我见过C#代码可以使用以下代码加密并稍后解密密码:
http://wp7-travel.googlecode.com/svn/trunk/SilverlightPhoneDatabase/Cryptography.cs
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Cryptography;
using System.IO;
using System.Reflection;
namespace SilverlightPhoneDatabase
{
/// <summary>
/// Class used to encrypt the database
/// </summary>
public static class Cryptography
{
/// <summary>
/// Incrypt the input using password provided
/// </summary>
/// <param name="input">Input string to encrypt</param>
/// <param name="password">Password to use</param>
/// <returns>Encrypted string</returns>
public static string Encrypt(string input, string password)
{
string data = input;
byte[] utfdata = UTF8Encoding.UTF8.GetBytes(data);
byte[] saltBytes = UTF8Encoding.UTF8.GetBytes(password);
// Our symmetric encryption algorithm
AesManaged aes = new AesManaged();
// We're using the PBKDF2 standard for password-based key generation
Rfc2898DeriveBytes rfc = new Rfc2898DeriveBytes(password, saltBytes);
// Setting our parameters
aes.BlockSize = aes.LegalBlockSizes[0].MaxSize;
aes.KeySize = aes.LegalKeySizes[0].MaxSize;
aes.Key = rfc.GetBytes(aes.KeySize / 8);
aes.IV = rfc.GetBytes(aes.BlockSize / 8);
// Encryption
ICryptoTransform encryptTransf = aes.CreateEncryptor();
// Output stream, can be also a FileStream
MemoryStream encryptStream = new MemoryStream();
CryptoStream encryptor = new CryptoStream(encryptStream, encryptTransf, CryptoStreamMode.Write);
encryptor.Write(utfdata, 0, utfdata.Length);
encryptor.Flush();
encryptor.Close();
byte[] encryptBytes = encryptStream.ToArray();
string encryptedString = Convert.ToBase64String(encryptBytes);
return encryptedString;
}
/// <summary>
/// Decrypt string using password provided
/// </summary>
/// <param name="base64Input">Input to decrypt</param>
/// <param name="password">Password to use</param>
/// <returns>Decrypted string</returns>
public static string Decrypt(string base64Input, string password)
{
byte[] encryptBytes = Convert.FromBase64String(base64Input);
byte[] saltBytes = Encoding.UTF8.GetBytes(password);
// Our symmetric encryption algorithm
AesManaged aes = new AesManaged();
// We're using the PBKDF2 standard for password-based key generation
Rfc2898DeriveBytes rfc = new Rfc2898DeriveBytes(password, saltBytes);
// Setting our parameters
aes.BlockSize = aes.LegalBlockSizes[0].MaxSize;
aes.KeySize = aes.LegalKeySizes[0].MaxSize;
aes.Key = rfc.GetBytes(aes.KeySize / 8);
aes.IV = rfc.GetBytes(aes.BlockSize / 8);
// Now, decryption
ICryptoTransform decryptTrans = aes.CreateDecryptor();
// Output stream, can be also a FileStream
MemoryStream decryptStream = new MemoryStream();
CryptoStream decryptor = new CryptoStream(decryptStream, decryptTrans, CryptoStreamMode.Write);
decryptor.Write(encryptBytes, 0, encryptBytes.Length);
decryptor.Flush();
decryptor.Close();
byte[] decryptBytes = decryptStream.ToArray();
string decryptedString = UTF8Encoding.UTF8.GetString(decryptBytes, 0, decryptBytes.Length);
return decryptedString;
}
}
}
我不是安全专家,对加密算法的经验有限。我有一个加密的密码,由这种代码加密,现在想要在node.js程序(Javascript)中访问解密的密码。
似乎crypto-js
有一个pbkdf2.js
模块,但它只知道如何加密密码。
我见过http://anandam.name/pbkdf2/,但它似乎只是一个加密器。没有解密。
任何人都可以提供解密密码的代码,给定已知的盐和用于加密密码的迭代,使用普通的Javascript,最好利用crypto-js
等常用模块吗?
答案 0 :(得分:3)
PBKDF是基于密码的密钥派生功能。 PBKDF不是加密算法。可以将它们与带盐的单向安全散列算法(使相同密码的输出唯一)和迭代计数(使它们变慢)进行比较。许多PBKDF,例如你问题中的PBKDF2,实际上是使用SHA-1等哈希算法实现的。
PBKDF函数通常用于在密码上生成唯一标识符。该标识符将具有生成的密钥材料的所有属性,包括在没有暴力攻击的情况下无法检索输入材料的属性。换句话说,您无法解密密码 - 您只能尝试每个可能的密码以查看PBKDF2的输出是否匹配。