Compare commits
No commits in common. "master" and "3.1.2" have entirely different histories.
44
Readme.md
44
Readme.md
|
@ -3,12 +3,6 @@
|
|||
|
||||
## 更新日志
|
||||
|
||||
+ v3.2.0
|
||||
- 调整`cipher,decipher,cipheriv,decipheriv`的传参和返回结果, `aes-gcm`等算法,`tag`会拼接在密文后面。
|
||||
- 增加`crypto`属性返回, 该属性为`原生crypto对象`
|
||||
- 原`origin`属性标识为`Deprecated`,v4.0之后会直接移除。
|
||||
- `cipher,cipheriv`, 默认的密钥和向量均为`Buffer.alloc(16)`
|
||||
|
||||
+ v3.1.2
|
||||
- 优化`uuid()`, 增加有序性
|
||||
|
||||
|
@ -40,7 +34,6 @@ npm install crypto.js
|
|||
// 1、 传统的 commonJS引入, 所有的方法都在上面
|
||||
var {
|
||||
origin, // 原生crypto对象
|
||||
crypto, // 原生crypto对象
|
||||
uuid,
|
||||
rand,
|
||||
md5,
|
||||
|
@ -57,8 +50,7 @@ var {
|
|||
// 2、 全新的 ESM 方式
|
||||
import crypto from 'crypto.js'
|
||||
import crypto, {
|
||||
origin, // 原生crypto对象
|
||||
crypto, // 原生crypto对象
|
||||
origin,
|
||||
uuid,
|
||||
rand,
|
||||
md5,
|
||||
|
@ -76,13 +68,7 @@ import crypto, {
|
|||
|
||||
|
||||
## 属性
|
||||
|
||||
### `origin` (Deprecated)
|
||||
> 即为原生的`crypto`对象,方便在封装的方法中无法满足需求时,可以自行调用原生的`crypto`实现。
|
||||
|
||||
### `crypto` (v3.2.0新增)
|
||||
> 即为原生的`crypto`对象,方便在封装的方法中无法满足需求时,可以自行调用原生的`crypto`实现。
|
||||
|
||||
> 其实就一个属性,即 `origin`,即为原生的`crypto`对象,方便在封装的方法中无法满足需求时,可以自行调用原生的`crypto`实现。
|
||||
|
||||
## 常用API方法
|
||||
> 对使用频率非常高的几种加密/编码进行更加简便的封装。
|
||||
|
@ -247,20 +233,18 @@ crypto.hmac('md5', '123456', 'sdfvkjfhd')
|
|||
> 在上面的2种算法中,加密都是不可逆的,也就是说,加密后的字符,我们是没办法再还原回去了,但是有很多场景,需要我们对拿到的加密字符,还原到明文状态。
|
||||
> 所以出现了公钥加密这种算法; 而`Node.js`本身给我们提供了4种与公钥加密相关的类:`Cipher/Decipher、Sign、Verify`,这里只讲前面2个,以及它们衍生出来的`Cipheriv/Decipheriv`;
|
||||
|
||||
>> Nodejs v10.0之后该方法为Deprecated, 推荐使用 cipheriv()
|
||||
|
||||
#### cipher(mode, data[, key, inEncode, outEncode])
|
||||
- mode `<String>`
|
||||
- data `<String>` | `<Buffer>`
|
||||
- key `<String>` 可选, 默认为 `<Buffer 0 0 0 ... 0>`, 即 `Buffer.alloc(16)` 的结果
|
||||
- key `<String>` 可选, 默认为 `<Buffer d7 2c 87 d0 f0 77 c7 76 6f 29 85 df ab 30 e8 95>`, 即 `crypto.scryptSync('', '', 16)` 的结果
|
||||
- inEncode '<String>' 可选
|
||||
- outEncode '<String>' 可选,默认返回Buffer对象
|
||||
- outEncode '<String>' 可选,默认base64
|
||||
|
||||
> `crypto.js v3.x`开始, `cipher()`内部改成调用 `cipheriv()`, 如果有特别原因, 仍然要调用的话, 请使用 `2.x版本`
|
||||
|
||||
> `mode`为算法类型,常见的有`aes-128-cbc、aes-128-gcm`等等地,很多,具体有哪些可以通过 `this.crypto.getCiphers()` 来查看。
|
||||
> 其他的参数与上面的HMAC算法相似; `inEncode`即声明要加密的数据是什么编码的,默认根据要加密的数据进行判断。
|
||||
|
||||
>> 需要注意的是, 算法类型为`aes-***-gcm`时, 返回的不是一个字符串, 而是一个对象{ enStr, authTag }, 解密时, 需要提供这个 authTag方可解密
|
||||
|
||||
```javascript
|
||||
// 这里给出一个AES-128-CBC的加密例子
|
||||
|
@ -271,12 +255,16 @@ crypto.cipher('aes-128-cbc', '123456', 'abcdefg')
|
|||
crypto.cipher('aes-128-cbc', '123456', 'abcdefg', 'utf8', 'hex')
|
||||
// 9aa03d64f87d555f9fc0a95fa6270656
|
||||
|
||||
|
||||
// 要注意gcm算法的结果
|
||||
crypto.cipher('aes-128-gcm', '123456', 'abcdefg')
|
||||
// { enStr: 'qmo1a4Jz',
|
||||
// authTag: <Buffer c4 a0 3e ab e5 34 a0 ea 25 02 f0 91 06 f7 3b dd>
|
||||
// }
|
||||
|
||||
// v3.x 之后, decipher()同理
|
||||
crypto.cipher('aes-128-cbc', '123456', {key})
|
||||
// 等价于
|
||||
crypto.cipheriv('aes-128-cbc', '123456', {key}, EMPTY_IV) // 其中 EMPTY_IV = Buffer.alloc(16)
|
||||
crypto.cipheriv('aes-128-cbc', '123456', {key}, EMPTY_IV) // 其中 EMPTY_IV = crypto.scryptSync('', '', 16)
|
||||
```
|
||||
|
||||
|
||||
|
@ -291,8 +279,6 @@ crypto.cipheriv('aes-128-cbc', '123456', {key}, EMPTY_IV) // 其中 EMPTY_IV = B
|
|||
|
||||
> 这是与上面的`cipher`对应的解密方法;
|
||||
|
||||
>> Nodejs v10.0之后该方法为Deprecated, 推荐使用 decipheriv()
|
||||
|
||||
```javascript
|
||||
// 这里不用指定编码,默认即为base64
|
||||
crypto.decipher('aes-128-cbc', 'mqA9ZPh9VV+fwKlfpicGVg==', 'abcdefg')
|
||||
|
@ -304,8 +290,14 @@ crypto.decipher('aes-128-cbc', '9aa03d64f87d555f9fc0a95fa6270656', 'abcdefg', 'h
|
|||
|
||||
|
||||
|
||||
// 要注意gcm算法的结果
|
||||
// authTag: <Buffer c4 a0 3e ab e5 34 a0 ea 25 02 f0 91 06 f7 3b dd>
|
||||
crypto.decipher('aes-128-gcm', 'qmo1a4Jz', 'abcdefg', authTag)
|
||||
// 123456
|
||||
|
||||
|
||||
```
|
||||
|
||||
|
||||
> 至于另外的`cipheriv/decipheriv`这2个方法,这里就不细讲了,和上面的这2个是同样的用法,只是要多1个参数`向量(iv)`
|
||||
>> **`特别要注意的一点是,选择128位的加密算法,那key的长度就必须是16位,256则是32位,依此类推`,具体的请看相关文档**
|
||||
>> **`特别要注意的一点是,选择128位的加密算法,那key的长度就必须是16位,256则是32位,依此类推; 算法类型为gcm时,返回的是对象,解密时需要提供authTag `,具体的请看相关文档**
|
4
build.js
4
build.js
|
@ -7,7 +7,7 @@
|
|||
const Es = require('esbuild')
|
||||
|
||||
Es.build({
|
||||
entryPoints: ['src/index.js'],
|
||||
entryPoints: ['src/index.mjs'],
|
||||
outfile: 'dist/index.mjs',
|
||||
platform: 'node',
|
||||
bundle: true,
|
||||
|
@ -15,7 +15,7 @@ Es.build({
|
|||
format: 'esm'
|
||||
})
|
||||
Es.build({
|
||||
entryPoints: ['src/index.js'],
|
||||
entryPoints: ['src/index.mjs'],
|
||||
outfile: 'dist/index.js',
|
||||
platform: 'node',
|
||||
bundle: true,
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
{
|
||||
"name": "crypto.js",
|
||||
"version": "3.2.2",
|
||||
"version": "3.1.2",
|
||||
"description": "原生crypto加密模块的二次封装,简化常用加密函数的使用",
|
||||
"keywords": [
|
||||
"md5",
|
||||
"sha1",
|
||||
"sha256",
|
||||
"hmac",
|
||||
"aes",
|
||||
"base64",
|
||||
"fivejs",
|
||||
"crypto",
|
||||
"crypto-js",
|
||||
"crypto.js"
|
||||
|
@ -16,8 +16,10 @@
|
|||
"author": "yutent <yutent.io@gmail.com>",
|
||||
"repository": {
|
||||
"type": "git",
|
||||
"url": "https://git.wkit.fun/bytedo/crypto.js.git"
|
||||
"url": "https://github.com/bytedo/crypto.js.git"
|
||||
},
|
||||
"dependencies": {},
|
||||
"devDependencies": {},
|
||||
"main": "dist/index.js",
|
||||
"files": [
|
||||
"dist/*"
|
||||
|
|
|
@ -12,15 +12,15 @@ const AUTH_MODE = [
|
|||
'aes-256-ocb'
|
||||
]
|
||||
const VERSION = +process.versions.node.split('.').slice(0, 2).join('.')
|
||||
const KEY_16 = Buffer.alloc(16)
|
||||
|
||||
function format(buff, encode) {
|
||||
if (encode === void 0 || encode === 'buffer') {
|
||||
return buff
|
||||
}
|
||||
return buff.toString(encode)
|
||||
}
|
||||
|
||||
// <Buffer d7 2c 87 d0 f0 77 c7 76 6f 29 85 df ab 30 e8 95>
|
||||
const EMPTY_KEY = crypto.scryptSync
|
||||
? crypto.scryptSync('', '', 16)
|
||||
: Buffer.from(
|
||||
'0xd7 0x2c 0x87 0xd0 0xf0 0x77 0xc7 0x76 0x6f 0x29 0x85 0xdf 0xab 0x30 0xe8 0x95'.split(
|
||||
' '
|
||||
)
|
||||
)
|
||||
//
|
||||
if (!crypto.randomUUID) {
|
||||
crypto.randomUUID = function () {
|
||||
|
@ -49,13 +49,13 @@ if (!crypto.randomInt) {
|
|||
}
|
||||
}
|
||||
|
||||
export { crypto }
|
||||
export const origin = crypto
|
||||
|
||||
export const hash = function (mode, data, outEncode) {
|
||||
let sum = crypto.createHash(mode)
|
||||
let isBuffer = Buffer.isBuffer(data)
|
||||
|
||||
sum.update(data, isBuffer ? 'buffer' : 'utf8')
|
||||
sum.update(data, isBuffer ? 'binary' : 'utf8')
|
||||
return sum.digest(outEncode || 'hex')
|
||||
}
|
||||
|
||||
|
@ -64,111 +64,101 @@ export const hmac = function (mode, data, key, outEncode) {
|
|||
let sum = crypto.createHmac(mode, key)
|
||||
let isBuffer = Buffer.isBuffer(data)
|
||||
|
||||
sum.update(data, isBuffer ? 'buffer' : 'utf8')
|
||||
sum.update(data, isBuffer ? 'binary' : 'utf8')
|
||||
return sum.digest(outEncode || 'hex')
|
||||
}
|
||||
|
||||
export const cipher = function (
|
||||
mode,
|
||||
data,
|
||||
key = KEY_16,
|
||||
inEncode = 'utf8',
|
||||
key = EMPTY_KEY,
|
||||
inEncode,
|
||||
outEncode
|
||||
) {
|
||||
// 10.0.0之后, createCipher方法不推荐使用了
|
||||
if (VERSION >= 10.5) {
|
||||
return cipheriv(mode, data, key, KEY_16, inEncode, outEncode)
|
||||
return cipheriv(mode, data, key, EMPTY_KEY, inEncode, outEncode)
|
||||
}
|
||||
let isBuffer = Buffer.isBuffer(data)
|
||||
inEncode = isBuffer ? 'buffer' : inEncode
|
||||
|
||||
let _cipher = crypto.createCipher(mode, key)
|
||||
let buff = _cipher.update(data, inEncode)
|
||||
buff = Buffer.concat([buff, _cipher.final()])
|
||||
inEncode = isBuffer ? 'binary' : inEncode || 'utf8'
|
||||
outEncode = outEncode || 'base64'
|
||||
|
||||
let cipher = crypto.createCipher(mode, key)
|
||||
let enStr = cipher.update(data, inEncode, outEncode)
|
||||
enStr += cipher.final(outEncode)
|
||||
if (AUTH_MODE.indexOf(mode) > -1) {
|
||||
buff = Buffer.concat([buff, _cipher.getAuthTag()])
|
||||
let authTag = cipher.getAuthTag()
|
||||
return { enStr, authTag }
|
||||
}
|
||||
return format(buff, outEncode)
|
||||
return enStr
|
||||
}
|
||||
|
||||
export const decipher = function (
|
||||
mode,
|
||||
data,
|
||||
key = KEY_16,
|
||||
inEncode = 'base64',
|
||||
outEncode = 'utf8'
|
||||
key = EMPTY_KEY,
|
||||
tag,
|
||||
inEncode,
|
||||
outEncode
|
||||
) {
|
||||
// 10.0.0之后, createCipher方法不推荐使用了
|
||||
if (VERSION >= 10.5) {
|
||||
return decipheriv(mode, data, key, KEY_16, inEncode, outEncode)
|
||||
return decipheriv(mode, data, key, EMPTY_KEY, tag, inEncode, outEncode)
|
||||
}
|
||||
|
||||
let isBuffer = Buffer.isBuffer(data)
|
||||
if (!isBuffer) {
|
||||
data = Buffer.from(data, inEncode)
|
||||
}
|
||||
inEncode = 'buffer'
|
||||
|
||||
let _decipher = crypto.createDecipher(mode, key)
|
||||
inEncode = isBuffer ? 'binary' : inEncode || 'base64'
|
||||
outEncode = outEncode || 'utf8'
|
||||
|
||||
let cd = crypto.createDecipher(mode, key)
|
||||
if (AUTH_MODE.indexOf(mode) > -1) {
|
||||
let tag = data.slice(-16)
|
||||
data = data.slice(0, -16)
|
||||
_decipher.setAuthTag(tag)
|
||||
cd.setAuthTag(tag)
|
||||
}
|
||||
let buff = _decipher.update(data, inEncode)
|
||||
buff = Buffer.concat([buff, _decipher.final()])
|
||||
return format(buff, outEncode)
|
||||
let deStr = cd.update(data, inEncode, outEncode)
|
||||
deStr += cd.final(outEncode)
|
||||
return deStr
|
||||
}
|
||||
|
||||
export const cipheriv = function (
|
||||
mode,
|
||||
data,
|
||||
key = KEY_16,
|
||||
iv = KEY_16,
|
||||
inEncode = 'utf8',
|
||||
key = EMPTY_KEY,
|
||||
iv = EMPTY_KEY,
|
||||
inEncode,
|
||||
outEncode
|
||||
) {
|
||||
let isBuffer = Buffer.isBuffer(data)
|
||||
inEncode = isBuffer ? 'buffer' : inEncode
|
||||
|
||||
let _cipher = crypto.createCipheriv(mode, key, iv)
|
||||
let buff = _cipher.update(data, inEncode)
|
||||
|
||||
buff = Buffer.concat([buff, _cipher.final()])
|
||||
inEncode = isBuffer ? 'binary' : inEncode || 'utf8'
|
||||
outEncode = outEncode || 'base64'
|
||||
|
||||
let cciv = crypto.createCipheriv(mode, key, iv)
|
||||
let enStr = cciv.update(data, inEncode, outEncode)
|
||||
enStr += cciv.final(outEncode)
|
||||
if (AUTH_MODE.indexOf(mode) > -1) {
|
||||
buff = Buffer.concat([buff, _cipher.getAuthTag()])
|
||||
let authTag = cciv.getAuthTag()
|
||||
return { enStr, authTag }
|
||||
}
|
||||
return format(buff, outEncode)
|
||||
return enStr
|
||||
}
|
||||
|
||||
export const decipheriv = function (
|
||||
mode,
|
||||
data,
|
||||
key = KEY_16,
|
||||
iv = KEY_16,
|
||||
inEncode = 'base64',
|
||||
outEncode = 'utf8'
|
||||
key = EMPTY_KEY,
|
||||
iv = EMPTY_KEY,
|
||||
tag,
|
||||
inEncode,
|
||||
outEncode
|
||||
) {
|
||||
let isBuffer = Buffer.isBuffer(data)
|
||||
inEncode = isBuffer ? 'binary' : inEncode || 'base64'
|
||||
outEncode = outEncode || 'utf8'
|
||||
|
||||
if (!isBuffer) {
|
||||
data = Buffer.from(data, inEncode)
|
||||
}
|
||||
inEncode = 'buffer'
|
||||
|
||||
let _decipher = crypto.createDecipheriv(mode, key, iv)
|
||||
|
||||
let dcpiv = crypto.createDecipheriv(mode, key, iv)
|
||||
if (AUTH_MODE.indexOf(mode) > -1) {
|
||||
let tag = data.slice(-16)
|
||||
data = data.slice(0, -16)
|
||||
_decipher.setAuthTag(tag)
|
||||
dcpiv.setAuthTag(tag)
|
||||
}
|
||||
|
||||
let buff = _decipher.update(data, inEncode)
|
||||
buff = Buffer.concat([buff, _decipher.final()])
|
||||
|
||||
return format(buff, outEncode)
|
||||
let deStr = dcpiv.update(data, inEncode, outEncode)
|
||||
deStr += dcpiv.final(outEncode)
|
||||
return deStr
|
||||
}
|
|
@ -7,14 +7,14 @@
|
|||
import os from 'os'
|
||||
import fs from 'fs'
|
||||
import {
|
||||
crypto,
|
||||
origin,
|
||||
hash,
|
||||
hmac,
|
||||
cipher,
|
||||
decipher,
|
||||
cipheriv,
|
||||
decipheriv
|
||||
} from './helper.js'
|
||||
} from './helper.mjs'
|
||||
|
||||
const MAC = (function (ns) {
|
||||
for (let k in ns) {
|
||||
|
@ -27,15 +27,15 @@ const MAC = (function (ns) {
|
|||
return Math.random().toString(16).slice(-4)
|
||||
})(os.networkInterfaces())
|
||||
|
||||
let __inc__ = 4096
|
||||
var __inc__ = 4096
|
||||
|
||||
/**
|
||||
* [base64encode base64编码]
|
||||
* @param {Str/Num/Buffer} str [要编码的字符串]
|
||||
* @param {bool} urlFriendly [是否对URL友好, 默认否, 是则会把+转成-, /转成_]
|
||||
* @param {bool} urlFriendly [是否对URL友好,默认否,是则会把+转成-,/转成_]
|
||||
*/
|
||||
export function base64encode(str, urlFriendly) {
|
||||
let buf, str64
|
||||
var buf, str64
|
||||
|
||||
if (Buffer.isBuffer(str)) {
|
||||
buf = str
|
||||
|
@ -79,15 +79,15 @@ export function rand(len, forceNum) {
|
|||
let max = str.length
|
||||
let tmp = ''
|
||||
for (let i = 0; i < len; i++) {
|
||||
tmp += str[crypto.randomInt(max)]
|
||||
tmp += str[origin.randomInt(max)]
|
||||
}
|
||||
return tmp
|
||||
}
|
||||
|
||||
// 返回一个如下格式的 xxxxxxxx-xxxx-xxxx-xxxxxxxx 的唯一ID
|
||||
export function uuid(pipe = '-') {
|
||||
let str = crypto.randomUUID()
|
||||
let now = (~~(Date.now() / 1000)).toString(16)
|
||||
var str = origin.randomUUID()
|
||||
var now = (~~(Date.now() / 1000)).toString(16)
|
||||
|
||||
if (__inc__ > 65535) {
|
||||
__inc__ = 4096
|
||||
|
@ -121,12 +121,11 @@ export function md5(str, encode) {
|
|||
* @param {Str} file [文件路径]
|
||||
*/
|
||||
export function md5Sign(file) {
|
||||
try {
|
||||
let buf = fs.readFileSync(file)
|
||||
if (fs.accessSync(file, fs.constants.R_OK)) {
|
||||
var buf = fs.readFileSync(file)
|
||||
return hash('md5', buf)
|
||||
} catch (e) {
|
||||
return null
|
||||
}
|
||||
return null
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -150,12 +149,11 @@ export function sha1(str, encode) {
|
|||
* @param {Str} file [文件路径]
|
||||
*/
|
||||
export function sha1Sign(file) {
|
||||
try {
|
||||
let buf = fs.readFileSync(file)
|
||||
if (fs.accessSync(file, fs.constants.R_OK)) {
|
||||
var buf = fs.readFileSync(file)
|
||||
return hash('sha1', buf)
|
||||
} catch (e) {
|
||||
return null
|
||||
}
|
||||
return null
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -179,24 +177,14 @@ export function sha256(str, encoding) {
|
|||
* @param {Str} file [文件路径]
|
||||
*/
|
||||
export function sha256Sign(file) {
|
||||
try {
|
||||
let buf = fs.readFileSync(file)
|
||||
if (fs.accessSync(file, fs.constants.R_OK)) {
|
||||
var buf = fs.readFileSync(file)
|
||||
return hash('sha256', buf)
|
||||
} catch (e) {
|
||||
return null
|
||||
}
|
||||
return null
|
||||
}
|
||||
|
||||
export {
|
||||
crypto,
|
||||
crypto as origin,
|
||||
hash,
|
||||
hmac,
|
||||
cipher,
|
||||
decipher,
|
||||
cipheriv,
|
||||
decipheriv
|
||||
}
|
||||
export { origin, hash, hmac, cipher, decipher, cipheriv, decipheriv }
|
||||
|
||||
export default {
|
||||
base64encode,
|
||||
|
@ -209,8 +197,7 @@ export default {
|
|||
sha1Sign,
|
||||
sha256,
|
||||
sha256Sign,
|
||||
crypto,
|
||||
origin: crypto,
|
||||
origin,
|
||||
hash,
|
||||
hmac,
|
||||
cipher,
|
20
test/test.js
20
test/test.js
|
@ -1,20 +0,0 @@
|
|||
import { crypto, cipher, cipheriv, decipher, decipheriv } from '../src/index.js'
|
||||
|
||||
let algorithm = 'aes-128-cbc'
|
||||
let data = 'abcd'
|
||||
let key = Buffer.alloc(16)
|
||||
let key2 = Buffer.alloc(32)
|
||||
let iv = Buffer.alloc(16)
|
||||
|
||||
let encode = 'base64'
|
||||
|
||||
// console.log(crypto.getCiphers())
|
||||
|
||||
let output1 = cipher(algorithm, data, key, 'utf8', encode)
|
||||
let output2 = cipheriv(algorithm, data, key, iv)
|
||||
|
||||
console.log(output1)
|
||||
console.log(output2.toString(encode))
|
||||
|
||||
console.log(decipher(algorithm, output1, key))
|
||||
console.log(decipheriv(algorithm, output2, key, iv))
|
Loading…
Reference in New Issue