如何使用Node创建一对私有/公共密钥。js加密?

时间:2020-11-24 18:27:17

I have to generate two keys (private and public) to encrypt a text with the public and let the user with the private key decrypt the text.

我必须生成两个密钥(私钥和公钥)来与公钥加密文本,并让使用私钥的用户解密文本。

Is it possible with the module Crypto?

使用模块加密是否可能?

6 个解决方案

#1


14  

The following code works, but I'm not a professional cryptographer, so some comments here would be useful.

下面的代码是有效的,但是我不是专业的加密者,所以这里有一些注释是有用的。

I've used the ursa RSA module, instead of crypto.

我使用了ursa RSA模块,而不是crypto。

I am concerned that if similar data were encrypted directly, without a pass of AES or similar, then it might be trivial to break this. Comments please...

我担心,如果类似的数据是直接加密的,没有AES或类似的传递,那么打破这个就很容易了。评论请…

var ursa = require('ursa');
var fs = require('fs');

// create a pair of keys (a private key contains both keys...)
var keys = ursa.generatePrivateKey();
console.log('keys:', keys);

// reconstitute the private key from a base64 encoding
var privPem = keys.toPrivatePem('base64');
console.log('privPem:', privPem);

var priv = ursa.createPrivateKey(privPem, '', 'base64');

// make a public key, to be used for encryption
var pubPem = keys.toPublicPem('base64');
console.log('pubPem:', pubPem);

var pub = ursa.createPublicKey(pubPem, 'base64');

// encrypt, with the public key, then decrypt with the private
var data = new Buffer('hello world');
console.log('data:', data);

var enc = pub.encrypt(data);
console.log('enc:', enc);

var unenc = priv.decrypt(enc);
console.log('unenc:', unenc);

After some further investigation http://en.wikipedia.org/w/index.php?title=RSA_%28cryptosystem%29&section=12#Attacks_against_plain_RSA it looks like ursa already does padding.

经过进一步的调查,http://en.wikipedia.org/w/index.php?标题= rsa_% 28cryptosystem%29&section=12#Attacks_against_plain_RSA它看起来就像ursa已经做了填充。

#2


13  

Use the crypto module from npm to generate KeyPair.

从npm中使用crypto模块生成密钥对。

var crypto = require('crypto');

var prime_length = 60;
var diffHell = crypto.createDiffieHellman(prime_length);

diffHell.generateKeys('base64');
console.log("Public Key : " ,diffHell.getPublicKey('base64'));
console.log("Private Key : " ,diffHell.getPrivateKey('base64'));

console.log("Public Key : " ,diffHell.getPublicKey('hex'));
console.log("Private Key : " ,diffHell.getPrivateKey('hex'));

Above is a example snippet. To know more checkout documentation http://nodejs.org/api/crypto.html

上面是一个示例片段。要了解更多的校验文档,请访问http://nodejs.org/api/crypto.html

#3


5  

If you know how to get what you want from OpenSSL, I think it's perfectly reasonable to run OpenSSL using Node's child_process.

如果您知道如何从OpenSSL获得所需的信息,我认为使用Node的child_process运行OpenSSL是完全合理的。

var cp = require('child_process')
  , assert = require('assert')
  ;

var privateKey, publicKey;
publicKey = '';
cp.exec('openssl genrsa 2048', function(err, stdout, stderr) {
  assert.ok(!err);
  privateKey = stdout;
  console.log(privateKey);
  makepub = cp.spawn('openssl', ['rsa', '-pubout']);
  makepub.on('exit', function(code) {
    assert.equal(code, 0); 
    console.log(publicKey);
  });
  makepub.stdout.on('data', function(data) {
    publicKey += data;
  });
  makepub.stdout.setEncoding('ascii');
  makepub.stdin.write(privateKey);
  makepub.stdin.end();  
});

#4


1  

child_process route is a terrible and non-scalable solution imo. Stay away.

child_process路由是一个可怕的、不可扩展的解决方案。离开。

I chose to go with keypair instead.

我选择了用keypair代替。

#5


0  

I have not used it, but this may be useful:

我没有使用过它,但这可能有用:

http://ox.no/posts/diffie-hellman-support-in-node-js

http://ox.no/posts/diffie-hellman-support-in-node-js

Documentation is severely lacking on this (no examples that I could find).

这方面的文档严重缺乏(我找不到示例)。

#6


0  

You can use this rsa-json module. It just spawns a openssl process, so it is pretty dependent on the OS (it does not work by default on windows).

您可以使用这个rsa-json模块。它只是生成一个openssl进程,因此它非常依赖于操作系统(它在windows上默认不工作)。

#1


14  

The following code works, but I'm not a professional cryptographer, so some comments here would be useful.

下面的代码是有效的,但是我不是专业的加密者,所以这里有一些注释是有用的。

I've used the ursa RSA module, instead of crypto.

我使用了ursa RSA模块,而不是crypto。

I am concerned that if similar data were encrypted directly, without a pass of AES or similar, then it might be trivial to break this. Comments please...

我担心,如果类似的数据是直接加密的,没有AES或类似的传递,那么打破这个就很容易了。评论请…

var ursa = require('ursa');
var fs = require('fs');

// create a pair of keys (a private key contains both keys...)
var keys = ursa.generatePrivateKey();
console.log('keys:', keys);

// reconstitute the private key from a base64 encoding
var privPem = keys.toPrivatePem('base64');
console.log('privPem:', privPem);

var priv = ursa.createPrivateKey(privPem, '', 'base64');

// make a public key, to be used for encryption
var pubPem = keys.toPublicPem('base64');
console.log('pubPem:', pubPem);

var pub = ursa.createPublicKey(pubPem, 'base64');

// encrypt, with the public key, then decrypt with the private
var data = new Buffer('hello world');
console.log('data:', data);

var enc = pub.encrypt(data);
console.log('enc:', enc);

var unenc = priv.decrypt(enc);
console.log('unenc:', unenc);

After some further investigation http://en.wikipedia.org/w/index.php?title=RSA_%28cryptosystem%29&section=12#Attacks_against_plain_RSA it looks like ursa already does padding.

经过进一步的调查,http://en.wikipedia.org/w/index.php?标题= rsa_% 28cryptosystem%29&section=12#Attacks_against_plain_RSA它看起来就像ursa已经做了填充。

#2


13  

Use the crypto module from npm to generate KeyPair.

从npm中使用crypto模块生成密钥对。

var crypto = require('crypto');

var prime_length = 60;
var diffHell = crypto.createDiffieHellman(prime_length);

diffHell.generateKeys('base64');
console.log("Public Key : " ,diffHell.getPublicKey('base64'));
console.log("Private Key : " ,diffHell.getPrivateKey('base64'));

console.log("Public Key : " ,diffHell.getPublicKey('hex'));
console.log("Private Key : " ,diffHell.getPrivateKey('hex'));

Above is a example snippet. To know more checkout documentation http://nodejs.org/api/crypto.html

上面是一个示例片段。要了解更多的校验文档,请访问http://nodejs.org/api/crypto.html

#3


5  

If you know how to get what you want from OpenSSL, I think it's perfectly reasonable to run OpenSSL using Node's child_process.

如果您知道如何从OpenSSL获得所需的信息,我认为使用Node的child_process运行OpenSSL是完全合理的。

var cp = require('child_process')
  , assert = require('assert')
  ;

var privateKey, publicKey;
publicKey = '';
cp.exec('openssl genrsa 2048', function(err, stdout, stderr) {
  assert.ok(!err);
  privateKey = stdout;
  console.log(privateKey);
  makepub = cp.spawn('openssl', ['rsa', '-pubout']);
  makepub.on('exit', function(code) {
    assert.equal(code, 0); 
    console.log(publicKey);
  });
  makepub.stdout.on('data', function(data) {
    publicKey += data;
  });
  makepub.stdout.setEncoding('ascii');
  makepub.stdin.write(privateKey);
  makepub.stdin.end();  
});

#4


1  

child_process route is a terrible and non-scalable solution imo. Stay away.

child_process路由是一个可怕的、不可扩展的解决方案。离开。

I chose to go with keypair instead.

我选择了用keypair代替。

#5


0  

I have not used it, but this may be useful:

我没有使用过它,但这可能有用:

http://ox.no/posts/diffie-hellman-support-in-node-js

http://ox.no/posts/diffie-hellman-support-in-node-js

Documentation is severely lacking on this (no examples that I could find).

这方面的文档严重缺乏(我找不到示例)。

#6


0  

You can use this rsa-json module. It just spawns a openssl process, so it is pretty dependent on the OS (it does not work by default on windows).

您可以使用这个rsa-json模块。它只是生成一个openssl进程,因此它非常依赖于操作系统(它在windows上默认不工作)。