我想创建一个散列I love cupcakes(用密钥签名abcdeg)
如何使用 Node.js Crypto 创建该哈希?
问问题
137068 次
4 回答
399
加密文档:http ://nodejs.org/api/crypto.html
const crypto = require('crypto')
const text = 'I love cupcakes'
const key = 'abcdeg'
crypto.createHmac('sha1', key)
.update(text)
.digest('hex')
于 2011-09-20T04:38:21.757 回答
101
几年前,有人说这是遗留方法,并引入了新的流式 API 方法update()。digest()现在文档说可以使用任何一种方法。例如:
var crypto = require('crypto');
var text = 'I love cupcakes';
var secret = 'abcdeg'; //make this your secret!!
var algorithm = 'sha1'; //consider using sha256
var hash, hmac;
// Method 1 - Writing to a stream
hmac = crypto.createHmac(algorithm, secret);
hmac.write(text); // write in to the stream
hmac.end(); // can't read from the stream until you call end()
hash = hmac.read().toString('hex'); // read out hmac digest
console.log("Method 1: ", hash);
// Method 2 - Using update and digest:
hmac = crypto.createHmac(algorithm, secret);
hmac.update(text);
hash = hmac.digest('hex');
console.log("Method 2: ", hash);
在节点 v6.2.2 和 v7.7.2 上测试
请参阅https://nodejs.org/api/crypto.html#crypto_class_hmac。提供更多使用流式方法的示例。
于 2013-09-15T14:59:44.697 回答
22
Gwerder 的解决方案不会起作用,因为hash = hmac.read();发生在流完成完成之前。因此AngraX的问题。在此示例中,该hmac.write语句也是不必要的。
而是这样做:
var crypto = require('crypto');
var hmac;
var algorithm = 'sha1';
var key = 'abcdeg';
var text = 'I love cupcakes';
var hash;
hmac = crypto.createHmac(algorithm, key);
// readout format:
hmac.setEncoding('hex');
//or also commonly: hmac.setEncoding('base64');
// callback is attached as listener to stream's finish event:
hmac.end(text, function () {
hash = hmac.read();
//...do something with the hash...
});
更正式地说,如果你愿意,这条线
hmac.end(text, function () {
可以写
hmac.end(text, 'utf8', function () {
因为在这个例子中 text 是一个 utf 字符串
于 2014-10-09T15:04:39.033 回答
0
尽管有所有用于签名和验证哈希算法的示例代码,但我仍然进行了一些实验和调整以使其工作。这是我的工作示例,我相信它涵盖了所有边缘情况。
它是 URL 安全的(即不需要编码),它需要一个过期时间,并且不会意外抛出异常。Day.js存在依赖关系,但您可以将其替换为另一个日期库或滚动您自己的日期比较。
用 TypeScript 编写:
// signature.ts
import * as crypto from 'crypto';
import * as dayjs from 'dayjs';
const key = 'some-random-key-1234567890';
const replaceAll = (
str: string,
searchValue: string,
replaceValue: string,
) => str.split(searchValue).join(replaceValue);
const swap = (str: string, input: string, output: string) => {
for (let i = 0; i < input.length; i++)
str = replaceAll(str, input[i], output[i]);
return str;
};
const createBase64Hmac = (message: string, expiresAt: Date) =>
swap(
crypto
.createHmac('sha1', key)
.update(`${expiresAt.getTime()}${message}`)
.digest('hex'),
'+=/', // Used to avoid characters that aren't safe in URLs
'-_,',
);
export const sign = (message: string, expiresAt: Date) =>
`${expiresAt.getTime()}-${createBase64Hmac(message, expiresAt)}`;
export const verify = (message: string, hash: string) => {
const matches = hash.match(/(.+?)-(.+)/);
if (!matches) return false;
const expires = matches[1];
const hmac = matches[2];
if (!/^\d+$/.test(expires)) return false;
const expiresAt = dayjs(parseInt(expires, 10));
if (expiresAt.isBefore(dayjs())) return false;
const expectedHmac = createBase64Hmac(message, expiresAt.toDate());
// Byte lengths must equal, otherwise crypto.timingSafeEqual will throw an exception
if (hmac.length !== expectedHmac.length) return false;
return crypto.timingSafeEqual(
Buffer.from(hmac),
Buffer.from(expectedHmac),
);
};
你可以像这样使用它:
import { sign, verify } from './signature';
const message = 'foo-bar';
const expiresAt = dayjs().add(1, 'day').toDate();
const hash = sign(message, expiresAt);
const result = verify(message, hash);
expect(result).toBe(true);
于 2022-01-04T01:32:34.727 回答