Noejs-crypto Encryption Tool
crypto module provides encryption functions, including a package of hashing, MD5, HMAC, encryption, decryption, signature, and verification functions of OpenSSL.
MD5 commonly used in crypto
MD5 is an irreversible encryption algorithm. At present, it is one of the most reliable encryption algorithms. There is no program that can inverse operation has been developed. It can encrypt any string into a single fixed length code.
First of all, it is irreversible. There is no systematic way to know what the original text of MD5 code is.
Of course, MD5 is also a good and bad encryption of the same character is the result of the same code, there will be the risk of Library collision.
# crypto import installation
For nodejs environment
npm i crypto --save-dev //Introduction of js const crypto = require('crypto'); //perhaps import crypto from 'crypto';
Encapsulate MD5 utils.js
const crypto = require('crypto'); /** * hash Method * * @param {String} e.g.: 'md5', 'sha1' * @param {String|Buffer} s * @param {String} [format] 'hex','base64'. default is 'hex'. * @return {String} Coded value * @private */ const hash = (method, s, format) => { var sum = crypto.createHash(method); var isBuffer = Buffer.isBuffer(s); if(!isBuffer && typeof s === 'object') { s = JSON.stringify(sortObject(s)); } sum.update(s, isBuffer ? 'binary' : 'utf8'); return sum.digest(format || 'hex'); }; /** - md5 Code - 3. @param {String|Buffer} s - @param {String} [format] 'hex','base64'. default is 'hex'. - @return {String} md5 hash string - @public */ const md5 = (s, format) => { return hash('md5', s, format); }; module.exports = { md5 };
MD5 Salting and Salt Removal Calibration
In order to prevent Mei Chao-chao's maneuver of colliding with the reservoir, we logged in by adding salt.
## MD5 Encrypts Multiple User Registration
MD5 (md5 (username + MD5 (password))
Encryption multiple times, the more the better
//Introduce utils.js with the above encapsulation import utils from '../utils.js' let name = 'abcd' let password = '123' let user_ticket = utils.md5(utils.md5(name + utils.md5(password))) console.log(user_ticket) => 3a59492a85438a3a39a30fd0d8103ac5 //Encrypted results
Logon password MD5 salt
Salt is added in a time stamp or in other ways as salty as possible, and then stir-fried back and forth in a pot.
Well, strict biography
Similarly, the MD5 multiple encryption specification is added with a time stamp salt, and the time stamp should be passed into the background with other parameters for decryption.
let name = 'abcd' let password = '123' var timestamp = Date.parse(new Date()) / 1000 let user_ticket = utils.md5(utils.md5(utils.md5(name + utils.md5(password))) + timestamp) console.log(user_ticket) =>0b3298cb3c20b08318c185aec803a929 //The result of salt addition
Encryption and decryption of salt
When registering, MD5 is used to encrypt data more than once, and MD5 is used to encrypt data more than once when logging in.
let name = 'abcd' let password = '123' var timestamp = Date.parse(new Date()) / 1000 let load_password = utils.md5(utils.md5(name + utils.md5(password))) //Store passwords let user_ticket_client = utils.md5(utils.md5(utils.md5(name + utils.md5(password))) + timestamp) //Client Password let user_ticket_service = utils.md5(load_password + timestamp) //The server encrypts, calculates and stores the password and timestamps again console.log(user_ticket_client == user_ticket_service) => true //Comparing client encryption with server encryption again
Some people have rivers and lakes, rivers and lakes are dangerous, there is no absolute security system, there are various forms of encryption, this time take me MD5 to save rivers and lakes, rivers and lakes have a good-bye.