I have to generate two keys (private and public) to encrypt a text with the public and let the user with the private key decrypt the text.
我必须生成两个密钥(私钥和公钥)来与公钥加密文本,并让使用私钥的用户解密文本。
Is it possible with the module Crypto?
使用模块加密是否可能?
6 个解决方案
#1
14
The following code works, but I'm not a professional cryptographer, so some comments here would be useful.
下面的代码是有效的,但是我不是专业的加密者,所以这里有一些注释是有用的。
I've used the ursa RSA module, instead of crypto.
我使用了ursa RSA模块,而不是crypto。
I am concerned that if similar data were encrypted directly, without a pass of AES or similar, then it might be trivial to break this. Comments please...
我担心,如果类似的数据是直接加密的,没有AES或类似的传递,那么打破这个就很容易了。评论请…
var ursa = require('ursa');
var fs = require('fs');
// create a pair of keys (a private key contains both keys...)
var keys = ursa.generatePrivateKey();
console.log('keys:', keys);
// reconstitute the private key from a base64 encoding
var privPem = keys.toPrivatePem('base64');
console.log('privPem:', privPem);
var priv = ursa.createPrivateKey(privPem, '', 'base64');
// make a public key, to be used for encryption
var pubPem = keys.toPublicPem('base64');
console.log('pubPem:', pubPem);
var pub = ursa.createPublicKey(pubPem, 'base64');
// encrypt, with the public key, then decrypt with the private
var data = new Buffer('hello world');
console.log('data:', data);
var enc = pub.encrypt(data);
console.log('enc:', enc);
var unenc = priv.decrypt(enc);
console.log('unenc:', unenc);
After some further investigation http://en.wikipedia.org/w/index.php?title=RSA_%28cryptosystem%29§ion=12#Attacks_against_plain_RSA it looks like ursa already does padding.
经过进一步的调查,http://en.wikipedia.org/w/index.php?标题= rsa_% 28cryptosystem%29§ion=12#Attacks_against_plain_RSA它看起来就像ursa已经做了填充。
#2
13
Use the crypto module from npm to generate KeyPair.
从npm中使用crypto模块生成密钥对。
var crypto = require('crypto');
var prime_length = 60;
var diffHell = crypto.createDiffieHellman(prime_length);
diffHell.generateKeys('base64');
console.log("Public Key : " ,diffHell.getPublicKey('base64'));
console.log("Private Key : " ,diffHell.getPrivateKey('base64'));
console.log("Public Key : " ,diffHell.getPublicKey('hex'));
console.log("Private Key : " ,diffHell.getPrivateKey('hex'));
Above is a example snippet. To know more checkout documentation http://nodejs.org/api/crypto.html
上面是一个示例片段。要了解更多的校验文档,请访问http://nodejs.org/api/crypto.html
#3
5
If you know how to get what you want from OpenSSL, I think it's perfectly reasonable to run OpenSSL using Node's child_process
.
如果您知道如何从OpenSSL获得所需的信息,我认为使用Node的child_process运行OpenSSL是完全合理的。
var cp = require('child_process')
, assert = require('assert')
;
var privateKey, publicKey;
publicKey = '';
cp.exec('openssl genrsa 2048', function(err, stdout, stderr) {
assert.ok(!err);
privateKey = stdout;
console.log(privateKey);
makepub = cp.spawn('openssl', ['rsa', '-pubout']);
makepub.on('exit', function(code) {
assert.equal(code, 0);
console.log(publicKey);
});
makepub.stdout.on('data', function(data) {
publicKey += data;
});
makepub.stdout.setEncoding('ascii');
makepub.stdin.write(privateKey);
makepub.stdin.end();
});
#4
1
child_process route is a terrible and non-scalable solution imo. Stay away.
child_process路由是一个可怕的、不可扩展的解决方案。离开。
I chose to go with keypair instead.
我选择了用keypair代替。
#5
0
I have not used it, but this may be useful:
我没有使用过它,但这可能有用:
http://ox.no/posts/diffie-hellman-support-in-node-js
http://ox.no/posts/diffie-hellman-support-in-node-js
Documentation is severely lacking on this (no examples that I could find).
这方面的文档严重缺乏(我找不到示例)。
#6
0
You can use this rsa-json module. It just spawns a openssl process, so it is pretty dependent on the OS (it does not work by default on windows).
您可以使用这个rsa-json模块。它只是生成一个openssl进程,因此它非常依赖于操作系统(它在windows上默认不工作)。
#1
14
The following code works, but I'm not a professional cryptographer, so some comments here would be useful.
下面的代码是有效的,但是我不是专业的加密者,所以这里有一些注释是有用的。
I've used the ursa RSA module, instead of crypto.
我使用了ursa RSA模块,而不是crypto。
I am concerned that if similar data were encrypted directly, without a pass of AES or similar, then it might be trivial to break this. Comments please...
我担心,如果类似的数据是直接加密的,没有AES或类似的传递,那么打破这个就很容易了。评论请…
var ursa = require('ursa');
var fs = require('fs');
// create a pair of keys (a private key contains both keys...)
var keys = ursa.generatePrivateKey();
console.log('keys:', keys);
// reconstitute the private key from a base64 encoding
var privPem = keys.toPrivatePem('base64');
console.log('privPem:', privPem);
var priv = ursa.createPrivateKey(privPem, '', 'base64');
// make a public key, to be used for encryption
var pubPem = keys.toPublicPem('base64');
console.log('pubPem:', pubPem);
var pub = ursa.createPublicKey(pubPem, 'base64');
// encrypt, with the public key, then decrypt with the private
var data = new Buffer('hello world');
console.log('data:', data);
var enc = pub.encrypt(data);
console.log('enc:', enc);
var unenc = priv.decrypt(enc);
console.log('unenc:', unenc);
After some further investigation http://en.wikipedia.org/w/index.php?title=RSA_%28cryptosystem%29§ion=12#Attacks_against_plain_RSA it looks like ursa already does padding.
经过进一步的调查,http://en.wikipedia.org/w/index.php?标题= rsa_% 28cryptosystem%29§ion=12#Attacks_against_plain_RSA它看起来就像ursa已经做了填充。
#2
13
Use the crypto module from npm to generate KeyPair.
从npm中使用crypto模块生成密钥对。
var crypto = require('crypto');
var prime_length = 60;
var diffHell = crypto.createDiffieHellman(prime_length);
diffHell.generateKeys('base64');
console.log("Public Key : " ,diffHell.getPublicKey('base64'));
console.log("Private Key : " ,diffHell.getPrivateKey('base64'));
console.log("Public Key : " ,diffHell.getPublicKey('hex'));
console.log("Private Key : " ,diffHell.getPrivateKey('hex'));
Above is a example snippet. To know more checkout documentation http://nodejs.org/api/crypto.html
上面是一个示例片段。要了解更多的校验文档,请访问http://nodejs.org/api/crypto.html
#3
5
If you know how to get what you want from OpenSSL, I think it's perfectly reasonable to run OpenSSL using Node's child_process
.
如果您知道如何从OpenSSL获得所需的信息,我认为使用Node的child_process运行OpenSSL是完全合理的。
var cp = require('child_process')
, assert = require('assert')
;
var privateKey, publicKey;
publicKey = '';
cp.exec('openssl genrsa 2048', function(err, stdout, stderr) {
assert.ok(!err);
privateKey = stdout;
console.log(privateKey);
makepub = cp.spawn('openssl', ['rsa', '-pubout']);
makepub.on('exit', function(code) {
assert.equal(code, 0);
console.log(publicKey);
});
makepub.stdout.on('data', function(data) {
publicKey += data;
});
makepub.stdout.setEncoding('ascii');
makepub.stdin.write(privateKey);
makepub.stdin.end();
});
#4
1
child_process route is a terrible and non-scalable solution imo. Stay away.
child_process路由是一个可怕的、不可扩展的解决方案。离开。
I chose to go with keypair instead.
我选择了用keypair代替。
#5
0
I have not used it, but this may be useful:
我没有使用过它,但这可能有用:
http://ox.no/posts/diffie-hellman-support-in-node-js
http://ox.no/posts/diffie-hellman-support-in-node-js
Documentation is severely lacking on this (no examples that I could find).
这方面的文档严重缺乏(我找不到示例)。
#6
0
You can use this rsa-json module. It just spawns a openssl process, so it is pretty dependent on the OS (it does not work by default on windows).
您可以使用这个rsa-json模块。它只是生成一个openssl进程,因此它非常依赖于操作系统(它在windows上默认不工作)。