diff --git a/index.js b/index.js index e427d08..b3926a6 100644 --- a/index.js +++ b/index.js @@ -176,23 +176,24 @@ class TICrypto { * @return {String} * @memberof TICrypto */ - static async encrypt(data, { keytype = 'pwd', key, input, output, cipher } = {}) { + static async encrypt(data, { tool, keytype = 'pwd', key, input, output, cipher } = {}) { if (tool === 'eccrypto') { // data 应当是 utf8 的字符串。key 必须是 pubkey // eccrypto 能用 Uint8Array 和 Buffer // eccrypto-js 只能用 Buffer // 在浏览器里 https://github.com/bitchan/eccrypto 库报错,即使用了 Uint8Array: Failed to execute 'encrypt' on 'SubtleCrypto': The provided value is not of type '(ArrayBuffer or ArrayBufferView)' let cipherobject = await eccrypto.encrypt(Buffer.from(this.hex2buf(key)), data) // 对 eccrypto 库,使用 - return cipherobject // 返回一个复杂的结构。对同样的key和data,每次返回的结果不一样 + return cipherobject // 返回一个复杂的结构 {iv:Buffer, ciphertext:Buffer, ...}。对同样的key和data,每次返回的结果不一样 } else if (keytype === 'pwd') { + // 对称加密 if (typeof key === 'string') { let inputEncoding = my.INPUT_LIST.indexOf(input) >= 0 ? input : my.INPUT // 'utf8' by default, 'ascii', 'latin1' for string or ignored for Buffer/TypedArray/DataView let outputEncoding = output === 'buf' ? undefined : my.OUTPUT_LIST.indexOf(output) >= 0 ? output : my.OUTPUT // 'latin1', 'base64', 'hex' by default or 'buf' to Buffer explicitly const iv = crypto.randomBytes(16) - let ciph = crypto.createCipheriv(my.CIPHER_LIST.indexOf(cipher) >= 0 ? cipher : my.CIPHER, this.hex2buf(this.hash(key)), iv) + let encryptor = crypto.createCipheriv(my.CIPHER_LIST.indexOf(cipher) >= 0 ? cipher : my.CIPHER, this.hex2buf(this.hash(key)), iv) // cipher 和 key 的长度必须相同,例如 cipher 是 ***-192,那么 key 就必须是 192/8=24 字节 = 48 hex 的。 if (typeof data !== 'string' && !(data instanceof Buffer) && !(data instanceof DataView)) data = JSON.stringify(data) - let ciphertext = ciph.update(data, inputEncoding, outputEncoding) - ciphertext += ciph.final(outputEncoding) // 但是 Buffer + Buffer 还是会变成string + let ciphertext = encryptor.update(data, inputEncoding, outputEncoding) + ciphertext += encryptor.final(outputEncoding) // 但是 Buffer + Buffer 还是会变成string return { iv: iv.toString('hex'), ciphertext } } } else if (keytype === 'seckey') { @@ -215,7 +216,7 @@ class TICrypto { * @return {String} * @memberof TICrypto */ - static async decrypt(data = {}, { keytype = 'pwd', key, input, output, cipher } = {}) { + static async decrypt(data = {}, { tool, keytype = 'pwd', key, input, output, cipher } = {}) { // data 应当是 encrypt 输出的数据类型 if (tool === 'eccrypto') { try { @@ -228,16 +229,17 @@ class TICrypto { return null } } else if (keytype === 'pwd') { + // 对称解密 if ((typeof data.ciphertext === 'string' || data.ciphertext instanceof Buffer) && typeof key === 'string') { let inputEncoding = my.OUTPUT_LIST.indexOf(input) >= 0 ? input : my.OUTPUT // input (=output of encrypt) could be 'latin1', 'base64', 'hex' by default for string or ignored for Buffer let outputEncoding = output === 'buf' ? undefined : my.INPUT_LIST.indexOf(output) >= 0 ? output : my.INPUT // output (=input of encrypt) could be 'latin1', 'ascii', 'utf8' by default or 'buf' to Buffer explicitly - let decipher = crypto.createDecipheriv( + let decryptor = crypto.createDecipheriv( my.CIPHER_LIST.indexOf(cipher) >= 0 ? cipher : my.CIPHER, this.hex2buf(this.hash(key)), Buffer.from(data.iv, 'hex') ) - let decrypted = decipher.update(data.ciphertext, inputEncoding, outputEncoding) - decrypted += decipher.final(outputEncoding) // 但是 Buffer + Buffer 还是会变成string + let decrypted = decryptor.update(data.ciphertext, inputEncoding, outputEncoding) + decrypted += decryptor.final(outputEncoding) // 但是 Buffer + Buffer 还是会变成string // 如果用户输入错误密码,deciper也能解密,无法自动判断是否正确结果。可在返回后人工判断。 return decrypted }