目前我需要创建一个需要从javascript文件在Mulesoft中进行比较的散列,目前的方法是直接使用Crypto。SHA1方法,但它已经过时了,现在mule应用程序正在使用SHA256,但我不知道如何创建相同的流来从Javascript执行加密。
这是其他用户在stackoverflow中分享的在Javascript中实现MD5加密的示例:
var password = CryptoJS.enc.Utf8.parse("test");
var salt = CryptoJS.enc.Hex.parse("2121F055C39F5A75");
var iterations = 31;
// PBE according to PKCS#5 v1.5 (in other words: PBKDF1)
var md5 = CryptoJS.algo.HMAC256.create();
md5.update(password);
md5.update(salt);
var result = md5.finalize();
md5.reset();
for(var i = 1; i < iterations; i++) {
md5.update(result);
result = md5.finalize();
md5.reset();
}
// splitting key and IV
var key = CryptoJS.lib.WordArray.create(result.words.slice(0, 2));
var iv = CryptoJS.lib.WordArray.create(result.words.slice(2, 4));
var encrypted = CryptoJS.DES.encrypt("test", key, {
iv: iv
});
enc.innerHTML = encrypted.ciphertext.toString(); // HEX
https://jsfiddle.net/artjomb/Lpbo7yrb/
张贴的代码应用PBEWithMD5andDES,它的工作方式不同于PBEWithHmacSHA256AndAES_256,因此不幸的是不能使用
PBEWithHmacSHA256AndAES_256应用PBKDF2获得256位密钥,并使用带有CBC和pkcs# 7填充的AES进行加密。使用CryptoJS的一个可能实现是:
var passphrase = "My Passphrase";
var saltWA = CryptoJS.enc.Hex.parse("000102030405060708090a0b0c0d0e0f"); // static only for test!
var ivWA = CryptoJS.enc.Hex.parse("101112131415161718191a1b1c1d1e1f"); // static only for test!
var iterations = 10000;
var plaintext = "The quick brown fox jumps over the lazy dog";
var keyWA = CryptoJS.PBKDF2(
passphrase, saltWA, {keySize: 256/32, iterations: iterations, hasher: CryptoJS.algo.SHA256});
var ciphertextCP = CryptoJS.AES.encrypt(plaintext, keyWA, {iv: ivWA}); // applies CBC and PKCS#7 by default
var ciphertextHex = ciphertextCP.ciphertext.toString();
ct.innerHTML = ciphertextHex; // a08af68882ef646631c510b0742272308eca57bd251f962444a01abcecf41bfc804b5e3e9f666f125103d1954809edd5
var decrypted = CryptoJS.AES.decrypt(ciphertextCP, keyWA, {iv: ivWA});
pt.innerHTML = decrypted.toString(CryptoJS.enc.Utf8); // The quick brown fox jumps over the lazy dog<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js"></script>
<div id="ct"></div>
<div id="pt"></div>给出十六进制编码的密文:
a08af68882ef646631c510b0742272308eca57bd251f962444a01abcecf41bfc804b5e3e9f666f125103d1954809edd5
注意:为了与下面Java代码的参考值进行比较,使用了静态IV和salt。然而,在实践中,出于安全原因,必须为每个密文随机生成salt和IV。由于解密需要salt和IV,并且它们不是秘密的,因此它们与密文一起传递给解密方,通常是串联的,例如salt|IV|密文。
对于CryptoJS实现的测试,需要一个参考值。下面的代码是在Java中使用PBEWithHmacSHA256AndAES_256进行加密:
import java.nio.charset.StandardCharsets;
import java.util.HexFormat;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
...
String password = "My Passphrase" ;
byte[] salt = HexFormat.of().parseHex("000102030405060708090a0b0c0d0e0f"); // static only for test
byte[] iv = HexFormat.of().parseHex("101112131415161718191a1b1c1d1e1f"); // static only for test
int iterations = 10000 ;
String plaintext = "The quick brown fox jumps over the lazy dog";
IvParameterSpec ivSpec = new IvParameterSpec(iv);
PBEParameterSpec parameterSpec = new PBEParameterSpec(salt, iterations, ivSpec);
PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
SecretKeyFactory kf = SecretKeyFactory.getInstance("PBEWithHmacSHA256AndAES_256");
SecretKey secretKey = kf.generateSecret(keySpec);
Cipher cipher = Cipher.getInstance("PBEWithHmacSHA256AndAES_256");
cipher.init(Cipher.ENCRYPT_MODE, secretKey, parameterSpec);
byte[] ciphertext = cipher.doFinal(plaintext.getBytes(StandardCharsets.UTF_8));
cipher.init(Cipher.DECRYPT_MODE, secretKey, parameterSpec);
byte[] decryptedtext = cipher.doFinal(ciphertext);
System.out.println(HexFormat.of().formatHex(ciphertext)); // a08af68882ef646631c510b0742272308eca57bd251f962444a01abcecf41bfc804b5e3e9f666f125103d1954809edd5
System.out.println(new String(decryptedtext, StandardCharsets.UTF_8)); // The quick brown fox jumps over the lazy dog
密文对应于CryptoJS实现的密文,这证明了CryptoJS代码在功能上确实与PBEWithHmacSHA256AndAES_256相同。