-
-
Save csanz/1181250 to your computer and use it in GitHub Desktop.
| function encrypt(text){ | |
| var cipher = crypto.createCipher('aes-256-cbc','d6F3Efeq') | |
| var crypted = cipher.update(text,'utf8','hex') | |
| crypted += cipher.final('hex'); | |
| return crypted; | |
| } | |
| function decrypt(text){ | |
| var decipher = crypto.createDecipher('aes-256-cbc','d6F3Efeq') | |
| var dec = decipher.update(text,'hex','utf8') | |
| dec += decipher.final('utf8'); | |
| return dec; | |
| } | |
| var hw = encrypt("hello world") | |
| decrypt(hw) | |
| // feel free to change >> d6F3Efeq | |
| // To test just copy + paste the above inside the node shell | |
| // TIP: always encrypt IDs before sending via HTTP |
Not very safe without iv.
@kixorz - i don't see why it's not safe. iv is an overload and node can handle the call without it if you provide only algorithm and password. look here: http://nodejs.org/docs/latest/api/crypto.html#crypto_crypto_createcipher_algorithm_password
the iv version is right after.
Hey i use this to convert long urls in a handy format :-) Works like a charme thx !
Thanks this is great! IV should be used as well but is really just making it more safer. http://crypto.stackexchange.com/questions/732/why-use-an-initialization-vector-iv
Just made a npm module inspired by this example and used crypto.createCipheriv() for initialization vector (IV) support, (thus, more secure encryption) check it out at: https://www.npmjs.com/package/node-cryptex
Hey Thanks all,
it would be great if someone give a example here
var crypto = require("crypto")
var encrypt_decrypt={
"encrypt": function ('password'){
var key = "123|a123123123123123@&";
var cipher = crypto.createCipher('aes-256-cbc', key);
var crypted = cipher.update(data, 'utf-8', 'hex');
crypted += cipher.final('hex');
return crypted;
},
"decrypt":function('password') {
var key = "123|a123123123123123@&";
var decipher = crypto.createDecipher('aes-256-cbc', key);
var decrypted = decipher.update(data, 'hex', 'utf-8');
decrypted += decipher.final('utf-8');
return decrypted;
}
}
module.exports = encrypt_decrypt;
@praveenguptavi081 : You can use above code in any files where ever you want, Just requre this file.
feel free to change this: var key = "123|a123123123123123@&";
Thanks.
Just wondering how you encrypt from the client browser (and know the cipher to matchup). This shows a way to decrypt in nodejs.
One way encryption
<script type="text/javascript">
// encrypted with https://www.stringencrypt.com (v1.3.0) [JavaScript]
// message = "hello world"
var message = "\u1EBF\u1A63\u027F\u02A7\u1F4F\uD8EB\u260F\u1E2F\u27DF\u0283\u1B9F";
for (var psNxK = 0, ZoVYc = 0; psNxK < 11; psNxK++)
{
ZoVYc = message.charCodeAt(psNxK);
ZoVYc -= psNxK;
ZoVYc -= 0x58DD;
ZoVYc ^= psNxK;
ZoVYc -= psNxK;
ZoVYc -= 0xFE90;
ZoVYc ^= psNxK;
ZoVYc = (((ZoVYc & 0xFFFF) >> 5) | (ZoVYc << 11)) & 0xFFFF;
ZoVYc += 0xCF2E;
ZoVYc ^= 0x7189;
ZoVYc --;
ZoVYc ^= 0x7FE4;
ZoVYc ^= psNxK;
ZoVYc -= 0xAADC;
ZoVYc = (((ZoVYc & 0xFFFF) >> 14) | (ZoVYc << 2)) & 0xFFFF;
ZoVYc --;
ZoVYc = (((ZoVYc & 0xFFFF) >> 2) | (ZoVYc << 14)) & 0xFFFF;
ZoVYc -= psNxK;
ZoVYc ^= psNxK;
ZoVYc --;
ZoVYc ^= psNxK;
ZoVYc ^= 0x8366;
ZoVYc ^= psNxK;
ZoVYc --;
ZoVYc = ((ZoVYc << 13) | ( (ZoVYc & 0xFFFF) >> 3)) & 0xFFFF;
message = message.substr(0, psNxK) + String.fromCharCode(ZoVYc & 0xFFFF) + message.substr(psNxK + 1);
}
alert(message);
</script>
what is the equivalent code for the same in ASP.net?
Hey
DeprecationWarning: crypto.createCipher is deprecated.
Please note that createCipher has been deprecated so use this instead.
Taken from this SO answer
const crypto = require('crypto');
const algorithm = 'aes-256-ctr';
const ENCRYPTION_KEY = 'Put_Your_Password_Here'; // or generate sample key Buffer.from('FoCKvdLslUuB4y3EZlKate7XGottHski1LmyqJHvUhs=', 'base64');
const IV_LENGTH = 16;
function encrypt(text) {
let iv = crypto.randomBytes(IV_LENGTH);
let cipher = crypto.createCipheriv(algorithm, Buffer.from(ENCRYPTION_KEY, 'hex'), iv);
let encrypted = cipher.update(text);
encrypted = Buffer.concat([encrypted, cipher.final()]);
return iv.toString('hex') + ':' + encrypted.toString('hex');
}
function decrypt(text) {
let textParts = text.split(':');
let iv = Buffer.from(textParts.shift(), 'hex');
let encryptedText = Buffer.from(textParts.join(':'), 'hex');
let decipher = crypto.createDecipheriv(algorithm, Buffer.from(ENCRYPTION_KEY, 'hex'), iv);
let decrypted = decipher.update(encryptedText);
decrypted = Buffer.concat([decrypted, decipher.final()]);
return decrypted.toString();
}
What do you mean by "always encrypt IDs"?