crypto createHMAC输出根据nodejs版本而有所不同 [英] crypto createHMAC output differs according to nodejs version

查看:431
本文介绍了crypto createHMAC输出根据nodejs版本而有所不同的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在升级我的节点版本时,我有加密模块的问题。创建的HMAC取决于节点的版本。您会在下面的代码中找到重现问题的代码。



如果我将密钥编码为BASE64(或任何),则HMAC不依赖于node.js版本。



如果我将其编码为二进制,HMAC将不同,如果我更改我的node.js版本。



根据为什么crypto.createHash在新版本中返回不同的输出?当调用更新函数


$ b时,我添加了编码$ b

代码片段

 use strict; 
 
 const crypto = require('crypto'); 
 
 console.log(process.version); 
 
 let key ='5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936'; 
 
 let _key64 =(new Buffer(key,'hex'))。toString('base64'); 
 console.log(B64 KEY:+ crypto.createHmac('sha512',_key64).update(hey,binary)。digest('hex')toUpperCase()); 
 
 let _keyBin =(new Buffer(key,'hex'))。toString('binary'); 
 console.log(BIN KEY:+ crypto.createHmac('sha512',_keyBin).update(hey,binary)。digest('hex')toUpperCase());

以下是2个版本的node.js的输出



'pre> V5.6.0
B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY:E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
V8.1.4
B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY:6F089BCA7A24BF6C3F8E0F75349C8B446C4E69336CF41AA7A390C9B17086417E475545197B0312B4D9240A9F0388CA8722ADCF04BFD554321290EBBCD61F800E

注意:这是这个问题的缩小: HMAC根据节点版本(付费模块)进行更改



顺便说一句,如果我做

  const key ='5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936'
 const bkey =(new Buffer(key,'hex'))toString('binary'); 
 console.log((new buffer(bkey,'binary'))。toString('hex'));

没问题,我获得相同的密钥 5ece799aa73a7a8e687 ... 无论节点的版本。

解决方案

感谢@matt:总结他的评论



由于 https://github.com/nodejs / node / commit / b010c8716498dca398e61c388859fea92296feb3 ,最好通过删除 .toString('binary')

$ b $将缓冲区传递给crypto b

所以这个

 use strict; 
 
 const crypto = require('crypto'); 
 
 console.log(process.version); 
 let key ='5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936'; 
 
 let _key64 =(new Buffer(key,'hex'))。toString('base64'); 
 console.log(B64 KEY:+ crypto.createHmac('sha512',_key64).update(hey,binary)。digest('hex')toUpperCase()); 
 
 let _keyBin =(new Buffer(key,'hex')); 
 console.log(BIN KEY:+ crypto.createHmac('sha512',_keyBin).update(hey,binary)。digest('hex')toUpperCase());

(当然)

  V5.6.0 
 B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0 
 BIN KEY:E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303 
 V8.1.4 
 B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0 
 BIN KEY:E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303


I have issues with crypto module while upgrading my node version. The created HMAC depends on the version of node. You'll find below the piece of code that reproduces the problem.

If I encode my key as BASE64 (or any) the HMAC does not depends on node.js version.

If I encode it as binary, the HMAC is different if I change my node.js version.

[EDIT] according to Why crypto.createHash returns different output in new version? I have added the encoding when calling the update function

code snippet

"use strict";

const crypto = require('crypto');

console.log(process.version);

let key = '5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936';

let _key64 = (new Buffer(key, 'hex')).toString('base64');
console.log("B64 KEY: "+crypto.createHmac('sha512', _key64).update("hey", "binary").digest('hex').toUpperCase());

let _keyBin = (new Buffer(key, 'hex')).toString('binary');
console.log("BIN KEY: "+crypto.createHmac('sha512', _keyBin).update("hey", "binary").digest('hex').toUpperCase());

The output is the following with 2 versions of node.js

v5.6.0
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
v8.1.4
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: 6F089BCA7A24BF6C3F8E0F75349C8B446C4E69336CF41AA7A390C9B17086417E475545197B0312B4D9240A9F0388CA8722ADCF04BFD554321290EBBCD61F800E

note: this is a narrowing of this question: HMAC changes according to node version (paybox module)

By the way, If I do 

const key = '5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936'
const bkey = (new Buffer(key, 'hex')).toString('binary');
console.log((new Buffer(bkey, 'binary')).toString('hex'));

no problem, I obtain the same key 5ece799aa73a7a8e687... whatever the version of node.

解决方案

Solved thanks to @matt: To sum up his comment

Because of https://github.com/nodejs/node/commit/b010c8716498dca398e61c388859fea92296feb3, it is preferable to pass the buffer to crypto, by removing .toString('binary')

So this

"use strict";

const crypto = require('crypto');

console.log(process.version);
let key = '5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936';

let _key64 = (new Buffer(key, 'hex')).toString('base64');
console.log("B64 KEY: "+crypto.createHmac('sha512', _key64).update("hey", "binary").digest('hex').toUpperCase());

let _keyBin = (new Buffer(key, 'hex'));
console.log("BIN KEY: "+crypto.createHmac('sha512', _keyBin).update("hey", "binary").digest('hex').toUpperCase());

works (of course)

v5.6.0
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
v8.1.4
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303

这篇关于crypto createHMAC输出根据nodejs版本而有所不同的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
开发方法最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆