encryption and decryption
1. bcryptjs encryption - can only encrypt, compare passwords, and cannot decrypt
- download
npm i bcryptjs
- Function: string encryption, the encrypted string cannot be deciphered, only can be compared.
- Pros: Encrypted characters cannot be decrypted
- Disadvantage: Encrypted characters cannot be decrypted.
- Used as domain: Sensitive information encryption, such as login password
- npm address: npm - https://www.npmjs.com/package/bcryptjs
src/utils/bcrypt.js
import bcryptjs from 'bcryptjs'//不可逆加密 bcryptjs
/**
* 不可逆加密 ,一旦加密不可解密,只可比对
* @param {String} txt 加密、比对的文本
* @param {String} hash 加密的哈希
* @param {String} type default:jia, [jia 加密 ,bi 比对密码] 操作类型
* @returns {[String|Boolear]} 返回值
*/
const cyj = (txt, hash, type = 'jia') => {
let res = null
// 比对
if (type === 'bi') {
if (!txt || !hash) {
throw '解密参数错误或缺少参数'
}
res = bcryptjs.compareSync(txt, hash)
} else {
if (!txt) {
throw '加密请传入明文'
}
// 加密
res = bcryptjs.hashSync(txt)
}
return res
}
export default cyj
encrypt with cyj
import cyj from './src/utils/bcrypt.js '
const pwd = '728637263我是隐私信息'
//加密
const jia = cyj(pwd)
console.log(jia)//$2a$10$BsXXaevfIG8Og7mKSF5qFu0vSugvJbYWyr3apz9BElCV254.SoIYe
console.log(cyj(pwd, jia, 'bi'))//true
console.log(cyj(pwd, '我是老6', 'bi'))//false
2. CryptoJS encryption and decryption - single key encryption
- download
npm i crypto-js
- Function: Encrypt and decrypt characters.
- Advantages: A key can encrypt and decrypt, just like a lock key, a key can both unlock and unlock
- Cons: I don't know about this
- npm address: https://www.npmjs.com/package/crypto-js
CryptoJS .js
import CryptoJS from 'crypto-js'// aes加解密
/**
* AES加密
* @param {String} originText 原始文本
* @param {String} key 密钥
* @returns
*/
const encryptAES = (originText, key) => {
if (originText) {
const encrypt = CryptoJS.AES.encrypt(originText, key)
return encrypt.toString()
}
return null
}
/**
* AES解密
* @param {String} ciphertext 加密文本
* @param {String} key 密钥
* @returns
*/
const decryptAES = (ciphertext, key) => {
if (ciphertext) {
const decrypted = CryptoJS.AES.decrypt(ciphertext, key).toString(CryptoJS.enc.Utf8)
return decrypted
}
return null
}
/**
* 创建AES密钥
* @param {Number} num defalut:10 生成几位数的key
* @returns {String} 返回密钥
*/
const createAESKey = (num = 10) => {
const library = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*+-./~=()[]{};:'?><,`";
let key = ""
for (var i = 0; i < num; i++) {
let randomPoz = Math.floor(Math.random() * library.length);
key += library.substring(randomPoz, randomPoz + 1);
}
return key
}
export {
decryptAES,
encryptAES,
createAESKey
}
Using CryptoJS
import {
decryptAES,
encryptAES,
createAESKey
} from './CryptoJS.js'
//获取key
const 钥匙 = createAESKey()
const 账号 = '我是老6'
const 加密 = encryptAES(账号, 钥匙)
const 比对 = decryptAES(加密, 钥匙)
console.log(加密)
console.log(比对)
3. JSEncrypt | RSA encryption - 2 keys
Note : jsencrypt can only be used on the front end, not on the back end
- download
npm i jsencrypt
- Function: encryption and decryption, there are 2 keys, a public key and a private key, the public key is responsible for encryption, and the private key is responsible for decryption.
- Advantages: There are 2 keys in the backend, a public key and a private key. Send the public key to the front end, the front end is responsible for encrypting the data, and the back end is responsible for decrypting the data with the private key. In this way, only the person holding the private key knows what the plaintext is.
- Cons: I don't know
- npm address: https://www.npmjs.com/package/jsencrypt
jsencrypt.js
import JSEncrypt from 'jsencrypt' // 引入jsencrypt库 RSA 加、解密
/**
* RSA 加、解密
* @param {String,default:'getkey',value:'encrypt 加密|decrypt 解密 | getkey 获取公私钥'} type 加解密类型
* @param {String} txt 加解密字符
* @param {String} key 密钥
* @returns {String} 返回加解密字符
*/
const rsa = (type = 'getkey', txt, key) => {
const jsencrypt = new JSEncrypt()
let resData = null
// 加密
if (type === 'encrypt') {
jsencrypt.setPublicKey(key)
resData = jsencrypt.encrypt(txt)
// 获取公私key
} else if (type === 'getkey') {
const prikey = jsencrypt.getPrivateKey()
const pubkey = jsencrypt.getPublicKey()
resData = {
prikey,
pubkey
}
// 解密
} else {
jsencrypt.setPrivateKey(key)
resData = jsencrypt.decrypt(txt)
}
return resData
}
export default rsa
use rsa encryption
import rsa from '. jsencrypt.js'
// 公、私钥
const {
prikey, pubkey } = rsa()
const 密码 = '我是老6'
const 加密 = rsa('encrypt', 密码, pubkey)
const 解密 = rsa('decrypt', 加密, prikey)
console.log(加密)
console.log(解密)
4. node-rsa - back-end RSA decryption (can be used with front-end jsencrypt)
Notice
- node-rsa can only be used on the backend
- jsencrypt can only be used on the front end
- Install
cnpm i node-rsa
node-rsa package
- This package is only available in the backend node environment, not the frontend.
- This package can be used together with the front-end jsencrypt , for example, the encrypted data of the front-end jsencrypt can be decrypted with this package.
servers/rsa.js
import NodeRSA from "node-rsa"
/**
* 后端node获取公、私钥
* keySize {Number} 生成私钥、密钥大小,与jsencrypt保持一致,默认1024
* @returns {Object} { pubkey,prikey} pubkey 公钥 | prikey私钥
*/
const nodeGetKey = (keySize = 1024) => {
const nodeKey = new NodeRSA({
b: keySize })
const pubkey = nodeKey.exportKey('public')
const prikey = nodeKey.exportKey('private')
return {
pubkey,
prikey
}
}
/**
* 后端node加密
* @param {String} txt 加密的文本
* @param {String} pubkey 公钥
* @returns {String} 返回加密的文本
*/
const nodeEncrypt = (txt, pubkey) => {
const nodeKey = new NodeRSA(pubkey)
nodeKey.setOptions({
encryptionScheme: 'pkcs1' })// 因为jsencrypt自身使用的是pkcs1加密方案, nodejs需要修改成pkcs1。
const encrypted = nodeKey.encrypt(txt, 'base64')
return encrypted
}
/**
* 后端node解密
* @param {String} hash 加密的文本
* @param {String} prikey 私钥
* @returns
*/
const nodeDecrypt = (hash, prikey) => {
const nodeKey = new NodeRSA(prikey)
nodeKey.setOptions({
encryptionScheme: 'pkcs1' }) // 因为jsencrypt自身使用的是pkcs1加密方案, nodejs需要修改成pkcs1。
const decrypted = nodeKey.decrypt(hash, 'utf8')
return decrypted
}
export {
nodeDecrypt,
nodeGetKey,
nodeEncrypt
}