使用Nodejs加密模块的非对称加密

时间:2019-01-08 08:04:17

标签: node.js cryptojs encryption-asymmetric

我想使用nodejs10的加密模块进行非对称加密。

我找到了答案here 但是,当我尝试运行下面的代码时,出现此错误:

return method(toBuf(key), buffer, padding, passphrase);
           ^
Error: error:0608B096:digital envelope routines:EVP_PKEY_encrypt_init:operation not supported for this keytype.

代码:

var crypto = require("crypto");
var path = require("path");
var fs = require("fs");
const passphrase = "mySecret"

var encryptStringWithRsaPublicKey = function(toEncrypt, relativeOrAbsolutePathToPublicKey) {
  var absolutePath = path.resolve(relativeOrAbsolutePathToPublicKey);
  var publicKey = fs.readFileSync(absolutePath, "utf8");
  var buffer = new Buffer(toEncrypt);
  var encrypted = crypto.publicEncrypt(publicKey, buffer);
  return encrypted.toString("base64");
};

var decryptStringWithRsaPrivateKey = function(toDecrypt, relativeOrAbsolutePathtoPrivateKey) {
  var absolutePath = path.resolve(relativeOrAbsolutePathtoPrivateKey);
  var privateKey = fs.readFileSync(absolutePath, "utf8");
  var buffer = new Buffer(toDecrypt, "base64");
  //var decrypted = crypto.privateDecrypt(privateKey, buffer);
  const decrypted = crypto.privateDecrypt(
    {
      key: privateKey.toString(),
      passphrase: passphrase,
    },
    buffer,
  )
  return decrypted.toString("utf8");
};

const { writeFileSync } = require('fs')
const { generateKeyPairSync } = require('crypto')

function generateKeys() {
  const { privateKey, publicKey } = generateKeyPairSync('ec', {
    namedCurve: 'secp256k1',
    publicKeyEncoding: {
      type: 'spki',
      format: 'pem',
    },
    privateKeyEncoding: {
      type: 'pkcs8',
      format: 'pem',
      cipher: 'aes-256-cbc',
      passphrase: passphrase,
    },
  })

  writeFileSync('private.pem', privateKey)
  writeFileSync('public.pem', publicKey)
}

generateKeys();

let a = encryptStringWithRsaPublicKey("hello", "public.pem")
let b = decryptStringWithRsaPrivateKey(a, "private.pem");
console.log(b)

我没有发现问题所在,似乎是密码短语的问题。

1 个答案:

答案 0 :(得分:2)

在私钥生成上更新一些参数将使这项工作有效:

var crypto = require("crypto");
var path = require("path");
var fs = require("fs");
const passphrase = "mySecret"

var encryptStringWithRsaPublicKey = function(toEncrypt, relativeOrAbsolutePathToPublicKey) {
    var absolutePath = path.resolve(relativeOrAbsolutePathToPublicKey);
    var publicKey = fs.readFileSync(absolutePath, "utf8");
    var buffer = new Buffer(toEncrypt);
    var encrypted = crypto.publicEncrypt(publicKey, buffer);
    return encrypted.toString("base64");
};

var decryptStringWithRsaPrivateKey = function(toDecrypt, relativeOrAbsolutePathtoPrivateKey) {
    var absolutePath = path.resolve(relativeOrAbsolutePathtoPrivateKey);
    var privateKey = fs.readFileSync(absolutePath, "utf8");
    var buffer = new Buffer(toDecrypt, "base64");
    //var decrypted = crypto.privateDecrypt(privateKey, buffer);
    const decrypted = crypto.privateDecrypt(
        {
            key: privateKey.toString(),
            passphrase: passphrase,
        },
        buffer,
    )
    return decrypted.toString("utf8");
};

const { writeFileSync } = require('fs')
const { generateKeyPairSync } = require('crypto')

function generateKeys() {
    const { publicKey, privateKey } = generateKeyPairSync('rsa', 
    {
            modulusLength: 4096,
            namedCurve: 'secp256k1', 
            publicKeyEncoding: {
                type: 'spki',
                format: 'pem'     
            },     
            privateKeyEncoding: {
                type: 'pkcs8',
                format: 'pem',
                cipher: 'aes-256-cbc',
                passphrase: passphrase
            } 
    });

    writeFileSync('private.pem', privateKey)
    writeFileSync('public.pem', publicKey)
}

generateKeys();

let a = encryptStringWithRsaPublicKey("hello", "public.pem")
let b = decryptStringWithRsaPrivateKey(a, "private.pem");
console.log(b)