如何在浏览器端解密在 nodejs 加密库上加密的数据?
How to decryption data in browser side which is encrypted on nodejs crypto lib?
var express = require('express');
var router = express.Router();
var crypto = require('crypto');
/* GET home page. */
router.get('/', function(req, res) {
res.render('index', { title: 'Express' });
});
router.get('/data', function(req, res) {
var cipher = crypto.createCipher('aes256', 'pass');
var data = 'myMessage';
cipher.update(data, 'utf8','hex');
var cip = cipher.final('hex');
console.log("Encrypted data = " + cip); // output : Encrypted data = ac56181551e250293a60b19377583462
res.send(cip);
});
module.exports = router;
以上是我的node js代码...
请指导我如何在浏览器中解密 return 数据。我讨厌尝试以下操作,但它给出了一些错误的输出。
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
...
http.get('/data').success(function(en){
console.log('data = ' + en);
var decrypted = CryptoJS.AES.decrypt(en, "pass");
data = decrypted; // output : {"words":[1554796213,1611862464,1270695700,366896005,1827398142,-336097742,936488021,959734499],"sigBytes":-26}
});
我认为节点的 CryptoJS 与节点的加密模块不直接兼容。
所以最简单的方法就是两边都用CryptoJS。
var express = require('express');
var router = express.Router();
var CryptoJS = require('node-cryptojs-aes').CryptoJS;
/* GET home page. */
router.get('/', function(req, res) {
res.render('index', { title: 'Express' });
});
router.get('/data', function(req, res) {
var data = 'myMessage';
var cip = CryptoJS.AES.encrypt(data, "pass").toString();
console.log("Encrypted data = " + cip); // output : Encrypted data = U2FsdGVkX1/sgjVtKYMdH9lzLm3X48+kpS2eRToWlfM=
res.send();
});
module.exports = router;
并且在浏览器中你必须对解密的对象进行编码
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
...
http.get('/data').success(function(en){
console.log('data = ' + en);
var decrypted = CryptoJS.AES.decrypt(en, "pass");
data = CryptoJS.enc.Utf8.stringify(decrypted);
console.log( data ); // output : myMessage
});
顺便说一句:
一年前我写了一些小助手来在节点和浏览器之间进行编码和解码。
服务器:https://github.com/mpneuried/gmail-s3-diary/blob/master/_src/lib/json-aes.coffee
浏览器:https://github.com/mpneuried/gmail-s3-diary/blob/master/_src_template/js/lib/jsonaes.coffee
CryptoJS 支持与节点中的加密模块相同的 KDF 功能,但是当使用基于密码的加密调用时会生成随机盐,而节点根本不使用盐。其他参数相同:hash为MD5,只使用1次迭代
(未测试)代码:
var keySize = 256/32,
ivSize = 128/32,
key = CryptoJS.algo.EvpKDF.create({ keySize: keySize + ivSize })
.compute(password /*, salt*/);
// Separate key and IV
var iv = CryptoJS.lib.WordArray.create(key.words.slice(keySize), ivSize * 4);
key.sigBytes = keySize * 4;
// decrypt
var ct = CryptoJS.enc.Hex.parse(ciphertext),
decrypted = CryptoJS.AES.decrypt(ct, key, { iv: iv }),
data = CryptoJS.enc.Utf8.stringify(decrypted);
JSON对象节点和html
的加密解密
节点JS
var CryptoJS = require('node-cryptojs-aes').CryptoJS;
var data = {
"glossary": {
"title": "example glossary",
}
}
var cip = CryptoJS.AES.encrypt(JSON.stringify(data), "pass").toString();
console.log("Encrypted data = " + cip);
在浏览器端-
HTML
CDN-“https://cdn.jsdelivr.net/npm/crypto-js@3.1.9-1/crypto-js.js”
var decrypted = CryptoJS.AES.decrypt('U2FsdGVkX1/ps2tRPpM+5elyGhaT7zpp3YL45esS57GmSLoCkhcRdJDBGPUy uvt0tf4CY6lW2+kugXocBQkc6A==', "pass");
data = CryptoJS.enc.Utf8.stringify(decrypted)
console.log("decrypted", JSON.parse(data))
var express = require('express');
var router = express.Router();
var crypto = require('crypto');
/* GET home page. */
router.get('/', function(req, res) {
res.render('index', { title: 'Express' });
});
router.get('/data', function(req, res) {
var cipher = crypto.createCipher('aes256', 'pass');
var data = 'myMessage';
cipher.update(data, 'utf8','hex');
var cip = cipher.final('hex');
console.log("Encrypted data = " + cip); // output : Encrypted data = ac56181551e250293a60b19377583462
res.send(cip);
});
module.exports = router;
以上是我的node js代码...
请指导我如何在浏览器中解密 return 数据。我讨厌尝试以下操作,但它给出了一些错误的输出。
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
...
http.get('/data').success(function(en){
console.log('data = ' + en);
var decrypted = CryptoJS.AES.decrypt(en, "pass");
data = decrypted; // output : {"words":[1554796213,1611862464,1270695700,366896005,1827398142,-336097742,936488021,959734499],"sigBytes":-26}
});
我认为节点的 CryptoJS 与节点的加密模块不直接兼容。 所以最简单的方法就是两边都用CryptoJS。
var express = require('express');
var router = express.Router();
var CryptoJS = require('node-cryptojs-aes').CryptoJS;
/* GET home page. */
router.get('/', function(req, res) {
res.render('index', { title: 'Express' });
});
router.get('/data', function(req, res) {
var data = 'myMessage';
var cip = CryptoJS.AES.encrypt(data, "pass").toString();
console.log("Encrypted data = " + cip); // output : Encrypted data = U2FsdGVkX1/sgjVtKYMdH9lzLm3X48+kpS2eRToWlfM=
res.send();
});
module.exports = router;
并且在浏览器中你必须对解密的对象进行编码
<script src="http://crypto-js.googlecode.com/svn/tags/3.1.2/build/rollups/aes.js"></script>
...
http.get('/data').success(function(en){
console.log('data = ' + en);
var decrypted = CryptoJS.AES.decrypt(en, "pass");
data = CryptoJS.enc.Utf8.stringify(decrypted);
console.log( data ); // output : myMessage
});
顺便说一句:
一年前我写了一些小助手来在节点和浏览器之间进行编码和解码。
服务器:https://github.com/mpneuried/gmail-s3-diary/blob/master/_src/lib/json-aes.coffee
浏览器:https://github.com/mpneuried/gmail-s3-diary/blob/master/_src_template/js/lib/jsonaes.coffee
CryptoJS 支持与节点中的加密模块相同的 KDF 功能,但是当使用基于密码的加密调用时会生成随机盐,而节点根本不使用盐。其他参数相同:hash为MD5,只使用1次迭代
(未测试)代码:
var keySize = 256/32,
ivSize = 128/32,
key = CryptoJS.algo.EvpKDF.create({ keySize: keySize + ivSize })
.compute(password /*, salt*/);
// Separate key and IV
var iv = CryptoJS.lib.WordArray.create(key.words.slice(keySize), ivSize * 4);
key.sigBytes = keySize * 4;
// decrypt
var ct = CryptoJS.enc.Hex.parse(ciphertext),
decrypted = CryptoJS.AES.decrypt(ct, key, { iv: iv }),
data = CryptoJS.enc.Utf8.stringify(decrypted);
JSON对象节点和html
的加密解密节点JS
var CryptoJS = require('node-cryptojs-aes').CryptoJS;
var data = {
"glossary": {
"title": "example glossary",
}
}
var cip = CryptoJS.AES.encrypt(JSON.stringify(data), "pass").toString();
console.log("Encrypted data = " + cip);
在浏览器端- HTML CDN-“https://cdn.jsdelivr.net/npm/crypto-js@3.1.9-1/crypto-js.js”
var decrypted = CryptoJS.AES.decrypt('U2FsdGVkX1/ps2tRPpM+5elyGhaT7zpp3YL45esS57GmSLoCkhcRdJDBGPUy uvt0tf4CY6lW2+kugXocBQkc6A==', "pass");
data = CryptoJS.enc.Utf8.stringify(decrypted)
console.log("decrypted", JSON.parse(data))