1. 首頁
  2. 問答
  3. Node.js Crypto類以更新的版本返回不同的結果

Node.js Crypto類以更新的版本返回不同的結果

2013-11-27 59 views
1

以下代碼爲單點登錄按鈕生成HTML輸出,並將其添加到頁面中。在節點版本0.5.x中,服務器在按鈕單擊時接受密鑰,但在升級到0.10.x後,密鑰不起作用併產生不同的輸出。沒有錯誤。加密類是否改變了?請注意,密鑰,網址和iv已被稍微更改以避免發佈安全信息,但長度正確。Node.js Crypto類以更新的版本返回不同的結果

var util = require('util'); 
var crypto = require('crypto'); 
var fs = require('fs'); 
var dateFormat = require('dateformat'); 


var AESCrypt = {}; 


AESCrypt.encrypt = function(cryptkey, iv, cleardata) { 

    var encipher = crypto.createCipheriv('aes-256-cbc', cryptkey, iv), 
     encryptdata = encipher.update(cleardata); 


    encryptdata += encipher.final('binary'); 

    encode_encryptdata = new Buffer(encryptdata, 'binary').toString('hex'); 
    return encode_encryptdata; 
} 


function getKey(email){ 
    var now = new Date(); 
    var key = new Buffer("F4553ECE8E0039675E8DA176D23BD82D455BB6272B574FDD6185296432CE1AD9",'hex'), 
    iv = new Buffer("D95897EA52A8A0C8DF231C8F2DBE59A7",'hex'), 
    key_bin = key.toString('binary'), 
    iv_bin = iv.toString('binary'), 
    text = new Buffer('mystring','ascii'), 
    text_bin = text.toString('binary'); 

    var enc = AESCrypt.encrypt(key_bin, iv_bin, text_bin); 

    var page = '<form method="POST" action="https://somedomain.com/AES.aspx"><input type="hidden" name="key" value="'+enc+'"/><input type="hidden" name="ouid" value="1"/><input type="submit" value="Log ine"/></form>'; 

    return page; 
} 

if(process.argv[2]) { 
    email = process.argv[2]; 
    console.log(getKey(email)); 
} 
else{ 
    console.log('Something may be wrong with your email address>') 
}

來源

2013-11-27 wdhilliard

+1

您是否嘗試過'Buffer.concat'代替+ =?我回答了另一個問題,「+ ='無法正常工作。 –

+0

你好,你已經試過了嗎? –

+0

對不起,是的,這工作 – wdhilliard

回答

3

看來 - 至少在以後的版本中的NodeJS - 這Buffer.concat()需要,而不是+=操作。

來源

2013-12-10 02:05:14

2

沃金代碼:

var crypto = require('crypto'); 
var ecr = function(str) 
{ 
    var cipher = crypto.createCipher('aes-256-cbc', 'passphase'); 
    var cryptedBuffers = [cipher.update(new Buffer(str))]; 
    cryptedBuffers.push(cipher.final()); 
    var crypted = Buffer.concat(cryptedBuffers); 
    return crypted; 
}; 
var dcr = function(str) 
{ 
    var dcipher = crypto.createDecipher('aes-256-cbc', 'passphase'); 

    var dcryptedBuffers = [dcipher.update(new Buffer(str))]; 
    dcryptedBuffers.push(dcipher.final()); 
    var dcrypted = Buffer.concat(dcryptedBuffers) 
     .toString('utf8'); 
    return dcrypted; 
}; 

console.log(dcr(ecr('hello test')));

來源

2013-12-13 01:33:45

相關問題

 相關問題