In the

Internet era, the amount of data on the network is growing at an alarming rate every day. At the same time, all kinds of network security problems emerge in endlessly. As information security becomes more and more important today, as a developer, we need to enhance our understanding of security and enhance service security through technological means. The

crypto module is one of the core modules of nodejs, which provides security related functions such as summary operation, encryption, electronic signature, and so on. Many beginners face a long list of API and don't know how to get on, so it involves a lot of knowledge in the security field behind it. This paper focuses on the theoretical knowledge of

behind API, the main contents are as follows: the

(hash), abstract based message authentication code (HMAC)

symmetric encryption, asymmetric encryption, electronic signature

> Abstract abstract (Digest): not a fixed length message as input, by running the hash function generates the output of fixed length, the output is called the. It is usually used to verify that the message is complete and not tampered. The

summary operation is irreversible. That is to say, when the input is fixed, the fixed output is produced. But when the output is known, the input can not be pushed back. The

pseudo code is as follows.

digest = Hash (message) and the corresponding

algorithm the output bits of the common

as follows:






 var example: crypto = require ('crypto'); VAR MD5 = crypto.createHash ('md5'); VAR message var ='hello'; digest = md5.update (message,'utf8').Digest ('hex'); console.log (Digest); / / output is as follows: note here is 16 in the system / / 5d41402abc4b2a76b9719d911017c592

note: in all kinds of articles or documents, the hash hash of the words often mix, resulting in many beginners to see a face in fact, most of the time not to force, that is one thing, remember to the above definition will be Okay。


MAC (Message Authentication Code): message authentication code, to ensure data integrity. The operation result depends on the message itself, the secret key.

MAC can have a variety of different implementations, such as HMAC.

HMAC (Hash-based Message Authentication Code): can be roughly understood as the hash function with secret key.


 const examples are as follows: crypto = require ('crypto'); / / parameters: abstract function parameters: let HMAC / / two key = crypto.createHmac ('md5','123456'); let RET = hmac.update ('hello').Digest ('hex'); console.log (RET); / / 9c699d7af73a49247a239cb0dd2f8139

, asymmetric encryption

encryption / decryption: given explicitly, through a certain algorithm, generates encrypted ciphertext, this process is called encryption. The reverse is the decryption.

 encryptedText (plainText) = encrypt plainText = decrypt (encryptedText) 

key: in order to further enhance the security of the encryption / decryption algorithm, the encryption / decryption process of the introduction of the secret key. Key parameters can be regarded as the encryption / decryption algorithm, in the case of known ciphertext, if you do not know the secret key cannot be decrypted, unlock the ciphertext.

 encryptedText = encrypt (plainText, encryptKey) plainText = decrypt (encryptedText, decryptKey) 

according to the encryption and decryption key are the same, can be encrypted for symmetric encryption and asymmetric encryption algorithm.


encryption, symmetric encryption used to decrypt the secret key is the same, that is encryptKey = decryptKey.

common symmetric encryption algorithms: DES, 3DES, AES, Blowfish, RC5, IDEA.

encryption and decryption code:

 encryptedText = encrypt (plainText, key); / / plainText = decrypt encryption (encryptedText, key); / / 

2, asymmetric encryption decryption

also called public key encryption. The encryption and decryption keys are different, i.e. encryptKey = = decryptKey.

publicly called secret key encryption, public key. Decryption key secret, called the key.

common asymmetric encryption algorithms: RSA, DSA, ElGamal.

encryption and decryption code:

 encryptedText = encrypt (plainText, publicKey); / / plainText = decrypt encryption (encryptedText, priviteKey); / / 

3, compared with the decryption key application of

in addition to speed difference, and the difference. Generally speaking, the

symmetric encryption speed is faster than that of asymmetric encryption.

asymmetric encryption is usually used to encrypt short text, and symmetric encryption is usually used to encrypt long text.

which can be used in combination, such as the HTTPS protocol, can shake the stage, to exchange secret key generation by RSA symmetry. In later stages of communication, can use symmetric encryption algorithm to encrypt data, the secret key is generated by the handshake.

note: the secret key exchange is not necessarily symmetric by RSA, can also be accomplished by similar DH, here is not started. The

digital signature

can roughly guess the use of digital signatures from the signature. The main role is as follows:

confirms that information is derived from a specific subject.

confirms that the information is complete and has not been tampered. In order to achieve this goal,

needs two processes: the

sender: generating a signature.

receiver: verify the signature. The

1 and the sender generate a summary of the original information that is calculated by the signature


signed the summary through the private key to get the electronic signature.

sends the original information and electronic signature to the recipient.


 Digest: signature code = hash (message); / / digitalSignature = sign calculation of the (digest, priviteKey); / / 

2 receiver, digital signature calculation to verify the signature

by public key unlock the electronic signature, get the D1. (if unsolved, the verification failure of the source body)

calculates the summary D2 of the original information.

contrasts D1, D2, if D1 is equal to D2, the original information is complete and not tampered.


: signature verification pseudo code digest1 = verify (digitalSignature, publicKey); / / get the digest2 = hash (message); / / calculation of the original information in digest1 digest2 / / 

= = =

3, compared to verify equal asymmetric encryption

< br>

due to the particularity of the RSA algorithm, encryption / decryption and signature looks like a lot of special / validation, students are very easy to confuse. First, remember the following conclusions, and then there is time to introduce them in detail.

encryption / decryption: public key encryption, private key decryption.

signature / validation: private key signature, public key verification.

packet encryption mode, fill, initialize vector

common symmetric encryption algorithm, such as AES and DES, all adopt the block encryption mode. In this, there are three key concepts that need to be mastered: pattern, fill, and initialization vector.

makes clear these three points, and will know what the parameters of the crypto module symmetrically encrypt API represent, and the wrong idea of how to check it.

1, block encryption mode,

and so called block encryption are to split long (plaintext) into fixed length blocks, then encrypt the split blocks according to specific modes. The common group encryption patterns for

are ECB (unsafe), CBC (most commonly used), CFB, OFB, CTR, etc.

in the most simple case of ECB, the first message is split into sub modules, and then use the secret key encryption.

hypothesis behind each block length is 128 bits,

2: IV

initialization vector in order to enhance the security of the algorithm, part of packet encryption mode (CFB, OFB, CTR) was introduced in the initialization vector (IV), the encryption the results of randomization. That is to say, for the same section of plaintext, IV is different, and the results of encryption are different.

takes CBC as an example, and every block of data is performed or operated with the previous encrypted block, and then encrypted. For the first block of data, it is done with IV or. The size of the size of

IV with the data block (128), has nothing to do with the length of the secret key.


3, fill: alt= mode, block encryption mode, we need to encrypt the block with fixed length. After the partition is split, the last block of data may be less than 128 bits, and it needs to be filled in order to meet the length requirements. The

filling method is multiple. The common filling method is PKCS7.

assumes that packet length is k bytes, the last packet length is k-last, you can see:

regardless of the length of plaintext is how much, will be filled on the plaintext before encryption (or decryption function cannot distinguish whether the last packet is filled, because of the presence of the last packet length is equal to K.

) if the last packet length is equal to k-last = k, then fill up the contents of a complete packet k k k... K

(k bytes) if the last packet length is less than k-last < K, then filling content for the k-last

 01 -- mod k

if LTH mod K k-1 = 0202 if lth mod k = K-2 K. K k k - if lth... Mod k = 0

general packet encryption: the first plaintext is cut into a fixed length block (128), then Encrypt. Several patterns of

packet encryption: ECB (insecure), CBC (most commonly used), CFB, OFB, CTR.

filling (padding): partially encrypted mode, when the length of the last block is less than 128 bits, it needs to be filled in a specific way. (ECB, CBC need to be filled, CFB, OFB, CTR do not need to be filled)

initialization vector (IV): partial encryption mode (CFB, OFB, CTR) will carry out plaintext block with the previous ciphertext block or operation. For the first plaintext block, there is no previous ciphertext block, so we need to provide initialization vector IV (IV as the first ciphertext block before plaintext block). In addition, IV can also allow encryption results to be randomised.

is written in the back

crypto module, which involves more knowledge and space, and there is no way to expand it one by one. In order to explain the convenience, part of the content may not be strict, if there are mistakes and leakage, please point out.

if you are learning, there are other questions that can be discussed in the message area below, and thank you for your support for the home of the script.

This concludes the body part