crypt-js

18121 ワード
原文のリンク:https://www.npmjs.com/package/crypto-js
javascriptに基づいて作成されたmd 5、aesなどの各種暗号化、解読アルゴリズムのパッケージ.
インストール
>npm i crypto-js --save
  • MD 5
    • MD 5 is a widely used hash function.It's been used in a variety of security appications and is also comonly used to check the integrity of files.Though,Md 5 is not collision resont,and it istant is t istant'suablication able ablication.
    

    var hash = CryptoJS.MD5("Message");
  • SHA-1
    • The SHA hash functions werse designed by the Nationl Security Agency(NSA).SHA-1 is the most established of the existing SHA hash functions,and it's s ined in a variety of security apprity apprity and protorstanice.Thoces.Theraptes.Therefishares.
    

    var hash = CryptoJS.SHA1("Message");
  • SHA-2
    • SHA-256 is one of the four variants in the SHA-2 set.It isn't as widely used shA-1,though it appars to provide much better security.
    

    var hash = CryptoJS.SHA256("Message");
    SHA-512 is largely identical to SHA-256 but operates on 64-bit words rather than 32.
    

    var hash = CryptoJS.SHA512("Message");
    Crypt JS also supports SHA-224 and SHA-384、which are largely identical but truncated versions of SHA-256 and SH-512 rectively.
  • SHA-3
    • SHA-3 is the winer of a five-year copetition to select a new cryptgraphic hash algorithm where 64 comppeting designs werevaluted.
    

    var hash = CryptoJS.SHA3("Message");
    SHA-3 can be configured to output hash lengths of one of 224、256、384、or 512 bits.The default is 512 bitts.
    

    var hash = CryptoJS.SHA3("Message", { outputLength: 512 });
    var hash = CryptoJS.SHA3("Message", { outputLength: 384 });
    var hash = CryptoJS.SHA3("Message", { outputLength: 256 });
    var hash = CryptoJS.SHA3("Message", { outputLength: 224 });
    ==RIPEMD-160==
    

    var hash = CryptoJS.RIPEMD160("Message");
    ==The Hasher Input==
    The hash algorithms accept eigther streings or instance s of Crypt JS.lib.WordAray.A WordAray Offect represents of 32-bits.When You pass a string,it's auticallyconverted a Wordraty.A WorldArary Codents F-8.
    ==The Hasher Output==
    The hash you get back isn't a string yet.It's a WordAray object.When you use a WordAray Object in a string context,it's auttic converted to a hex string.
    

    var hash = CryptoJS.SHA256("Message");

    alert(typeof hash); // object

    alert(hash); // 2f77668a9dfbf8d5848b9eeb4a7145ca94c6ed9236e4a773f6dcafa5132b2f91
    You can convert a WorldAray object to other formas by explicitly caling the tostring method and passing an encoder.
    


    var hash = CryptoJS.SHA256("Message");

    alert(hash.toString(CryptoJS.enc.Base64)); // L3dmip37+NWEi57rSnFFypTG7ZI25Kdz9tyvpRMrL5E=

    alert(hash.toString(CryptoJS.enc.Latin1)); // /wf��ûøÕ���ëJqEÊ�Æí�6ä§söܯ¥�+/�

    alert(hash.toString(CryptoJS.enc.Hex)); // 2f77668a9dfbf8d5848b9eeb4a7145ca94c6ed9236e4a773f6dcafa5132b2f91
    ==Progessvie Hashing==
    

    var sha256 = CryptoJS.algo.SHA256.create();

    sha256.update("Message Part 1");
    sha256.update("Message Part 2");
    sha256.update("Message Part 3");

    var hash = sha256.finalize();
  • HMAC
    • Keyed-hash message authentication codes(HMAC)is a mechans for message authentication using cryptraphic hash functions.
    HMAC can be used in commbination with any iterated crytographic hash function.
    




    var hash = CryptoJS.HmacMD5("Message", "Secret Passphrase");
    var hash = CryptoJS.HmacSHA1("Message", "Secret Passphrase");
    var hash = CryptoJS.HmacSHA256("Message", "Secret Passphrase");
    var hash = CryptoJS.HmacSHA512("Message", "Secret Passphrase");
    ==Progessitive HMAC Hashing==
    

    var hmac = CryptoJS.algo.HMAC.create(CryptoJS.algo.SHA256, "Secret Passphrase");

    hmac.update("Message Part 1");
    hmac.update("Message Part 2");
    hmac.update("Message Part 3");

    var hash = hmac.finalize();
  • PBKDF 2
    • PKDF 2 is a password-based key dersion.In many appications of cryptgraphy,user security is ultimartely dependent on a password,and because a password usually can't used directly as.proquece.
    A salt provides a large set of keys for any given password,and an iteration count increas the cot of producing keys from a password,thereby also increase the difficulty of ateck.
    

    var salt = CryptoJS.lib.WordArray.random(128/8);

    var key128Bits = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 128/32 });
    var key256Bits = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 256/32 });
    var key512Bits = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 512/32 });

    var key512Bits1000Iterations = CryptoJS.PBKDF2("Secret Passphrase", salt, { keySize: 512/32, iterations: 1000 });
  • Cinphers
    • ==The CierAlgorithms==
  • AES
    • The Advanced Ecryption Standard(AES)is a U.S.Feders Information Processing Standard(FIPS).It was selected after a 5-year process where 15 copeting designs werse e e e e evaluated.
    

    var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase");

    var decrypted = CryptoJS.AES.decrypt(encrypted, "Secret Passphrase");
    Crypt JS supports AES-128,AES-192,and AES-256.It will pick the variant by the size of the key you pass in.If you use a passphrase,then it will generate a 256-bitkey.
  • DES,Triple DES
    • DES is a previousy dominant algorithm for encrypt,and was published as offical Feders Information Processing Standard.DES is now consided to be insecure due to the small key size.
    

    var encrypted = CryptoJS.DES.encrypt("Message", "Secret Passphrase");

    var decrypted = CryptoJS.DES.decrypt(encrypted, "Secret Passphrase");
    Triple_DES appries DES three times to each block to increase the key size.The algorithm is believed to be secure in this form.
    

    var encrypted = CryptoJS.TripleDES.encrypt("Message", "Secret Passphrase");

    var decrypted = CryptoJS.TripleDES.decrypt(encrypted, "Secret Passphrase");
  • Rabbit
    • Rabbit is a high-performance stream cipher and a finalist in the eSTREAM Portfolio.It is one of the four designs selected after a 3 1/2 year process where 22 designs werevaluted.
    

    var encrypted = CryptoJS.Rabbit.encrypt("Message", "Secret Passphrase");

    var decrypted = CryptoJS.Rabbit.decrypt(encrypted, "Secret Passphrase");
  • RC 4,RC 4 Drop
    • RC 4 is a widely-used stream cipher.It's used in popur protocols such as SSL and WEP.Although remarcable for its simplity and speed,the algorithm's history doesn't inspire confidence City.
    

    var encrypted = CryptoJS.RC4.encrypt("Message", "Secret Passphrase");

    var decrypted = CryptoJS.RC4.decrypt(encrypted, "Secret Passphrase");
    It was discovered that the first few bytes of keystream are stronigly non-randm and leak information about the key.We can defeagainst this atch by discaring the initial potion of the the inketream.Thefired.Thtratratratratrads.Theld.Thive.
    By default、192 words(768 bytes)are dropped、but you can configre the algorithm to drop any number of words.
    

    var encrypted = CryptoJS.RC4Drop.encrypt("Message", "Secret Passphrase");

    var encrypted = CryptoJS.RC4Drop.encrypt("Message", "Secret Passphrase", { drop: 3072/4 });

    var decrypted = CryptoJS.RC4Drop.decrypt(encrypted, "Secret Passphrase", { drop: 3072/4 });
  • Custom Key and IV 
    • 

    var key = CryptoJS.enc.Hex.parse('000102030405060708090a0b0c0d0e0f');
    var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f');

    var encrypted = CryptoJS.AES.encrypt("Message", key, { iv: iv });
    ==Block Modes and Padding==
    



    var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase", { mode: CryptoJS.mode.CFB, padding: CryptoJS.pad.AnsiX923 });
    Crypt JS supports Modes:
  • CBC
  • CFB
  • CTR
  • OFB
  • ECB
    • And CryptJS Supports Padding schemes:
  • Pkcs 7(the default)
  • Iso 971
  • AnsiX 923
  • Iso 10126
  • ZeroPadding
  • NoPadding
    • ==The Cinpher Input==
    For the plintext message、the cipher algorithms accept eigther stings or instances of Crypt JS.lib.WordAray.
    For the key,when you pass a string,it's treated as a passphrase and used to dersive an actual key and IV.Or you can pass a WordAray that represents the actual key.If pass the acal tukey
    For the ciphertext,the cipher algorithms accept einther stinininininininstas of CrytoJ S.lib.ipherererepresents a collection of parameters such the IV,a salt,and the rarararaphphphphphphphphexxphphphphphphphphphphphphphphphphphphphphphphphphphpheeeeexaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaable format strate gy.
    ==The Cinpher Output==
    The plintext you get back after decryption is a WordAray object.See Hashers'Output for more detail.
    The ciphertext You get back after encrypt isn't a string yet.It's a CinpherParams Object.A Cier Parameters.abject gives you access to all the parameters used during encryption.When You.When You Cine Cine Cine CiverPareama apherParames Parame Parames obact.abject.it's autmatially converted to a string accoding to a format strate.The default is an OpenSSL-comptible format.
    

    var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase");

    alert(encrypted.key);        // 74eb593087a982e2a6f5dded54ecd96d1fd0f3d44a58728cdcd40c55227522223
    alert(encrypted.iv);         // 7781157e2629b094f0e3dd48c4d786115
    alert(encrypted.salt);       // 7a25f9132ec6a8b34
    alert(encrypted.ciphertext); // 73e54154a15d1beeb509d9e12f1e462a0

    alert(encrypted);            // U2FsdGVkX1+iX5Ey7GqLND5UFUoV0b7rUJ2eEvHkYqA=
    You can define your own formas in order to be comptible with other crypt implements.A format is an object with twothods-stingify and parse-that converts between Civeraphers and ciphertext.stregs.stregs.
    Here's how you might write a JSON formater:
    

    var JsonFormatter = {
        stringify: function (cipherParams) {
            // create json object with ciphertext
            var jsonObj = {
                ct: cipherParams.ciphertext.toString(CryptoJS.enc.Base64)
            };

            // optionally add iv and salt
            if (cipherParams.iv) {
                jsonObj.iv = cipherParams.iv.toString();
            }
            if (cipherParams.salt) {
                jsonObj.s = cipherParams.salt.toString();
            }

            // stringify json object
            return JSON.stringify(jsonObj);
        },

        parse: function (jsonStr) {
            // parse json string
            var jsonObj = JSON.parse(jsonStr);

            // extract ciphertext from json object, and create cipher params object
            var cipherParams = CryptoJS.lib.CipherParams.create({
                ciphertext: CryptoJS.enc.Base64.parse(jsonObj.ct)
            });

            // optionally extract iv and salt
            if (jsonObj.iv) {
                cipherParams.iv = CryptoJS.enc.Hex.parse(jsonObj.iv)
            }
            if (jsonObj.s) {
                cipherParams.salt = CryptoJS.enc.Hex.parse(jsonObj.s)
            }

            return cipherParams;
        }
    };

    var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase", { format: JsonFormatter });

    alert(encrypted); // {"ct":"tZ4MsEnfbcDOwqau68aOrQ==","iv":"8a8c8fd8fe33743d3638737ea4a00698","s":"ba06373c8f57179c"}

    var decrypted = CryptoJS.AES.decrypt(encrypted, "Secret Passphrase", { format: JsonFormatter });

    alert(decrypted.toString(CryptoJS.enc.Utf8)); // Message
    ==Progessvie Cinphering==
    

    var key = CryptoJS.enc.Hex.parse('000102030405060708090a0b0c0d0e0f');
    var iv  = CryptoJS.enc.Hex.parse('101112131415161718191a1b1c1d1e1f');

    var aesEncryptor = CryptoJS.algo.AES.createEncryptor(key, { iv: iv });

    var ciphertextPart1 = aesEncryptor.process("Message Part 1");
    var ciphertextPart2 = aesEncryptor.process("Message Part 2");
    var ciphertextPart3 = aesEncryptor.process("Message Part 3");
    var ciphertextPart4 = aesEncryptor.finalize();

    var aesDecryptor = CryptoJS.algo.AES.createDecryptor(key, { iv: iv });

    var plaintextPart1 = aesDecryptor.process(ciphertextPart1);
    var plaintextPart2 = aesDecryptor.process(ciphertextPart2);
    var plaintextPart3 = aesDecryptor.process(ciphertextPart3);
    var plaintextPart4 = aesDecryptor.process(ciphertextPart4);
    var plaintextPart5 = aesDecryptor.finalize();
    ==Interoperability==
    ==With OpenSSL====
    Ecrypt with OpenSSL:
    openssl enc -aes-256-cbc -in infile -out outfile -pass pass:"Secret Passphrase" -e -base64
    Decrypt with Crypt JS:
    

    var decrypted = CryptoJS.AES.decrypt(openSSLEncrypted, "Secret Passphrase");
    ==Ecoders==
    Crypt JS can convert from encoding formas such as Base 64、Latin 1 or Hex to WordAray objecs and vica versa.
    



    var words  = CryptoJS.enc.Base64.parse('SGVsbG8sIFdvcmxkIQ==');
    var base64 = CryptoJS.enc.Base64.stringify(words);

    var words  = CryptoJS.enc.Latin1.parse('Hello, World!');
    var latin1 = CryptoJS.enc.Latin1.stringify(words);

    var words = CryptoJS.enc.Hex.parse('48656c6c6f2c20576f726c6421');
    var hex   = CryptoJS.enc.Hex.stringify(words);

    var words = CryptoJS.enc.Utf8.parse('');
    var utf8  = CryptoJS.enc.Utf8.stringify(words);

    var words = CryptoJS.enc.Utf16.parse('Hello, World!');
    var utf16 = CryptoJS.enc.Utf16.stringify(words);

    var words = CryptoJS.enc.Utf16LE.parse('Hello, World!');
    var utf16 = CryptoJS.enc.Utf16LE.stringify(words);
    javascriptはdivタグの幅の高さを取得します.