javascript 根据密码在javascript中生成RSA密钥对
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/11156275/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Generate RSA key pair in javascript, based on a password
提问by Sheldon Pinkman
As far as I understand, RSA keys are usually generated based on a (strong) random generator.
据我了解,RSA 密钥通常是基于(强)随机生成器生成的。
Instead, I want to create them based on a password.
相反,我想根据密码创建它们。
Or rather on its hash, for example sha512(sha512(password+salt)+password+pepper)
或者更确切地说,它的哈希值,例如 sha512(sha512(password+salt)+password+pepper)
This needs to be done client side, in JavaScript.
这需要在客户端用 JavaScript 完成。
Would anyone know how to do this? Is there an easy JavaScript library that creates RSA key pairs deterministically, based on a given input?
有谁知道如何做到这一点?是否有一个简单的 JavaScript 库可以根据给定的输入确定性地创建 RSA 密钥对?
(Actually, I'm mentioning RSA but any secure asymmetrical encryption would suffice, I just need public-private encryption)
(实际上,我指的是 RSA,但任何安全的非对称加密就足够了,我只需要公私加密)
Addition: I need this because I'm building some secure communication solution, that doesn't need to rely on the connection or even the server to be secure.
另外:我需要这个,因为我正在构建一些安全的通信解决方案,不需要依赖连接甚至服务器来保证安全。
I'm encrypting all content with AES using random keys, and the keys are RSA-encrypted. The idea is Alice can RSA-encrypt her content (or actually, the AES-key for her content) with Bob's public key (therefore Bob's public key must be stored online).
我使用随机密钥使用 AES 加密所有内容,并且密钥是 RSA 加密的。这个想法是 Alice 可以使用 Bob 的公钥(因此 Bob 的公钥必须在线存储)对她的内容(或者实际上是她内容的 AES 密钥)进行 RSA 加密。
Later, when Bob enters his password again, his browser can deterministically calculate his RSA private & public key on the spot, download the content from Alice, and decrypt it locally using his private key.
稍后,当 Bob 再次输入他的密码时,他的浏览器可以当场确定性地计算他的 RSA 私钥和公钥,从 Alice 那里下载内容,并使用他的私钥在本地解密。
回答by Eugene Mayevski 'Callback
回答by Eugene Mayevski 'Callback
I can not comment on my punctuationbut, but additional to what he said +Eugene_Mayevski_'EldoS
我不能评论我的标点符号,但除了他所说的+Eugene_Mayevski_'EldoS
for javascript pure: https://www.npmjs.com/package/cryptico
对于纯 javascript:https: //www.npmjs.com/package/cryptico
for nodejs: https://www.npmjs.com/package/crypticoyou need:
对于 nodejs:https://www.npmjs.com/package/cryptico你需要:
npm install cryptico
And add this line:
并添加这一行:
var cryptico = require("cryptico");
to create objects:
创建对象:
function cryptoObj(passPhrase)
{
this.bits = 1024; //2048;
this.passPhrase = passPhrase;
this.rsaKey = cryptico.generateRSAKey(this.passPhrase,this.bits);
this.rsaPublicKey = cryptico.publicKeyString(this.rsaKey);
this.encrypt = function(message){
var result = cryptico.encrypt(message,this.rsaPublicKey);
return result.cipher;
};
this.decrypt = function(message){
var result = cryptico.decrypt(message, this.rsaKey);
return result.plaintext;
};
}
console.log('---------------------------------------------------------');
var localEncryptor = new cryptoObj("XXyour secret txt or number hereXX");
var encryptedMessage = localEncryptor.encrypt('new message or json code here');
var decryptedMessage = localEncryptor.decrypt(encryptedMessage);
console.log('');
console.log('>>> Encrypted Message: '+encryptedMessage);
console.log('');
console.log('>>> Decrypted Message: '+decryptedMessage);
回答by Petey B
RSA keys are not just random bits like most symmetric algorithms, they are exponents and modulouses derived from large prime numbers. Therefore I do not see any reasonable way you could generate them from a password. See this wikipedia article.
RSA 密钥不仅仅是像大多数对称算法一样的随机位,它们是从大素数导出的指数和模数。因此,我看不出有任何合理的方式可以从密码中生成它们。请参阅此维基百科文章。
What are you using these key pairs for? Why must they be derived from a password? If you want to use a password to encrypt something, you could use a SHA256(password) to derive an AES256 key. (make sure to read up on key strengtheningif you are going to do this).
你用这些密钥对做什么?为什么它们必须来自密码?如果您想使用密码来加密某些东西,您可以使用 SHA256(password) 来派生 AES256 密钥。(如果你打算这样做,请务必阅读关键强化)。
