标签:加密 key requestParam pbkdf2 param words const CryptoJS
一、CryptoJS加密,基本使用,最新支持的是256哈希码
if (signatureVersion === "1.0") {
words = CryptoJS.HmacSHA1(param, key);
} else {
words = CryptoJS.HmacSHA256(param, key);
}
var base64String = CryptoJS.enc.Base64.stringify(words);新老算法支持:
/*
* @Author: caoyi
* @Date: 2021-11-17 15:58:07
* @LastEditTime: 2021-11-17 16:53:15
* @LastEditors: Please set LastEditors
* @Description: 打开koroFileHeader查看配置 进行设置: https://github.com/OBKoro1/koro1FileHeader/wiki/%E9%85%8D%E7%BD%AE
* @FilePath: \share_album\src\utils\js\assign.js
*/
const CryptoJS = require("crypto-js");
/**
* @param {*} key AppKey
* @param {*} method HttpVerb 比如:POST、GET
* @param {*} date 填空,当前不判断
* @param {*} contentType content-Type application/json;charset=UTF-8
* @param {*} md5 请求data的MD5值,不能为空
* @param {*} requestParam 请求地址和参数信息,不包括Http-Header
* @param {*} signatureVersion 加密版本号1.0/2.0
*/
function getSign(
key,
method,
date,
contentType,
md5,
requestParam,
signatureVersion
) {
var param = method;
param += "\n";
if (md5 == undefined) md5 = "";
param += md5;
param += "\n";
param += contentType;
param += "\n";
param += date;
param += "\n";
if (requestParam == undefined) requestParam = "";
if (requestParam != "") {
param += requestParam;
}
console.log("ssigData:\n" + param);
var words;
if (signatureVersion === "1.0") {
words = CryptoJS.HmacSHA1(param, key);
} else {
words = CryptoJS.HmacSHA256(param, key);
}
var base64String = CryptoJS.enc.Base64.stringify(words);
console.log(base64String);
var ssig = base64String.substr(5, 10);
var ssigEncode = encodeURIComponent(ssig);
return ssigEncode;
}
export function ssigValue(
key,
method,
date,
contentType,
md5,
requestParam,
signatureVersion
) {
return getSign(
key,
method,
date,
contentType,
md5,
requestParam,
signatureVersion
);
}
//生成从minNum到maxNum的随机数
export function randomNum(minNum, maxNum) {
switch (arguments.length) {
case 1:
return parseInt(Math.random() * minNum + 1, 10);
break;
case 2:
return parseInt(Math.random() * (maxNum - minNum + 1) + minNum, 10);
break;
default:
return 0;
break;
}
}
注意:若使用CryptoJS加密,使用utf8转化生成array对象之后,千万不能取子字段值:words,会导致报错:
二、pbkdf2的使用
pbkdf2 - npm 此链接依赖于最新的sha256算法,所以安装下面的插件就可以
pbkdf2-sha256 - PBKDF2 using SHA256 HMAC - CryptoCoinJS
使用:
export function getPdkdSign(url, body) {
const appId = "d83kd93k2b9d916"
const appSecret = "a3jh2rj46hktg690bfdasjd0s0d87fc"
const timestamp = parseInt(Date.parse(new Date()) / 1000)
const nonce_divisor = 99
const src = "lexar"+JSON.stringify(body)+appSecret+timestamp
const iterations = (timestamp % nonce_divisor) + 1 // 取余 1-99次
const dk = pbkdf2(src, appSecret, iterations, 64)
const sign = dk.toString('base64').replace(/\+/g, '-').replace(/\//g, "_")
return {
options: {
'X-API-SIGN': sign
},
timestamp,
appId
// url: `${url}?appId=${appId}×tamp=${timestamp}`
}
}标签:加密,key,requestParam,pbkdf2,param,words,const,CryptoJS 来源: https://blog.csdn.net/qq_32885597/article/details/121947063
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。