Rfc2898DeriveBytes在javascript中的等价物?
我已经看到C#代码可以使用如下代码encryption和解密密码:
http://wp7-travel.googlecode.com/svn/trunk/SilverlightPhoneDatabase/Cryptography.cs
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Security.Cryptography; using System.IO; using System.Reflection; namespace SilverlightPhoneDatabase { /// <summary> /// Class used to encrypt the database /// </summary> public static class Cryptography { /// <summary> /// Incrypt the input using password provided /// </summary> /// <param name="input">Input string to encrypt</param> /// <param name="password">Password to use</param> /// <returns>Encrypted string</returns> public static string Encrypt(string input, string password) { string data = input; byte[] utfdata = UTF8Encoding.UTF8.GetBytes(data); byte[] saltBytes = UTF8Encoding.UTF8.GetBytes(password); // Our symmetric encryption algorithm AesManaged aes = new AesManaged(); // We're using the PBKDF2 standard for password-based key generation Rfc2898DeriveBytes rfc = new Rfc2898DeriveBytes(password, saltBytes); // Setting our parameters aes.BlockSize = aes.LegalBlockSizes[0].MaxSize; aes.KeySize = aes.LegalKeySizes[0].MaxSize; aes.Key = rfc.GetBytes(aes.KeySize / 8); aes.IV = rfc.GetBytes(aes.BlockSize / 8); // Encryption ICryptoTransform encryptTransf = aes.CreateEncryptor(); // Output stream, can be also a FileStream MemoryStream encryptStream = new MemoryStream(); CryptoStream encryptor = new CryptoStream(encryptStream, encryptTransf, CryptoStreamMode.Write); encryptor.Write(utfdata, 0, utfdata.Length); encryptor.Flush(); encryptor.Close(); byte[] encryptBytes = encryptStream.ToArray(); string encryptedString = Convert.ToBase64String(encryptBytes); return encryptedString; } /// <summary> /// Decrypt string using password provided /// </summary> /// <param name="base64Input">Input to decrypt</param> /// <param name="password">Password to use</param> /// <returns>Decrypted string</returns> public static string Decrypt(string base64Input, string password) { byte[] encryptBytes = Convert.FromBase64String(base64Input); byte[] saltBytes = Encoding.UTF8.GetBytes(password); // Our symmetric encryption algorithm AesManaged aes = new AesManaged(); // We're using the PBKDF2 standard for password-based key generation Rfc2898DeriveBytes rfc = new Rfc2898DeriveBytes(password, saltBytes); // Setting our parameters aes.BlockSize = aes.LegalBlockSizes[0].MaxSize; aes.KeySize = aes.LegalKeySizes[0].MaxSize; aes.Key = rfc.GetBytes(aes.KeySize / 8); aes.IV = rfc.GetBytes(aes.BlockSize / 8); // Now, decryption ICryptoTransform decryptTrans = aes.CreateDecryptor(); // Output stream, can be also a FileStream MemoryStream decryptStream = new MemoryStream(); CryptoStream decryptor = new CryptoStream(decryptStream, decryptTrans, CryptoStreamMode.Write); decryptor.Write(encryptBytes, 0, encryptBytes.Length); decryptor.Flush(); decryptor.Close(); byte[] decryptBytes = decryptStream.ToArray(); string decryptedString = UTF8Encoding.UTF8.GetString(decryptBytes, 0, decryptBytes.Length); return decryptedString; } } } 我不是安全专家,对encryptionalgorithm的经验有限。 我有一个encryption的密码,这种types的代码encryption,现在想访问解密的密码在node.js程序(Javascript)。
看来crypto-js有一个pbkdf2.js模块,但它只知道如何encryption密码。
我见过http://anandam.name/pbkdf2/,但它似乎只是一个encryption器。 没有解密。
任何人都可以提供密码解密的代码,给定一个已知的盐和迭代,用于encryption它,使用简单的Javascript,最好利用像crypto-js通用模块?
PBKDF是基于密码的密钥导出函数。 PBKDF不是encryptionalgorithm。 他们可以用一种方法比较安全哈希algorithm与盐(使输出为相同的密码唯一)和迭代计数(使他们慢)。 很多PBKDF,比如你的问题中的PBKDF2,实际上是使用SHA-1等哈希algorithm来实现的。
PBKDF函数通常用于生成密码上的唯一标识符。 该标识符将具有生成的密钥材料的所有属性, 包括在没有powershell攻击的情况下不可能检索input材料的属性 。 换句话说,你不能解密密码 – 你只能尝试每个可能的密码,看看PBKDF2的输出是否匹配。