问题
The following code produces HTML output for a single-sign-on button that gets added to a page. In node version 0.5.x the key is accepted by the server on button click, but after upgrading to 0.10.x it does not work and produces a different output. No errors. Has the crypto class changed? Note, the key, url, and iv have been changed slightly to avoid posting secure information, but are the correct length.
var util = require('util');
var crypto = require('crypto');
var fs = require('fs');
var dateFormat = require('dateformat');
var AESCrypt = {};
AESCrypt.encrypt = function(cryptkey, iv, cleardata) {
var encipher = crypto.createCipheriv('aes-256-cbc', cryptkey, iv),
encryptdata = encipher.update(cleardata);
encryptdata += encipher.final('binary');
encode_encryptdata = new Buffer(encryptdata, 'binary').toString('hex');
return encode_encryptdata;
}
function getKey(email){
var now = new Date();
var key = new Buffer("F4553ECE8E0039675E8DA176D23BD82D455BB6272B574FDD6185296432CE1AD9",'hex'),
iv = new Buffer("D95897EA52A8A0C8DF231C8F2DBE59A7",'hex'),
key_bin = key.toString('binary'),
iv_bin = iv.toString('binary'),
text = new Buffer('mystring','ascii'),
text_bin = text.toString('binary');
var enc = AESCrypt.encrypt(key_bin, iv_bin, text_bin);
var page = '<form method="POST" action="https://somedomain.com/AES.aspx"><input type="hidden" name="key" value="'+enc+'"/><input type="hidden" name="ouid" value="1"/><input type="submit" value="Log ine"/></form>';
return page;
}
if(process.argv[2]) {
email = process.argv[2];
console.log(getKey(email));
}
else{
console.log('Something may be wrong with your email address>')
}
回答1:
It seems that - at least for later versions of NodeJS - that Buffer.concat() is required instead of the += operator.
回答2:
Woking code:
var crypto = require('crypto');
var ecr = function(str)
{
var cipher = crypto.createCipher('aes-256-cbc', 'passphase');
var cryptedBuffers = [cipher.update(new Buffer(str))];
cryptedBuffers.push(cipher.final());
var crypted = Buffer.concat(cryptedBuffers);
return crypted;
};
var dcr = function(str)
{
var dcipher = crypto.createDecipher('aes-256-cbc', 'passphase');
var dcryptedBuffers = [dcipher.update(new Buffer(str))];
dcryptedBuffers.push(dcipher.final());
var dcrypted = Buffer.concat(dcryptedBuffers)
.toString('utf8');
return dcrypted;
};
console.log(dcr(ecr('hello test')));
来源:https://stackoverflow.com/questions/20247806/node-js-crypto-class-returning-different-results-with-updated-version