node.js:加密需要解密的数据吗? [英] node.js: encrypting data that needs to be decrypted?

问题描述

我们将bcrypt用于不需要解密的密码和数据.

We are using bcrypt for passwords and data that never needs to be decrypted.

应该采取什么措施来保护其他这样做的用户信息.对于此示例，假设我们不希望用户的真实姓名采用纯文本格式，以防有人获取数据库.

What should do to protect other user information that does. For this example lets say that we didn't want a users real name to be in plain text in case someone was to obtain the db.

这是一些敏感数据，但还需要不时调用并以纯文本显示.有没有简单的方法可以做到这一点?

This is somewhat sensitive data but also needs to be called from time to time and displayed in plain text. Is there a simple way to do this?

推荐答案

您可以使用加密模块:

var crypto = require('crypto');
var assert = require('assert');

var algorithm = 'aes256'; // or any other algorithm supported by OpenSSL
var key = 'password';
var text = 'I love kittens';

var cipher = crypto.createCipher(algorithm, key);  
var encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex');
var decipher = crypto.createDecipher(algorithm, key);
var decrypted = decipher.update(encrypted, 'hex', 'utf8') + decipher.final('utf8');

assert.equal(decrypted, text);

这篇关于node.js:加密需要解密的数据吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！