Node.js进阶:5分钟入门非对称加密方法

NeiBehrend 6年前
   <h2>前言</h2>    <p>刚回答了SegmentFault上一个兄弟提的问题<a href="/misc/goto?guid=4959756770532027417" title="《非对称解密出错》">《非对称解密出错》</a>。这个属于Node.js在安全上的应用,遇到同样问题的人应该不少,基于回答的问题,这里简单总结下。</p>    <p>非对称加密的理论知识,可以参考笔者前面的文章<a href="/misc/goto?guid=4959756770610776228" title="《NODEJS进阶:CRYPTO模块之理论篇》">《NODEJS进阶:CRYPTO模块之理论篇》</a>。</p>    <p>完整的代码可以在 <a href="/misc/goto?guid=4959756770704844078" title="这里">《Nodejs学习笔记》</a> 找到,也欢迎大家关注 <a href="/misc/goto?guid=4959756770784660833" title="gayhub">程序猿小卡的GitHub</a>。</p>    <h2>加密、解密方法</h2>    <p>在Node.js中,负责安全的模块是<code>crypto</code>。非对称加密中,公钥加密,私钥解密,加解密对应的API分别如下。</p>    <p>加密函数:</p>    <pre>  <code class="language-javascript">crypto.publicEncrypt(key, buffer)</code></pre>    <p>解密函数:</p>    <pre>  <code class="language-javascript">crypto.privateDecrypt(privateKey, buffer)</code></pre>    <h2>入门例子</h2>    <p>假设有如下<code>utils.js</code></p>    <pre>  <code class="language-javascript">// utils.js  const crypto = require('crypto');    // 加密方法  exports.encrypt = (data, key) => {    // 注意,第二个参数是Buffer类型    return crypto.publicEncrypt(key, Buffer.from(data));  };    // 解密方法  exports.decrypt = (encrypted, key) => {    // 注意,encrypted是Buffer类型    return crypto.privateDecrypt(key, encrypted);  };</code></pre>    <p>测试代码<code>app.js</code>:</p>    <pre>  <code class="language-javascript">const utils = require('./utils');  const keys = require('./keys');    const plainText = '你好,我是程序猿小卡';  const crypted = utils.encrypt(plainText, keys.pubKey); // 加密  const decrypted = utils.decrypt(crypted, keys.privKey); // 解密    console.log(decrypted.toString()); // 你好,我是程序猿小卡</code></pre>    <p>附上公钥、私钥 <code>keys.js</code><br> :</p>    <pre>  <code class="language-javascript">exports.privKey = `-----BEGIN RSA PRIVATE KEY-----  MIICXQIBAAKBgQDFWnl8fChyKI/Tgo1ILB+IlGr8ZECKnnO8XRDwttBbf5EmG0qV  8gs0aGkh649rb75I+tMu2JSNuVj61CncL/7Ct2kAZ6CZZo1vYgtzhlFnxd4V7Ra+  aIwLZaXT/h3eE+/cFsL4VAJI5wXh4Mq4Vtu7uEjeogAOgXACaIqiFyrk3wIDAQAB  AoGBAKdrunYlqfY2fNUVAqAAdnvaVOxqa+psw4g/d3iNzjJhBRTLwDl2TZUXImEZ  QeEFueqVhoROTa/xVg/r3tshiD/QC71EfmPVBjBQJJIvJUbjtZJ/O+L2WxqzSvqe  wzYaTm6Te3kZeG/cULNMIL+xU7XsUmslbGPAurYmHA1jNKFpAkEA48aUogSv8VFn  R2QuYmilz20LkCzffK2aq2+9iSz1ZjCvo+iuFt71Y3+etWomzcZCuJ5sn0w7lcSx  nqyzCFDspQJBAN3O2VdQF3gua0Q5VHmK9AvsoXLmCfRa1RiKuFOtrtC609RfX4DC  FxDxH09UVu/8Hmdau8t6OFExcBriIYJQwDMCQQCZLjFDDHfuiFo2js8K62mnJ6SB  H0xlIrND2+/RUuTuBov4ZUC+rM7GTUtEodDazhyM4C4Yq0HfJNp25Zm5XALpAkBG  atLpO04YI3R+dkzxQUH1PyyKU6m5X9TjM7cNKcikD4wMkjK5p+S2xjYQc1AeZEYq  vc187dJPRIi4oC3PN1+tAkBuW51/5vBj+zmd73mVcTt28OmSKOX6kU29F0lvEh8I  oHiLOo285vG5ZtmXiY58tAiPVQXa7eU8hPQHTHWa9qp6  -----END RSA PRIVATE KEY-----  `;    exports.pubKey = `-----BEGIN PUBLIC KEY-----  MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFWnl8fChyKI/Tgo1ILB+IlGr8  ZECKnnO8XRDwttBbf5EmG0qV8gs0aGkh649rb75I+tMu2JSNuVj61CncL/7Ct2kA  Z6CZZo1vYgtzhlFnxd4V7Ra+aIwLZaXT/h3eE+/cFsL4VAJI5wXh4Mq4Vtu7uEje  ogAOgXACaIqiFyrk3wIDAQAB  -----END PUBLIC KEY-----  `;</code></pre>    <h2>小结</h2>    <p>可以看到,通过Node.js进行非对称加密、解密还是挺方便的。更多用法,可以参考官方文档。</p>    <p> </p>    <p> </p>