Node.JS 使用 MD5 / ECB 和填充进行加密 w/PKCS7
Node.JS encrypt using MD5 / ECB and padding w/PKCS7
我在 VB.NET
中继承了一个数据库,该数据库具有使用以下函数 encrypt/decrypt 的密码
Public Shared Function EncryptString(ByVal Message As String, ByVal Passphrase As String) As String
Dim Results As Byte()
Dim UTF8 As System.Text.UTF8Encoding = New System.Text.UTF8Encoding()
Dim HashProvider As MD5CryptoServiceProvider = New MD5CryptoServiceProvider()
Dim TDESKey As Byte() = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase))
Dim TDESAlgorithm As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()
TDESAlgorithm.Key = TDESKey
TDESAlgorithm.Mode = CipherMode.ECB
TDESAlgorithm.Padding = PaddingMode.PKCS7
Dim DataToEncrypt As Byte() = UTF8.GetBytes(Message)
Dim Encryptor As ICryptoTransform = TDESAlgorithm.CreateEncryptor()
Results = Encryptor.TransformFinalBlock(DataToEncrypt, 0, DataToEncrypt.Length)
Return Convert.ToBase64String(Results)
End Function
Public Shared Function DecryptString(ByVal Message As String, ByVal Passphrase As String) As String
Dim Results As Byte()
Dim UTF8 As System.Text.UTF8Encoding = New System.Text.UTF8Encoding()
Dim HashProvider As MD5CryptoServiceProvider = New MD5CryptoServiceProvider()
Dim TDESKey As Byte() = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase))
Dim TDESAlgorithm As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()
TDESAlgorithm.Key = TDESKey
TDESAlgorithm.Mode = CipherMode.ECB
TDESAlgorithm.Padding = PaddingMode.PKCS7
Dim DataToDecrypt As Byte() = Convert.FromBase64String(Message)
Dim Decryptor As ICryptoTransform = TDESAlgorithm.CreateDecryptor()
Results = Decryptor.TransformFinalBlock(DataToDecrypt, 0, DataToDecrypt.Length)
Return UTF8.GetString(Results)
End Function
我很难加密数据以查询 SQL 服务器。
使用带有以下参数的 EncryptString 时:
Message = stack-overflow
Passphrase = Danielle
我得到:
1c2wL+guV34oyVS0vkxwVA==
我需要用node.js
做这个加密和解密
我试过了,但没用:
var crypto = require('crypto');
encrypt(text, paraphrase) {
const key =text;
const secret =paraphrase;
// Encryption
const cipher = crypto.createCipheriv("aes-192-ecb", Buffer.from(key, "base64"), null);
const encryptedSecret = cipher.update(secret, "utf8", "base64") + cipher.final("base64");
return(encryptedSecret);
};
我也尝试通过 npm 安装 MD5,但我也没有运气。
任何有关加密和解密的帮助将不胜感激。谢谢大家
为了使 NodeJS 代码与 VB 代码兼容,必须使用 TripleDES 而不是 AES。密钥必须使用 MD5 派生。由于 MD5 提供了一个 16 字节的密钥,因此在双长度密钥变体(2TDEA)中应用了 TripleDES,它将两个 DES 密钥 K1 和 K2 组合成一个 TripleDES 密钥 K1|K2|K1。一种可能的实现是:
var key16 = crypto.createHash('md5').update(passphrase).digest();
var cipher = crypto.createCipheriv("des-ede-ecb", key16, null);
var ciphertext = cipher.update(data, "utf8", "base64") + cipher.final("base64");
如果不支持des-ede-ecb
,可以使用des-ede3-ecb
作为替代。这在三倍长度密钥变体 (3TDEA) 中实现了 TripleDES,它将三个 DES 密钥 K1、K2 和 K3 组合成一个 TripleDES 密钥 K1|K2|K3。对于 K3 = K1 这相当于 2TDEA:
var key16 = crypto.createHash('md5').update(passphrase).digest();
var key24 = Buffer.concat([key16, key16.slice(0, 8)]);
var cipher = crypto.createCipheriv("des-ede3-ecb", key24, null);
请注意,ECB 是不安全的(最好是像 GCM 这样带有 IV 的模式),通过加密散列函数的密钥派生(更好是可靠的密钥派生函数,如 PBKDF2)和损坏的 MD5 本身(更好的是 SHA256)也是如此. TripleDES 已弃用且速度较慢(更好的 AES)。
编辑:
解密是完全模拟的,例如对于 2TDEA:
var key16 = crypto.createHash('md5').update(passphrase).digest();
var decipher = crypto.createDecipheriv("des-ede-ecb", key16, null);
var decrypted = decipher.update(ciphertext, "base64", "utf8") + decipher.final("utf8");
我在 VB.NET
中继承了一个数据库,该数据库具有使用以下函数 encrypt/decrypt 的密码Public Shared Function EncryptString(ByVal Message As String, ByVal Passphrase As String) As String
Dim Results As Byte()
Dim UTF8 As System.Text.UTF8Encoding = New System.Text.UTF8Encoding()
Dim HashProvider As MD5CryptoServiceProvider = New MD5CryptoServiceProvider()
Dim TDESKey As Byte() = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase))
Dim TDESAlgorithm As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()
TDESAlgorithm.Key = TDESKey
TDESAlgorithm.Mode = CipherMode.ECB
TDESAlgorithm.Padding = PaddingMode.PKCS7
Dim DataToEncrypt As Byte() = UTF8.GetBytes(Message)
Dim Encryptor As ICryptoTransform = TDESAlgorithm.CreateEncryptor()
Results = Encryptor.TransformFinalBlock(DataToEncrypt, 0, DataToEncrypt.Length)
Return Convert.ToBase64String(Results)
End Function
Public Shared Function DecryptString(ByVal Message As String, ByVal Passphrase As String) As String
Dim Results As Byte()
Dim UTF8 As System.Text.UTF8Encoding = New System.Text.UTF8Encoding()
Dim HashProvider As MD5CryptoServiceProvider = New MD5CryptoServiceProvider()
Dim TDESKey As Byte() = HashProvider.ComputeHash(UTF8.GetBytes(Passphrase))
Dim TDESAlgorithm As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()
TDESAlgorithm.Key = TDESKey
TDESAlgorithm.Mode = CipherMode.ECB
TDESAlgorithm.Padding = PaddingMode.PKCS7
Dim DataToDecrypt As Byte() = Convert.FromBase64String(Message)
Dim Decryptor As ICryptoTransform = TDESAlgorithm.CreateDecryptor()
Results = Decryptor.TransformFinalBlock(DataToDecrypt, 0, DataToDecrypt.Length)
Return UTF8.GetString(Results)
End Function
我很难加密数据以查询 SQL 服务器。
使用带有以下参数的 EncryptString 时:
Message = stack-overflow
Passphrase = Danielle
我得到:
1c2wL+guV34oyVS0vkxwVA==
我需要用node.js
做这个加密和解密我试过了,但没用:
var crypto = require('crypto');
encrypt(text, paraphrase) {
const key =text;
const secret =paraphrase;
// Encryption
const cipher = crypto.createCipheriv("aes-192-ecb", Buffer.from(key, "base64"), null);
const encryptedSecret = cipher.update(secret, "utf8", "base64") + cipher.final("base64");
return(encryptedSecret);
};
我也尝试通过 npm 安装 MD5,但我也没有运气。
任何有关加密和解密的帮助将不胜感激。谢谢大家
为了使 NodeJS 代码与 VB 代码兼容,必须使用 TripleDES 而不是 AES。密钥必须使用 MD5 派生。由于 MD5 提供了一个 16 字节的密钥,因此在双长度密钥变体(2TDEA)中应用了 TripleDES,它将两个 DES 密钥 K1 和 K2 组合成一个 TripleDES 密钥 K1|K2|K1。一种可能的实现是:
var key16 = crypto.createHash('md5').update(passphrase).digest();
var cipher = crypto.createCipheriv("des-ede-ecb", key16, null);
var ciphertext = cipher.update(data, "utf8", "base64") + cipher.final("base64");
如果不支持des-ede-ecb
,可以使用des-ede3-ecb
作为替代。这在三倍长度密钥变体 (3TDEA) 中实现了 TripleDES,它将三个 DES 密钥 K1、K2 和 K3 组合成一个 TripleDES 密钥 K1|K2|K3。对于 K3 = K1 这相当于 2TDEA:
var key16 = crypto.createHash('md5').update(passphrase).digest();
var key24 = Buffer.concat([key16, key16.slice(0, 8)]);
var cipher = crypto.createCipheriv("des-ede3-ecb", key24, null);
请注意,ECB 是不安全的(最好是像 GCM 这样带有 IV 的模式),通过加密散列函数的密钥派生(更好是可靠的密钥派生函数,如 PBKDF2)和损坏的 MD5 本身(更好的是 SHA256)也是如此. TripleDES 已弃用且速度较慢(更好的 AES)。
编辑:
解密是完全模拟的,例如对于 2TDEA:var key16 = crypto.createHash('md5').update(passphrase).digest();
var decipher = crypto.createDecipheriv("des-ede-ecb", key16, null);
var decrypted = decipher.update(ciphertext, "base64", "utf8") + decipher.final("utf8");