You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
136 lines
3.8 KiB
136 lines
3.8 KiB
2 years ago
|
/**
|
||
|
* 加密
|
||
|
* */
|
||
|
const crypto = require('crypto');
|
||
|
|
||
|
/**
|
||
|
* 配置文件
|
||
|
* */
|
||
|
const CFG = global.cfg ? global.cfg.encryption : require('../../config/default.config')
|
||
|
/**
|
||
|
* 加密算法
|
||
|
* */
|
||
|
|
||
|
// 不可逆加密
|
||
|
const MD5 = "md5" // 32位
|
||
|
, SHA256 = 'sha256' // 64位
|
||
|
, SHA512 = 'sha512' // 128位
|
||
|
// 可逆加密
|
||
|
const AES128 = 'aes-128-cbc'
|
||
|
, AES256 = 'aes-256-gcm'
|
||
|
|
||
|
// vi
|
||
|
// ase-128-cbc 加密算法要求key和iv长度都为16
|
||
|
// const key = Buffer.from('9vApxLk5G3PAsJrM', 'utf8');
|
||
|
// const iv = Buffer.from('FnJL7EDzjqWjcaY9', 'utf8');
|
||
|
|
||
|
// const key = crypto.randomBytes(32); // 256 位的共享密钥
|
||
|
// const iv = crypto.randomBytes(16); // 初始向量,16 字节
|
||
|
const key = Buffer.from(HASH(CFG.encryption.secretKey, MD5).slice(0, 16), 'utf8');
|
||
|
const iv = Buffer.from(HASH(CFG.encryption.salt, MD5).slice(0, 16), 'utf8');
|
||
|
|
||
|
/**
|
||
|
* 不可逆加密
|
||
|
* */
|
||
|
function HASH(plaintext, algorithm = SHA512) {
|
||
|
const sha512 = crypto.createHash(algorithm)
|
||
|
const sha512Sum = sha512.update(plaintext + CFG.encryption.salt)
|
||
|
const ciphertext = sha512Sum.digest('hex')
|
||
|
return ciphertext
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* 可逆加密
|
||
|
* */
|
||
|
// 加密
|
||
|
|
||
|
// 加密
|
||
|
function encrypt(plaintext, algorithm = AES128) {
|
||
|
const cipher = crypto.createCipheriv(algorithm, key, iv); // 初始化加密算法
|
||
|
let ciphertext = cipher.update(plaintext, 'utf8', 'hex');
|
||
|
ciphertext += cipher.final('hex');
|
||
|
// return {
|
||
|
// ciphertext,
|
||
|
// tag : cipher.getAuthTag()
|
||
|
// };
|
||
|
return ciphertext
|
||
|
}
|
||
|
|
||
|
// 解密
|
||
|
function decrypt(ciphertext, algorithm = AES128) {
|
||
|
let plaintext = '';
|
||
|
const cipher = crypto.createDecipheriv(algorithm, key, iv);
|
||
|
plaintext += cipher.update(ciphertext, 'hex', 'utf8');
|
||
|
plaintext += cipher.final('utf8');
|
||
|
return plaintext;
|
||
|
}
|
||
|
|
||
|
// const a = 'i love u!'
|
||
|
// const b = encrypt(a)
|
||
|
// const c = decrypt(b)
|
||
|
// console.log(a, b, c);
|
||
|
// aes128()
|
||
|
// aes256()
|
||
|
|
||
|
function aes256(){
|
||
|
'use strict';
|
||
|
|
||
|
const crypto = require('crypto');
|
||
|
|
||
|
// 初始化参数
|
||
|
const text = 'Encryption Testing AES GCM mode'; // 要加密和解密的数据
|
||
|
const key = crypto.randomBytes(32); // 256 位的共享密钥
|
||
|
const iv = crypto.randomBytes(16); // 初始向量,16 字节
|
||
|
const algorithm = 'aes-256-gcm'; // 加密算法和操作模式
|
||
|
|
||
|
// 加密
|
||
|
const cipher = crypto.createCipheriv(algorithm, key, iv); // 初始化加密算法
|
||
|
let encrypted = cipher.update(text, 'utf8', 'hex');
|
||
|
encrypted += cipher.final('hex');
|
||
|
const tag = cipher.getAuthTag(); // 生成标签,用于验证密文的来源
|
||
|
|
||
|
// 解密
|
||
|
const decipher = crypto.createDecipheriv(algorithm, key, iv); // 初始化解密算法
|
||
|
decipher.setAuthTag(tag); // 传入验证标签,验证密文的来源
|
||
|
let decrypted = decipher.update(encrypted, 'hex', 'utf8');
|
||
|
decrypted += decipher.final('utf8');
|
||
|
|
||
|
console.log(decrypted); // Encryption Testing AES GCM mode
|
||
|
|
||
|
}
|
||
|
function aes128(){
|
||
|
// 加密
|
||
|
function genSign(src, key, iv) {
|
||
|
let sign = '';
|
||
|
const cipher = crypto.createCipheriv('aes-128-cbc', key, iv);
|
||
|
sign += cipher.update(src, 'utf8', 'hex');
|
||
|
sign += cipher.final('hex');
|
||
|
return sign;
|
||
|
}
|
||
|
|
||
|
// 解密
|
||
|
function deSign(sign, key, iv) {
|
||
|
let src = '';
|
||
|
const cipher = crypto.createDecipheriv('aes-128-cbc', key, iv);
|
||
|
src += cipher.update(sign, 'hex', 'utf8');
|
||
|
src += cipher.final('utf8');
|
||
|
return src;
|
||
|
}
|
||
|
|
||
|
// ase-128-cbc 加密算法要求key和iv长度都为16
|
||
|
const key = Buffer.from('9vApxLk5G3PAsJrM', 'utf8');
|
||
|
const iv = Buffer.from('FnJL7EDzjqWjcaY9', 'utf8');
|
||
|
const sign = genSign('hello world', key, iv);
|
||
|
console.log(sign); // 764a669609b0c9b041faeec0d572fd7a
|
||
|
|
||
|
|
||
|
// 解密
|
||
|
const src=deSign('764a669609b0c9b041faeec0d572fd7a', key, iv);
|
||
|
console.log(src); // hello world
|
||
|
}
|
||
|
|
||
|
module.exports = {
|
||
|
HASH,
|
||
|
encrypt,
|
||
|
decrypt
|
||
|
}
|