crypto createHMAC输出根据nodejs版本而有所不同 [英] crypto createHMAC output differs according to nodejs version
问题描述
在升级我的节点版本时,我有加密模块的问题。创建的HMAC取决于节点的版本。您会在下面的代码中找到重现问题的代码。
如果我将密钥编码为BASE64(或任何),则HMAC不依赖于node.js版本。
如果我将其编码为二进制,HMAC将不同,如果我更改我的node.js版本。
根据为什么crypto.createHash在新版本中返回不同的输出?当调用更新
函数
$ b时,我添加了编码$ b
代码片段
use strict;
const crypto = require('crypto');
console.log(process.version);
let key ='5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936';
let _key64 =(new Buffer(key,'hex'))。toString('base64');
console.log(B64 KEY:+ crypto.createHmac('sha512',_key64).update(hey,binary)。digest('hex')toUpperCase());
let _keyBin =(new Buffer(key,'hex'))。toString('binary');
console.log(BIN KEY:+ crypto.createHmac('sha512',_keyBin).update(hey,binary)。digest('hex')toUpperCase());
以下是2个版本的node.js的输出
'pre>
V5.6.0
B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY:E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
V8.1.4
B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY:6F089BCA7A24BF6C3F8E0F75349C8B446C4E69336CF41AA7A390C9B17086417E475545197B0312B4D9240A9F0388CA8722ADCF04BFD554321290EBBCD61F800E
注意:这是这个问题的缩小: HMAC根据节点版本(付费模块)进行更改
顺便说一句,如果我做
const key ='5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936'
const bkey =(new Buffer(key,'hex'))toString('binary');
console.log((new buffer(bkey,'binary'))。toString('hex'));
没问题,我获得相同的密钥 5ece799aa73a7a8e687 ...
无论节点的版本。
感谢@matt:总结他的评论
由于 https://github.com/nodejs / node / commit / b010c8716498dca398e61c388859fea92296feb3 ,最好通过删除 .toString('binary')
所以这个
use strict;
const crypto = require('crypto');
console.log(process.version);
let key ='5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936';
let _key64 =(new Buffer(key,'hex'))。toString('base64');
console.log(B64 KEY:+ crypto.createHmac('sha512',_key64).update(hey,binary)。digest('hex')toUpperCase());
let _keyBin =(new Buffer(key,'hex'));
console.log(BIN KEY:+ crypto.createHmac('sha512',_keyBin).update(hey,binary)。digest('hex')toUpperCase());
(当然)
V5.6.0
B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY:E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
V8.1.4
B64 KEY:0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY:E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
I have issues with crypto module while upgrading my node version. The created HMAC depends on the version of node. You'll find below the piece of code that reproduces the problem.
If I encode my key as BASE64 (or any) the HMAC does not depends on node.js version.
If I encode it as binary, the HMAC is different if I change my node.js version.
[EDIT] according to Why crypto.createHash returns different output in new version? I have added the encoding when calling the update
function
code snippet
"use strict";
const crypto = require('crypto');
console.log(process.version);
let key = '5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936';
let _key64 = (new Buffer(key, 'hex')).toString('base64');
console.log("B64 KEY: "+crypto.createHmac('sha512', _key64).update("hey", "binary").digest('hex').toUpperCase());
let _keyBin = (new Buffer(key, 'hex')).toString('binary');
console.log("BIN KEY: "+crypto.createHmac('sha512', _keyBin).update("hey", "binary").digest('hex').toUpperCase());
The output is the following with 2 versions of node.js
v5.6.0
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
v8.1.4
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: 6F089BCA7A24BF6C3F8E0F75349C8B446C4E69336CF41AA7A390C9B17086417E475545197B0312B4D9240A9F0388CA8722ADCF04BFD554321290EBBCD61F800E
note: this is a narrowing of this question: HMAC changes according to node version (paybox module)
By the way, If I do
const key = '5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936'
const bkey = (new Buffer(key, 'hex')).toString('binary');
console.log((new Buffer(bkey, 'binary')).toString('hex'));
no problem, I obtain the same key 5ece799aa73a7a8e687...
whatever the version of node.
Solved thanks to @matt: To sum up his comment
Because of https://github.com/nodejs/node/commit/b010c8716498dca398e61c388859fea92296feb3, it is preferable to pass the buffer to crypto, by removing .toString('binary')
So this
"use strict";
const crypto = require('crypto');
console.log(process.version);
let key = '5ece799aa73a7a8e687876f8e0eabe2e200b967ef5728d845f72fc9ea27dbcd90cd4e06e8bc90d823ac8a54ce91f68ca37fc2e7bbf3f5ef9d82b4c6b938f1936';
let _key64 = (new Buffer(key, 'hex')).toString('base64');
console.log("B64 KEY: "+crypto.createHmac('sha512', _key64).update("hey", "binary").digest('hex').toUpperCase());
let _keyBin = (new Buffer(key, 'hex'));
console.log("BIN KEY: "+crypto.createHmac('sha512', _keyBin).update("hey", "binary").digest('hex').toUpperCase());
works (of course)
v5.6.0
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
v8.1.4
B64 KEY: 0DC11C737E575B17DD575042F8F372E3D63A86C3B56C06FB74C9B0AB8E96A5FC8A2DC33667280DC5B306C93AA3DECBAF0D8EDE56F3666C11BFC25A70CFC027D0
BIN KEY: E5A9F813D9AA64A6791BEA91035553FFC730DBE635D0CE7AC722C0195DFDD77A969323FDDFB4E5054E59073DAE9B9BF00CFF73CF20F2FACEE01F79F25E7B9303
这篇关于crypto createHMAC输出根据nodejs版本而有所不同的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!