Introduction to common methods of NODE.JS encryption module CRYPTO

Use require('crypto') to call the encryption module.

The encryption module requires the underlying system to provide OpenSSL support. It provides a way to encapsulate security credentials and can be used for HTTPS secure networks as well as ordinary HTTP connections.

This module also provides a set of hash (hash), hmac (key hash), cipher (encoding), decipher (decoding), sign (signature) and verify (verification) for OpenSSL. Method encapsulation.

crypto.createCredentials(details)

Create a credential object. The optional parameter details is a dictionary with key values:
key: a string type, PEM-encoded private key. .
cert: A string type, PEM-encoded certification certificate.
ca: PEM-encoded trusted CA certificate in string form, or a list of certificates.

If no 'ca' details are given, node.js will use the default public trusted list located at http://mxr.mozilla.org/mozilla/source/security/ nss/lib/ckfw/builtins/certdata.txt.

crypto.createHash(algorithm)

Creates and returns a hash object, which is a cryptographic hash of the specified algorithm and is used to generate hash digests.

The parameter algorithm can select the algorithm supported by the OpenSSL version installed on the system. For example: 'sha1', 'md5', 'sha256', 'sha512', etc. In recent releases, openssl list-message-digest-algorithms will show these available digest algorithms.

hash.update(data)

Update the content of hash to the specified data. This method may be called multiple times when working with streaming data.

hash.digest(encoding='binary')

Compute the hash digest of all incoming data. The encoding parameter can be 'hex', 'binary' or 'base64'.

crypto.createHmac(algorithm, key)

Creates and returns an hmac object, which is a cryptographic hmac with the specified algorithm and key.

The parameter algorithm can select the algorithm supported by OpenSSL - see createHash above. The parameter key is the key used by hmac.

hmac.update(data)

Update the content of hmac to the specified data. This method may be called multiple times when working with streaming data.

hmac.digest(encoding='binary')

Compute the hmac digest of all incoming data. The encoding parameter can be 'hex', 'binary' or 'base64'.

crypto.createCipher(algorithm, key)

Creates and returns a cipher object using the specified algorithm and key.

The parameter algorithm can select the algorithm supported by OpenSSL, such as 'aes192', etc. In recent releases, openssl list-cipher-algorithms will display the available encryption algorithms.

cipher.update(data, input_encoding='binary', output_encoding='binary')

Use the parameter data to update the content to be encrypted. The encoding method is specified by the parameter input_encoding, which can be' utf8', 'ascii' or 'binary'. The parameter output_encoding specifies the output encoding method of the encrypted content, which can be 'binary', 'base64' or 'hex'.

Returns the encrypted content, this method may be called multiple times when using streaming data.

cipher.final(output_encoding='binary')

Returns all remaining encrypted content, output_encoding output encoding is one of 'binary', 'ascii' or 'utf8'.

crypto.createDecipher(algorithm, key)

Create and return a decryption object using the given algorithm and key. This object is the inverse of the encrypted object above.

decipher.update(data, input_encoding='binary', output_encoding='binary')

Use parameter data to update the content to be decrypted, and its encoding method is 'binary', 'base64' or 'hex'. The parameter output_encoding specifies the output encoding method of the decrypted plaintext content, which can be 'binary', 'ascii' or 'utf8'.

decipher.final(output_encoding='binary')

Return all remaining decrypted plaintext whose output_encoding' is one of 'binary', 'ascii' or 'utf8'` .

crypto.createSign(algorithm)

Create and return a signer object using the given algorithm. In existing OpenSSL distributions, openssl list-public-key-algorithms will show the available signature algorithms, for example: 'RSA-SHA256'.

signer.update(data)

Use the data parameter to update the signer object. This method may be called multiple times when working with streaming data.

signer.sign(private_key, output_format='binary')

Compute the signature on all data passed into the signer. private_key is a string that contains the PEM-encoded private key used for signing.

Returns a signature whose output_format output can be 'binary', 'hex' or 'base64'.

crypto.createVerify(algorithm)

Create and return a verifier object using the given algorithm. It is the inverse of the above signer object.

verifier.update(data)

Update the validator object using the data parameter. This method may be called multiple times when working with streaming data.

verifier.verify(cert, signature, signature_format='binary')

Use the parameters cert and signature to verify the signed data. cert is the PEM-encoded public key string, signature is the signature of the previously calculated data, and signature_format can be 'binary', 'hex' or 'base64'.

Return true or false based on the result of signature validity verification of data and public key.

How to write an irreversible encryption code when you need it

var text = "123|12312312123123121231231212312312123123121231231212312312";
var hasher=crypto.createHash("md5");
hasher.update(text);
var hashmsg=hasher.digest('hex');//hashmsg为加密之后的数据

When you need an encryption and decryption environment

var key="asdhjwheru*asd123-123";//加密的秘钥
var text = "123|12312312123123121231231212312312123123121231231212312312";
var crypted =cipher.update(text,'utf8','hex');
crypted+=cipher.final('hex');
var message=crypted;//加密之后的值
var decipher = crypto.createDecipher('aes-256-cbc',key);
var dec=decipher.update(message,'hex','utf8');
dec+= decipher.final('utf8');//解密之后的值

For more introduction to common methods of NODE.JS encryption module CRYPTO and related articles, please pay attention to the PHP Chinese website!