我如何解密HMAC?

时间:2013-01-08 15:54:40

标签: node.js cryptography hmac sha256

我可以使用以下内容制作HMAC:

var encrypt = crypto.createHmac("SHA256", secret).update(string).digest('base64');

我正试图用秘密来解密编码的HMAC:

var decrypt = crypto.createDecipher("SHA256", secret).update(string).final("ascii");

以下是不成功的。如何用密钥解密HMAC?

我收到以下错误:

node-crypto : Unknown cipher SHA256

crypto.js:155
  return (new Decipher).init(cipher, password);
                        ^
Error: DecipherInit error

3 个答案:

答案 0 :(得分:42)

HMAC是MAC /密钥哈希,而不是密码。它不是为解密而设计的。如果要加密某些内容,请使用密码(如AES),最好使用AES-GCM等经过身份验证的模式。

“解密”的唯一方法是猜测整个输入,然后比较输出。

答案 1 :(得分:3)

正如CodesInChaos所述,带有SHA256的HMAC只能用于散列值,这只是单向行程。如果您希望能够加密/解密,则必须使用密码,例如aesdes

加密/解密的示例:

const crypto = require("crypto");

// key and iv   
var key = crypto.createHash("sha256").update("OMGCAT!", "ascii").digest();
var iv = "1234567890123456";

// this is the string we want to encrypt/decrypt
var secret = "ermagherd";

console.log("Initial: %s", secret);

// create a aes256 cipher based on our password
var cipher = crypto.createCipheriv("aes-256-cbc", key, iv);
// update the cipher with our secret string
cipher.update(secret, "ascii");
// save the encryption as base64-encoded
var encrypted = cipher.final("base64");

console.log("Encrypted: %s", encrypted);

// create a aes267 decipher based on our password
var decipher = crypto.createDecipheriv("aes-256-cbc", key, iv);
// update the decipher with our encrypted string
decipher.update(encrypted, "base64");

console.log("Decrypted: %s", decipher.final("ascii"));

注意:您必须将密码/解密保存到自己的变量中,并确保不要在.final之后链接.update

如果您想知道系统上可用的密码,请使用以下命令:

openssl list-cipher-algorithm

答案 2 :(得分:-2)

清理极简主义视图的代码并消除混乱:  注意:IIFE在节点repl中运行" As Is" 

!function(){

const crypto = require("crypto");

// key 
var key = crypto.createHash("sha256").digest();


 // this is the string we want to encrypt/decrypt
 var secret = "ermagherd";

 console.log("Initial: %s", secret);

// create a aes256 cipher based on our password
var cipher = crypto.createCipher("aes-256-cbc", key);

// update the cipher with our secret string
cipher.update(secret);

// save the encryption 
var encrypted = cipher.final();

console.log("Encrypted: %s", encrypted);

// create a aes267 decipher based on our password
 var decipher = crypto.createDecipher("aes-256-cbc", key);

// update the decipher with our encrypted string
decipher.update(encrypted);

console.log("Decrypted: %s", decipher.final()); //default is utf8 encoding   final("utf8") not needed for default

}()

/*  REPL Output

            Initial: ermagherd
    Encrypted: T)��l��Ʀ��,�'
    Decrypted: ermagherd
    true
*/
相关问题
最新问题