CryptoJS 加解密类库的简单用法

CryptoJS 介绍

一个基于javscript编写的前端加解密js库。

官方文档

CryptoJS Document
以下部分文档摘自官方文档

Hash

MD5

> CryptoJS.MD5("admin").toString()
< "21232f297a57a5a743894a0e4a801fc3"

SHA1

> CryptoJS.SHA1("admin").toString()
< "d033e22ae348aeb5660fc2140aec35850c4da997"

SHA224/SHA256/SHA384/SHA512

> CryptoJS.SHA256("admin").toString()
< "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918"

RIPEMD-160

> CryptoJS.RIPEMD160("admin").toString()
< "7dd12f3a9afa0282a575b8ef99dea2a0c1becb51"

输出格式

以上几个toString()方法可以选择传入CryptoJS.enc.Base64或其他的编码方式

> CryptoJS.MD5("admin").toString()
< "21232f297a57a5a743894a0e4a801fc3"

渐进式Hash

var sha256 = CryptoJS.algo.SHA256.create();
sha256.update("Message Part 1");
sha256.update("Message Part 2");
sha256.update("Message Part 3");
​var hash = sha256.finalize();

HMAC

var hash = CryptoJS.HmacMD5("Message", "密语");
var hash = CryptoJS.HmacSHA1("Message", "密语");
var hash = CryptoJS.HmacSHA256("Message", "密语");
var hash = CryptoJS.HmacSHA512("Message", "密语");

Base64 编解码

Encode

> CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse("塞北的雪"))
< "5aGe5YyX55qE6Zuq"

Eecode

> CryptoJS.enc.Utf8.stringify(CryptoJS.enc.Base64.parse("5aGe5YyX55qE6Zuq"))
< "塞北的雪"

sample

// 输出
console.log(encode('塞北的雪')); // '5aGe5YyX55qE6Zuq'
console.log(decode('5aGe5YyX55qE6Zuq')); // '塞北的雪'

function encode(str) {
  encodedWord = CryptoJS.enc.Utf8.parse(str);
  encoded = CryptoJS.enc.Base64.stringify(encodedWord);
  return encoded;
}

function decode(encoded ) {
  encodedWord = CryptoJS.enc.Base64.parse(encoded);
  decoded = CryptoJS.enc.Utf8.stringify(encodedWord);
  return decoded;
}

加解密

AES

var encrypted = CryptoJS.AES.encrypt("明文", "密语");
​var decrypted = CryptoJS.AES.decrypt(encrypted, "密语");

RC4

var encrypted = CryptoJS.RC4.encrypt("Message", "Secret Passphrase");
​
var decrypted = CryptoJS.RC4.decrypt(encrypted, "Secret Passphrase");

var encrypted = CryptoJS.RC4Drop.encrypt("Message", "Secret Passphrase");
​
var encrypted = CryptoJS.RC4Drop.encrypt("Message", "Secret Passphrase", {
  drop: 3072 / 4
});
​
var decrypted = CryptoJS.RC4Drop.decrypt(encrypted, "Secret Passphrase", {
  drop: 3072 / 4
});

DES, Triple DES(3DES)

var encrypted = CryptoJS.DES.encrypt("Message", "Secret Passphrase");
​var decrypted = CryptoJS.DES.decrypt(encrypted, "Secret Passphrase");

var encrypted = CryptoJS.TripleDES.encrypt("Message", "Secret Passphrase");​
var decrypted = CryptoJS.TripleDES.decrypt(encrypted, "Secret Passphrase");

自定义Key和IV

var key = CryptoJS.enc.Hex.parse("000102030405060708090a0b0c0d0e0f");​
var iv = CryptoJS.enc.Hex.parse("101112131415161718191a1b1c1d1e1f");​
var encrypted = CryptoJS.AES.encrypt("Message", key, { iv: iv });

Block Modes and padding 块模式和填充规则

var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase", {
  mode: CryptoJS.mode.CFB,
  padding: CryptoJS.pad.AnsiX923
});

CryptoJS 支持以下块模式

• CBC (the default)
• List item
• CFB
• CTR
• OFB
• ECB

CryptoJS 支持以下填充规则

• Pkcs7 (the default)
• Iso97971
• AnsiX923
• Iso10126
• ZeroPadding
• NoPadding

密码输入格式

对于明文消息，密码算法接受字符串或CryptoJS.lib.WordArray对象。
For the key, when you pass a string, it’s treated as a passphrase and used to derive an actual key and IV. Or you can pass a WordArray that represents the actual key.
If you pass the actual key, you must also pass the actual IV.

对于密文，密码算法接受字符串或CryptoJS.lib.CipherParams对象。
A CipherParams object represents a collection of parameters such as the IV, a salt, and the
raw ciphertext itself.
When you pass a string, it’s automatically converted to a CipherParams object according to a configurable format strategy.

密文输出格式

The plaintext you get back after decryption is a WordArray object. See
Hashing’s Output for more detail. The ciphertext you get back after
encryption isn’t a string yet. It’s a CipherParams object. A
CipherParams object gives you access to all the parameters used during
encryption. When you use a CipherParams object in a string context,
it’s automatically converted to a string according to a format
strategy. The default is an OpenSSL-compatible format.

var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase");
​
encrypted.key
> "74eb593087a982e2a6f5dded54ecd96d1fd0f3d44a58728cdcd40c55227522223 ";
​encrypted.iv
> "7781157e2629b094f0e3dd48c4d786115";
​encrypted.salt
> "7a25f9132ec6a8b34";
​encrypted.ciphertext
> "73e54154a15d1beeb509d9e12f1e462a0";
​encrypted
> "U2FsdGVkX1+iX5Ey7GqLND5UFUoV0b7rUJ2eEvHkYqA=";

您可以定义自己的格式，以便与其他加密实现兼容。
创建一个包含两个方法的对象：Stringify和parse，使他可以在密码对象和密文字符串之间转换。

var JsonFormatter = {
 stringify: function(cipherParams) {
   // create json object with ciphertext
   var jsonObj = { ct: cipherParams.ciphertext.toString(CryptoJS.enc.Base64) };
​    // optionally add iv or salt
   if (cipherParams.iv) {
     jsonObj.iv = cipherParams.iv.toString();
   }
​    if (cipherParams.salt) {
     jsonObj.s = cipherParams.salt.toString();
   }
​    // stringify json object
   return JSON.stringify(jsonObj);
 },
 parse: function(jsonStr) {
   // parse json string
   var jsonObj = JSON.parse(jsonStr);
​    // extract ciphertext from json object, and create cipher params object
   var cipherParams = CryptoJS.lib.CipherParams.create({
     ciphertext: CryptoJS.enc.Base64.parse(jsonObj.ct)
   });
​    // optionally extract iv or salt
​    if (jsonObj.iv) {
     cipherParams.iv = CryptoJS.enc.Hex.parse(jsonObj.iv);
   }
​    if (jsonObj.s) {
     cipherParams.salt = CryptoJS.enc.Hex.parse(jsonObj.s);
   }
​    return cipherParams;
 }
};
​var encrypted = CryptoJS.AES.encrypt("Message", "Secret Passphrase", {
 format: JsonFormatter
});

​encrypted
> {
   ct: "tZ4MsEnfbcDOwqau68aOrQ==",
   iv: "8a8c8fd8fe33743d3638737ea4a00698",
   s: "ba06373c8f57179c"
 };
​
var decrypted = CryptoJS.AES.decrypt(encrypted, "Secret Passphrase", {
 format: JsonFormatter
});
​decrypted.toString(CryptoJS.enc.Utf8)
> "Message";

渐进式加密

var key = CryptoJS.enc.Hex.parse("000102030405060708090a0b0c0d0e0f");
var iv = CryptoJS.enc.Hex.parse("101112131415161718191a1b1c1d1e1f");
​
// encrypt
var aesEncryptor = CryptoJS.algo.AES.createEncryptor(key, { iv: iv });
​
var ciphertextPart1 = aesEncryptor.process("Message Part 1");
var ciphertextPart2 = aesEncryptor.process("Message Part 2");
var ciphertextPart3 = aesEncryptor.process("Message Part 3");
var ciphertextPart4 = aesEncryptor.finalize();
​
// decrypt
var aesDecryptor = CryptoJS.algo.AES.createDecryptor(key, { iv: iv });
​
var plaintextPart1 = aesDecryptor.process(ciphertextPart1);
var plaintextPart2 = aesDecryptor.process(ciphertextPart2);
var plaintextPart3 = aesDecryptor.process(ciphertextPart3);
var plaintextPart4 = aesDecryptor.process(ciphertextPart4);
var plaintextPart5 = aesDecryptor.finalize();

与OpenSSL互相加解密

• 使用OpenSSL加密

openssl enc -aes-256-cbc -in infile -out outfile -pass pass:"Secret Passphrase" -e -base64

• 使用CryptoJS解密

var decrypted = CryptoJS.AES.decrypt(openSSLEncrypted, "Secret Passphrase");

编码

Cryptojs可以将Base64，Latin1或HEX等编码格式与WordArray对象相互转换。

var words = CryptoJS.enc.Base64.parse("SGVsbG8sIFdvcmxkIQ==");
​
var base64 = CryptoJS.enc.Base64.stringify(words);
​
var words = CryptoJS.enc.Latin1.parse("Hello, World!");
​
var latin1 = CryptoJS.enc.Latin1.stringify(words);
​
var words = CryptoJS.enc.Hex.parse("48656c6c6f2c20576f726c6421");
​
var hex = CryptoJS.enc.Hex.stringify(words);
​
var words = CryptoJS.enc.Utf8.parse("𔭢");
​
var utf8 = CryptoJS.enc.Utf8.stringify(words);
​
var words = CryptoJS.enc.Utf16.parse("Hello, World!");
​
var utf16 = CryptoJS.enc.Utf16.stringify(words);
​
var words = CryptoJS.enc.Utf16LE.parse("Hello, World!");
​
var utf16 = CryptoJS.enc.Utf16LE.stringify(words);

To be continue…

参考

1. JS逆向加密-Cryptojs库AES/DES/RSA等代码
2. 爬虫常见加密解密算法
3. Crypto-js CDN

其他类库

1. jsencrypt (v3.2.1)
2. jsrsasign (v10.5.27)