javascript 解密由 crypto.pbkdf2 对象创建的密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/24563847/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Decrypt Password Created by crypto.pbkdf2 Object
提问by yonatan
I have the following code in javascript, running on NodeJs:
我在 javascript 中有以下代码,在 NodeJs 上运行:
encryptPassword: function(password) {
if (!password || !this.salt) return '';
var salt = new Buffer(this.salt, 'base64');
return crypto.pbkdf2Sync(password, salt, 10000, 64).toString('base64');
}
How can I implement the decrypt function? It can be in java or in javascript.
如何实现解密功能?它可以在java或javascript中。
Thx!
谢谢!
回答by Gergo Erdosi
PBKDF2 is a one-way hashing algorithm. It's not possible to decrypt the generated hash. You can read more about this here.
PBKDF2 是一种单向哈希算法。无法解密生成的哈希。您可以在此处阅读更多相关信息。
A one way hash performs a bunch of mathematical operations that transform input into a (mostly) unique output, called a digest. Because these operations are one way, you cannot ‘decrypt' the output- you can't turn a digest into the original input.
单向哈希执行一系列数学运算,将输入转换为(主要是)唯一的输出,称为摘要。因为这些操作是一种方式,所以您不能“解密”输出——您不能将摘要转换为原始输入。
If you want to use PBKDF2 to store and compare passwords, you might be interested in the pbkdf2library. It makes generation and comparison of passwords easy:
如果您想使用 PBKDF2 来存储和比较密码,您可能对该pbkdf2库感兴趣。它使密码的生成和比较变得容易:
var pbkdf2 = require('pbkdf2');
var p = 'password';
var s = pbkdf2.generateSaltSync(32);
var pwd = pbkdf2.hashSync(p, s, 1, 20, 'sha256');
var bool = pbkdf2.compareSync(pwd, p, s, 1, 20, 'sha256');
