1
以下代碼爲單點登錄按鈕生成HTML輸出,並將其添加到頁面中。在節點版本0.5.x中,服務器在按鈕單擊時接受密鑰,但在升級到0.10.x後,密鑰不起作用併產生不同的輸出。沒有錯誤。加密類是否改變了?請注意,密鑰,網址和iv已被稍微更改以避免發佈安全信息,但長度正確。Node.js Crypto類以更新的版本返回不同的結果
var util = require('util');
var crypto = require('crypto');
var fs = require('fs');
var dateFormat = require('dateformat');
var AESCrypt = {};
AESCrypt.encrypt = function(cryptkey, iv, cleardata) {
var encipher = crypto.createCipheriv('aes-256-cbc', cryptkey, iv),
encryptdata = encipher.update(cleardata);
encryptdata += encipher.final('binary');
encode_encryptdata = new Buffer(encryptdata, 'binary').toString('hex');
return encode_encryptdata;
}
function getKey(email){
var now = new Date();
var key = new Buffer("F4553ECE8E0039675E8DA176D23BD82D455BB6272B574FDD6185296432CE1AD9",'hex'),
iv = new Buffer("D95897EA52A8A0C8DF231C8F2DBE59A7",'hex'),
key_bin = key.toString('binary'),
iv_bin = iv.toString('binary'),
text = new Buffer('mystring','ascii'),
text_bin = text.toString('binary');
var enc = AESCrypt.encrypt(key_bin, iv_bin, text_bin);
var page = '<form method="POST" action="https://somedomain.com/AES.aspx"><input type="hidden" name="key" value="'+enc+'"/><input type="hidden" name="ouid" value="1"/><input type="submit" value="Log ine"/></form>';
return page;
}
if(process.argv[2]) {
email = process.argv[2];
console.log(getKey(email));
}
else{
console.log('Something may be wrong with your email address>')
}
您是否嘗試過'Buffer.concat'代替+ =?我回答了另一個問題,「+ ='無法正常工作。 –
你好,你已經試過了嗎? –
對不起,是的,這工作 – wdhilliard