如何在node.js中转换点网络加密功能?

内容来源于 Stack Overflow,并遵循CC BY-SA 3.0许可协议进行翻译与使用

  • 回答 (1)
  • 关注 (0)
  • 查看 (49)

有一个比较清除密码和散列函数的函数的dotnet代码。正在将这个网站网站迁移到node.js中,但是我在这部分被封锁了。我想比较他们在登录时输入的密码和来自dotnet代码的散列。所以在node.js中编写函数。

我在这里共享.net加密代码的一部分

string clearPassword = "123456789";
string encryptedpassword = "03478BDD03D5302ACDA5E68D5B8B1428574CBFD1AF45633D61334502E2B05A6E4751609A";
string saltValue = encryptedpassword.Substring(0, "XXX");
hash = HashAlgorithm.Create("SHA256")
private static string HashPassword(string clearPassword, string saltValue, HashAlgorithm hash)
    {
        UnicodeEncoding encoding = new UnicodeEncoding();
        if (((clearPassword == null) || (hash == null)) || (encoding == null))
        {
            return null;
        }
        byte[] buffer = new byte[] { 
            byte.Parse(saltValue.Substring(0, 2), NumberStyles.HexNumber, (IFormatProvider)CultureInfo.InvariantCulture.NumberFormat), 
            byte.Parse(saltValue.Substring(2, 2), NumberStyles.HexNumber, (IFormatProvider)CultureInfo.InvariantCulture.NumberFormat), 
            byte.Parse(saltValue.Substring(4, 2), NumberStyles.HexNumber, (IFormatProvider)CultureInfo.InvariantCulture.NumberFormat), 
            byte.Parse(saltValue.Substring(6, 2), NumberStyles.HexNumber, (IFormatProvider)CultureInfo.InvariantCulture.NumberFormat) 
        };


        byte[] array = new byte[4 + encoding.GetByteCount(clearPassword)];

        byte[] bytes = encoding.GetBytes(clearPassword);

        buffer.CopyTo(array, 0);
        bytes.CopyTo(array, 4);

        byte[] buffer4 = hash.ComputeHash(array);

        string str = saltValue;
        foreach (byte num in buffer4)
        {
            Console.WriteLine(" num : "+ num.ToString());
            str = str + num.ToString("X2", CultureInfo.InvariantCulture.NumberFormat);
        }
        return str;

    }

和我的js代码

    function hashPassword(clearPassword, saltValue, algorithm){

    //UTF-16
    //UnicodeEncoding encoding = new UnicodeEncoding();
    var encoding = 'UTF-8';
    //var encoding = 'UTF-16';
    if ((clearPassword == null) || (algorithm == null))
    {
        return null;
    }
    var bytesPassword = [
        new Bytes(parseInt(saltValue.substr(0, 2), 16), encoding),
        new Bytes(parseInt(saltValue.substr(2, 2), 16), encoding),
        new Bytes(parseInt(saltValue.substr(4, 2), 16), encoding),
        new Bytes(parseInt(saltValue.substr(6, 2), 16), encoding)
    ];

    var j = bytesPassword.length;
    for (var i=0; i< clearPassword.length; i++) {
        let hex = clearPassword.charCodeAt(i).toString(16);
        let dec = parseInt(hex, 16);
        bytesPassword[j] = new Bytes(dec, encoding);
        j++;
        //add extra 0, utf 16 ???!
        bytesPassword[j] = new Bytes(0, encoding);
        j++;
    }

    for(var i = 0; i < bytesPassword.length; i++)
    {
        algorithm.updateBytes(bytesPassword[i]);
    }

    //digest for encrype in SHA256 return binary
    var encryptedPasswordBytes =  algorithm.digest();
    //base 64 decode to get string
    var encryptedPasswordBytes64 =  Encoding.toBase64(encryptedPasswordBytes);
    //retrieve hexa 
    var clearPasswordDigesttoHex = Encoding.toHex(clearPasswordDigest).toUpperCase();

    //other way
    var str = saltValue;

    for (var i = 0; i < encryptedPasswordBytes64.length; i++)
    {
        //var hashpwd = Encoding.toHex(encryptedPasswordBytes64.charAt(i));
        var hexpwd = encryptedPasswordBytes64.charCodeAt(i).toString(16);
        var decpwd = parseInt(hexpwd, 16);

        str = str + hexpwd;
    }
    return str
}

因此,字节数组与.net函数相同,但加密不会给我相同的结果

提问于
用户回答回答于

尝试使用bcrypt npm对密码进行哈希处理,或者使用其他散列算法,如MD5等

扫码关注云+社区

领取腾讯云代金券