I'm switching my node.js's application's hashing algorythms from the JS based CryptoJS implementation to the node's own crypto implementation.
我交换节点。js的应用程序从基于js的加密js实现哈希算法到节点自己的加密算法实现。
Here is my implementation:
这是我的实现:
var password = "password1";
var salt = generateSalt();
var iterations = 4000;
var keySize = 768/32;
var cryptoJSKey = CryptoJS.PBKDF2(password, salt, { "iterations": iterations , "keySize": keySize });
// base64 encoded key
cryptoJSKey = cryptoJSKey.toString(CryptoJS.enc.Base64);
require("crypto").pbkdf2( password, salt, iterations, keySize, function(err, derivedKey){
var nodeCryptoKey = new Buffer( derivedKey, "binary" ).toString( "base64" );
console.log( cryptoJSKey == nodeCryptoKey ); // always false!
});
One thing I noticed is that nodeCryptoKey ends up being 32 characters long and the cryptoJSKey is 192. If I increase the keySize for only node's crypto version to 144 (keySize * 6) the key ends up being 192 characters long as well - though it is still different.
我注意到,nodeCryptoKey最终有32个字符长,而cryptoJSKey是192个字符。如果我将只有node的crypto版本的密钥大小增加到144 (keySize * 6),那么密钥也会变成192个字符——尽管它仍然是不同的。
Am I doing something wrong or do the implementations just differ from one another?
我做错了什么,还是实现彼此不同?
1 个解决方案
#1
4
Looks like I figured it out.
看来我想出来了。
In the rolled up PBKDF2.js script in "CryptoJS v3.0.2.zip" (the currently download) CryptoJS.enc.Base64 is undefined; this was probably intended, but not something I noticed.
在卷起来的PBKDF2中。“CryptoJS v3.0.2”中的js脚本。zip(当前下载)加密。Base64定义;这可能是故意的,但我没有注意到。
I was comparing node's Base64 encoded output to CryptoJS's hex output.
我正在比较node的Base64编码输出和CryptoJS的十六进制输出。
Another caveat was that the keySizes aren't compatible between CryptoJS and node.js. Node needs keySize * 4 in order to output an identical key. I'm not familiar with what's going on under the hood in either case; but I'll just assume that's intended.
另一个警告是,密钥大小在CryptoJS和node.js之间不兼容。节点需要keySize * 4才能输出相同的密钥。我不熟悉在这两种情况下,引擎盖下发生的事情;但我假设这是故意的。
Node.js's PBKDF2's documentation is pretty scarce; it does, however, say its "key" parameter is named keylen, which is in bytes (or is it bits? I'm not sure).
节点。js的PBKDF2文档非常缺乏;但是,它会说它的“key”参数被命名为keylen(以字节为单位)(或者它是位吗?我不确定)。
#1
4
Looks like I figured it out.
看来我想出来了。
In the rolled up PBKDF2.js script in "CryptoJS v3.0.2.zip" (the currently download) CryptoJS.enc.Base64 is undefined; this was probably intended, but not something I noticed.
在卷起来的PBKDF2中。“CryptoJS v3.0.2”中的js脚本。zip(当前下载)加密。Base64定义;这可能是故意的,但我没有注意到。
I was comparing node's Base64 encoded output to CryptoJS's hex output.
我正在比较node的Base64编码输出和CryptoJS的十六进制输出。
Another caveat was that the keySizes aren't compatible between CryptoJS and node.js. Node needs keySize * 4 in order to output an identical key. I'm not familiar with what's going on under the hood in either case; but I'll just assume that's intended.
另一个警告是,密钥大小在CryptoJS和node.js之间不兼容。节点需要keySize * 4才能输出相同的密钥。我不熟悉在这两种情况下,引擎盖下发生的事情;但我假设这是故意的。
Node.js's PBKDF2's documentation is pretty scarce; it does, however, say its "key" parameter is named keylen, which is in bytes (or is it bits? I'm not sure).
节点。js的PBKDF2文档非常缺乏;但是,它会说它的“key”参数被命名为keylen(以字节为单位)(或者它是位吗?我不确定)。