :

vim index.js

At this time, index.js will be opened in the command line, and then we enter the following content:

In the above code, we can see that we use shelljs to perform sm3 and sm4 encryption of the copper lock password library. But now you can't run index.js, or you will report an error if you run it. Because we haven't installed the shelljsdependency .

Therefore, execute the following command to install under the webapp folder shelljs:

// 初始化 package.json 文件
npm init -y
// 安装 shelljs
npm install shelljs

After the installation is successful, we execute the following command in the webapp folder index.js:

node index.js

At this point, you will find the following results entered in the command line, indicating that we have successfully encrypted the user's login password with the help of the copper lock password library.