Options
All
  • Public
  • Public/Protected
  • All
Menu

Module crypto

Index

Enumerations

Interfaces

Functions

Functions

createCipher

  • 创建对称加密对象

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let key = buffer.from("***********9");
let nonce = buffer.from("********2");
let plainText = buffer.from('****');

let cipher = crypto.createCipher(crypto.Algorithm.AES_GCM, key, { nonce: nonce });
let cipherText = cipher.encrypt(plainText);
console.log(cipherText.toString(buffer.Encoding.Base64));

    Parameters

    • algorithm: Algorithm

      加密算法名称. 备注: aes-ecb不是安全的加密算法, 不建议使用

    • key: Buffer

      密钥, 备注:敏感信息,请不要明文写在代码中

    • option: Option

      加密选项

    Returns Cipher

createDecipher

  • 创建解密对象

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let key = buffer.from("************");
let nonce = buffer.from("***********");
let cipherText = buffer.from('iSzDBqz**********Bw==', buffer.Encoding.Base64);

let decipher = crypto.createDecipher(crypto.Algorithm.AES_GCM, key, { nonce: nonce });
let plainText = decipher.decrypt(cipherText);
console.log(plainText.toString()); //huawei

    Parameters

    • algorithm: Algorithm

      算法名称. 备注: aes-ecb不是安全是加密算法

    • key: Buffer

      密钥, 备注:敏感信息,请不要在代码中写明文。

    • option: Option

      解密选项

    Returns Decipher

createHash

  • 创建hash对象

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let hash = crypto.createHash(crypto.Hashs.SHA512);

console.log(hash.sum(buffer.from("11111111111111")).toString(buffer.Encoding.Base64));

    Parameters

    • hash: Hashs

      hash算法名称. 注意: MD5, SHA1是不安全的hash算法

    Returns Hash

createHmac

  • 创建Hmac对象

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let hmac = crypto.createHmac(crypto.Hashs.SHA256, buffer.from('****************'));

console.log(hmac.sum(buffer.from('************')).toString(buffer.Encoding.Base64));

    Parameters

    • hash: Hashs

      hash算法名称. 备注: MD5, SHA1是不安全的hash算法

    • key: Buffer

      hash key, 备注:敏感信息,请不要直接写明文在代码中

    Returns Hmac

createSign

  • 创建签名对象

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let rsakey = crypto.generateKey(1024);

let data = buffer.from("huawei");
let sign = crypto.createSign(crypto.Hashs.SHA256);
let signed = sign.sign(rsakey.privateKey, data);

console.log(signed.toString(buffer.Encoding.Base64));

    Parameters

    • hash: Hashs

      hash算法名称. 注意: MD5, SHA1是不安全的hash算法

    • Optional saltLength: SaltLength

    Returns Signer

createVerify

  • 创建签名对象

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let rsakey = crypto.generateKey(1024);

let data = buffer.from("huawei");
let sign = crypto.createSign(crypto.Hashs.SHA256);
let signed = sign.sign(rsakey.privateKey, data);

let verify = crypto.createVerify(crypto.Hashs.SHA256);
console.log(verify.verify(rsakey.publicKey, signed, data)); // true

    Parameters

    Returns Verify

generateKey

  • 生成rsa的密钥对。支持1024, 2048, 3072, 4096位。

    密钥位越大,安全性越高,可加密的数据内容越长,加密的时间越长。建议设置位大于等于2048

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let rsakey = crypto.generateKey(2048);

console.log(rsakey.privateKey.toString());

console.log('\n');

console.log(rsakey.publicKey.toString());

    Parameters

    • bits: number

      密钥位数

    • Optional padding: RSAPadding

      填充模式

    Returns RSAKey

getCiphers

  • getCiphers(): string[]

  • 获取支持的AES加密算法类型, 目前支持: aes-ecb, aes-cbc, aes-gcm

    Returns string[]

getHashes

  • getHashes(): string[]

  • 获取支持的hash算法列表,目前支持:md5 sha1 sha256 sha512

    Returns string[]

newCertManager

  • create a cert manager

    example
    import * as crypto from 'crypto';

let mng = crypto.newCertManager();

let [validationTime, issuedOrganization, belongChain] = mng.verifyCertificate(publicCert, [rootCert, middleCert]);
let publicKey = mng.getPKIXPublicKey(publicCert);

    Returns ManagerCert

newJwtParser

  • create a jwt parser

    example
    import * as crypto from "crypto";

let parser = crypto.newJwtParser();
let [header, payload] = parser.ParseWithoutVerify(token);

    Returns JwtParser

newPFXManager

  • create a pfx manager

    example
    import * as crypto from 'crypto';

let mng = crypto.newPFXManager();
let rsaKey = mng.parseWithPassword(data, "*****", {"criteria": "PKCS1"});

    Returns ManagerPFX

pbkdf2

  • pbkdf2(password: Buffer, salt: Buffer, iterations: number, keyLen: number, algorithm: string): Buffer

  • pbkdf2算法

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let password = buffer.from("**********");
let salt = buffer.from("***********");

let crypt = crypto.pbkdf2(password, salt, 1000, 32, crypto.Hashs.SHA1);
console.log(crypt.toString(buffer.Encoding.Base64));

    Parameters

    • password: Buffer

      密钥, 此为敏感信息,请不要在源代码中直接写明文。

    • salt: Buffer

      盐值. 注意:为了安全起见,盐长度应大于8字节,盐应该是安全的随机数

    • iterations: number

      迭达次数. 注意:建议迭代1000次以上

    • keyLen: number

      生成hash key长度. 注意:小于32字节,在某些情况下可能不够安全

    • algorithm: string

      hash算法名称

    Returns Buffer

privateDecrypt

  • 使用rsa私钥解密

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';
import * as assert from 'assert';

let rsakey = crypto.generateKey(2048);
let data = buffer.from("something");
let cipherText = crypto.publicEncrypt(rsakey.publicKey, data);
let plainText = crypto.privateDecrypt(rsakey.privateKey, cipherText);
assert.equal(plainText, "something", "not equal");

    Parameters

    • privateKey: Buffer

      私钥,备注:敏感信息,请不要在代码中写明文。

    • cipherText: Buffer

      密文

    • Optional padding: RSAPadding

      填充模式, 默认值为PKCS1

    Returns Buffer

privateEncrypt

  • 使用rsa私钥加密,不建议使用这种方式来加密,不符合rsa的设计理念,存在安全风险。

    该api只是为了能兼容其他编程语言中错误用法。

    Parameters

    • privateKey: Buffer

      rsa私钥, 备注:敏感信息,请不要在代码中写明文。

    • cipherText: Buffer

      密文

    Returns Buffer

publicDecrypt

  • 使用rsa公钥钥解密,不建议使用这种方式来解密,不符合rsa的设计理念,存在安全风险。

    该api只是为了能兼容其他编程语言中错误用法。

    Parameters

    • publicKey: Buffer

      rsa公钥, 备注:敏感信息,请不要在代码中写明文。

    • plainText: Buffer

      明文

    Returns Buffer

publicEncrypt

  • 使用rsa公钥加密

    Parameters

    • publicKey: Buffer

      公钥, 备注:敏感信息,请不要在代码中写明文。

    • plainText: Buffer

      明文, 备注:敏感信息,请不要在代码中写明文。

    • Optional padding: RSAPadding

      填充模式, 默认值为PKCS1。

    Returns Buffer

randomBytes

  • randomBytes(size: number): Buffer

  • 生成安全随机字符串

    example
    
import * as crypto from 'crypto';
import * as buffer from 'buffer';

let rand = crypto.randomBytes(32);
console.log(rand.toString(buffer.Encoding.Base64));

    Parameters

    • size: number

      生成安全随机字符串的长度

    Returns Buffer