Node.js 和加密库
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4497135/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Node.js and crypto library
提问by Mike
I'm having weird issues with Node's crypto library. I wrote this simple AES testing script:
我在使用 Node 的加密库时遇到了奇怪的问题。我写了这个简单的 AES 测试脚本:
var cipher = crypto.createCipher('aes-256-cbc','InmbuvP6Z8')
var text = "123|123123123123123";
cipher.update(text,'utf8','hex')
var crypted = cipher.final('hex')
var decipher = crypto.createDecipher('aes-256-cbc','InmbuvP6Z8')
decipher.update(crypted,'hex','utf8')
var dec = decipher.final('utf8')
When I do console.log(dec), it's null. For some reason if I set test to "123|123123", it works. So why does "123|123123" work but "123|123123123123123" doesn't?
当我执行 console.log(dec) 时,它为空。出于某种原因,如果我将 test 设置为“123|123123”,它会起作用。那么为什么“123|123123”有效而“123|123123123123123”无效?
回答by RandomEtc
You need to store the return from cipher.update as well as cipher.final to be sure you have everything.
您需要存储 cipher.update 和 cipher.final 的返回,以确保您拥有一切。
cipher.update "returns the enciphered contents, and can be called many times with new data as it is streamed":
cipher.update“返回加密的内容,并且可以在流式传输时使用新数据多次调用”:
http://nodejs.org/docs/v0.2.5/api.html#cipher-update-247
http://nodejs.org/docs/v0.2.5/api.html#cipher-update-247
cipher.final "returns any remaining enciphered contents".
cipher.final “返回任何剩余的加密内容”。
I think you just append the results with each call like this:
我认为您只需像这样在每次调用时附加结果:
var crypto = require('crypto');
var cipher = crypto.createCipher('aes-256-cbc','InmbuvP6Z8');
var text = "123|123123123123123";
var crypted = cipher.update(text,'utf8','hex');
crypted += cipher.final('hex');
var decipher = crypto.createDecipher('aes-256-cbc','InmbuvP6Z8');
var dec = decipher.update(crypted,'hex','utf8');
dec += decipher.final('utf8');
I get '12443a347e8e5b46caba9f7afc93d71287fbf11169e8556c6bb9c51760d5c585' for crypted and '123|123123123123123' for dec in the above with node v0.2.5
我得到 '12443a347e8e5b46caba9f7afc93d71287fbf11169e8556c6bb9c51760d5c585' 表示加密,'123|123123123123123' 表示上面的 nodedec 中的 v.22
回答by Trevor Burnham
RandomEtc is correct, but just in case anyone stumbling on this question is using 'base64'as their encoding: Don't.Stick to 'hex'. At least as of 0.4.2, there's a bug that can result in corrupted data when 'base64'is used. See: https://github.com/joyent/node/issues/738/
RandomEtc 是正确的,但以防万一有人在这个问题上磕磕绊绊地使用'base64'作为他们的编码:不要。坚持'hex'。至少从 0.4.2 开始,存在一个'base64'使用时可能导致数据损坏的错误。见:https: //github.com/joyent/node/issues/738/
回答by wdhilliard
Please note that the +=operator will not work in later versions of node.js. Please follow the advice given in Node.js Crypto class returning different results with updated versionand use Buffer.concat()
请注意,该+=运算符在 node.js 的更高版本中将不起作用。请遵循Node.js Crypto 类中给出的建议,使用更新版本返回不同的结果并使用Buffer.concat()
