[英]How to decipher string in node js which is encrypted in crypto js in javascript
My client side code: 我的客户端代码:
data.username = CryptoJS.AES.encrypt(user.username, "password");
data.password = CryptoJS.AES.encrypt(user.password, "password");
Then I am sending 'data' to server which is express.js 然后我将“数据”发送到express.js服务器
var user = req.body;
var decipher = crypto.createDecipher('aes256', "password");
var decrypted = decipher.update(user.username, 'hex', 'utf-8');
decrypted += decipher.final('utf-8');
I am getting this error: 我收到此错误:
Error: DecipherInit error
at new Decipher (crypto.js:368:17)
at Object.Decipher (crypto.js:365:12)
CryptoJS' encrypt
function with a password uses the same EVP_BytesToKey
function node.js' createCipher
, with the important difference that CryptoJS uses a random salt to derive whereas node does not (emphasis mine): CryptoJS的带密码的
encrypt
函数使用相同的EVP_BytesToKey
函数node.js的createCipher
,重要的区别在于CryptoJS使用随机盐来导出而node不使用 (强调我):
Note: createCipher derives keys with the OpenSSL function EVP_BytesToKey with the digest algorithm set to MD5, one iteration, and no salt .
注意:createCipher使用OpenSSL函数EVP_BytesToKey导出密钥,并将摘要算法设置为MD5,一次迭代,并且没有salt 。
Either you directly use CryptoJS in node which is possible, because CryptoJS doesn't have any dependencies, or you do the key derivation yourself on both ends and use crypto.createCipheriv
. 您可以在可能的节点中直接使用CryptoJS,因为CryptoJS没有任何依赖关系,或者您自己在两端进行密钥派生并使用
crypto.createCipheriv
。 If you do the former, you would have to additionally pass the salts of the username and password encryptions to node. 如果使用前者,则必须另外将用户名和密码加密的内容传递给节点。
Note that data.username
is the CryptoJS cipherParams object which contains the salt and the IV, but when you convert this to string with data.username.toString()
, the salt is not included anymore, but the IV is. 请注意,
data.username
是包含salt和IV的CryptoJS cipherParams对象,但是当您将其转换为带有data.username.toString()
字符串时,不再包含salt了,但是IV了。 This is not the data
that you would put into the node.js functions. 这不是
data
,你会投入Node.js的功能。 Send data.username.ciphertext
instead. 而是发送
data.username.ciphertext
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.