crypto
: μνΈν, ν΄μ, HMAC λ±μ 보μ κ΄λ ¨ μμ
μ λν κΈ°λ₯μ μ 곡ν΄μ£Όλ λ΄μ₯ λͺ¨λ
μ μ
crypto λͺ¨λμ Node.jsμμ μ 곡νλ λ΄μ₯ λͺ¨λ μ€ νλλ‘, μνΈν λ° ν΄μ κ΄λ ¨ μμ
μ μννκΈ° μν κΈ°λ₯μ μ 곡ν©λλ€. μ΄ λͺ¨λμ μ¬μ©νλ©΄ λ€μν ν΄μ μκ³ λ¦¬μ¦, μνΈν λ° λ³΅νΈν κΈ°λ₯μ νμ©ν μ μμ΅λλ€.
λ¬Έλ²:
crypto λͺ¨λμ μ¬μ©νλ €λ©΄ λ¨Όμ λͺ¨λμ κ°μ ΈμμΌ ν©λλ€.
const crypto = require('crypto');
JavaScript
볡μ¬
μ£Όμ μμ± λ° λ©μλ
ν΄μ μμ±
β’
crypto.createHash(algorithm)
: μ§μ λ ν΄μ μκ³ λ¦¬μ¦μ μ¬μ©νμ¬ ν΄μ κ°μ²΄λ₯Ό μμ±ν©λλ€.
κ°λ₯ν ν΄μ μκ³ λ¦¬μ¦ : md5, sha1, sha256, sha512, ripemd160
HMAC (Hash-based Message Authentication Code) μμ±
β’
crypto.createHmac(algorithm, key)
: μ§μ λ ν΄μ μκ³ λ¦¬μ¦κ³Ό ν€λ₯Ό μ¬μ©νμ¬ HMAC κ°μ²΄λ₯Ό μμ±ν©λλ€.
μνΈν λ° λ³΅νΈν
λ©μλ | μ€λͺ
|
crypto.createCipher(algorithm, password) | μ§μ λ μκ³ λ¦¬μ¦κ³Ό λΉλ°λ²νΈλ₯Ό μ¬μ©νμ¬ μνΈν κ°μ²΄λ₯Ό μμ±ν©λλ€. |
crypto.createDecipher(algorithm, password) | μ§μ λ μκ³ λ¦¬μ¦κ³Ό λΉλ°λ²νΈλ₯Ό μ¬μ©νμ¬ λ³΅νΈν κ°μ²΄λ₯Ό μμ±ν©λλ€. |
crypto.createCipheriv(algorithm, key, iv) | μ§μ λ μκ³ λ¦¬μ¦, ν€, μ΄κΈ°ν 벑ν°(iv)λ₯Ό μ¬μ©νμ¬ μνΈν κ°μ²΄λ₯Ό μμ±ν©λλ€. |
crypto.createDecipheriv(algorithm, key, iv) | μ§μ λ μκ³ λ¦¬μ¦, ν€, μ΄κΈ°ν 벑ν°(iv)λ₯Ό μ¬μ©νμ¬ λ³΅νΈν κ°μ²΄λ₯Ό μμ±ν©λλ€. |
κΈ°ν
λ©μλ | μ€λͺ
|
crypto.randomBytes(size, callback) | μ§μ λ ν¬κΈ°μ 무μμ λ°μ΄νΈλ₯Ό μμ±νμ¬ μ½λ°± ν¨μμ μ λ¬ν©λλ€. |
crypto.pbkdf2(password, salt, iterations, keylen, digest, callback) | λΉλ°λ²νΈ κΈ°λ° ν€ νμ ν¨μ(PBKDF2)λ₯Ό μννμ¬ μ½λ°± ν¨μμ ν€ κ°μ μ λ¬ν©λλ€. |
μμ μ½λ
const crypto = require('crypto');
// ν΄μ μμ± μμ
const hash = crypto.createHash('sha256');
hash.update('Hello, World!');
const hashedData = hash.digest('hex');
console.log('Hashed Data:', hashedData);
// HMAC μμ± μμ
const hmac = crypto.createHmac('sha256', 'secret-key');
hmac.update('Hello, World!');
const hmacResult = hmac.digest('hex');
console.log('HMAC Result:', hmacResult);
// μνΈν λ° λ³΅νΈν μμ (AES μκ³ λ¦¬μ¦ μ¬μ©)
const algorithm = 'aes-256-cbc';
const key = 'encryption-key';
const iv = crypto.randomBytes(16);
const cipher = crypto.createCipheriv(algorithm, key, iv);
let encryptedData = cipher.update('Sensitive Data', 'utf-8', 'hex');
encryptedData += cipher.final('hex');
console.log('Encrypted Data:', encryptedData);
const decipher = crypto.createDecipheriv(algorithm, key, iv);
let decryptedData = decipher.update(encryptedData, 'hex', 'utf-8');
decryptedData += decipher.final('utf-8');
console.log('Decrypted Data:', decryptedData);
JavaScript
볡μ¬
sha256 λ°©μμΌλ‘ λΉλ°λ²νΈ μνΈν
const crypto = require('crypto');
const password = '123456';
const salt = 'random_salt'; // μμμ μνΈ κ°
// μνΈμ λΉλ°λ²νΈλ₯Ό κ²°ν©νμ¬ ν΄μν
const hashedPassword = crypto.createHash('sha256').update(salt + password).digest('hex');
console.log('Hashed Password:', hashedPassword);
// readline : μ¬μ©μ μ
λ ₯μ λ°κΈ° μν λͺ¨λ
const readline = require('readline');
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout
});
// λΉλ°λ²νΈ μ
λ ₯
rl.question('Enter your password: ', (userInputPassword) => {
// μ
λ ₯λ λΉλ°λ²νΈ
console.log('You entered:', userInputPassword);
// λΉλ°λ²νΈ κ²μ¦
const hashedInputPassword = crypto.createHash('sha256').update(salt + userInputPassword).digest('hex');
// μ¬μ©μκ° μ
λ ₯ν λΉλ°λ²νΈμ μ μ₯λ ν΄μλ λΉλ°λ²νΈλ₯Ό λΉκ΅
if (hashedInputPassword === hashedPassword) {
console.log('Password Match: User is authenticated.');
} else {
console.log('Password Mismatch: User authentication failed.');
}
// μ¬μ©μ΄ λλλ©΄ μΈν°νμ΄μ€λ₯Ό λ«μ
rl.close();
});
// μΈν°νμ΄μ€κ° λ«ν λμ μ΄λ²€νΈ 리μ€λ
rl.on('close', () => {
console.log('Input interface closed.');
});
JavaScript
볡μ¬
μ¬μ© λͺ©μ
β’
μ¬μ©μ μνΈμ μμ ν μ μ₯
β’
λ°μ΄ν° λ¬΄κ²°μ± κ²μ¦μ μν ν΄μ μμ±
β’
λ°μ΄ν°μ κΈ°λ°μ±μ μν μνΈν λ° λ³΅νΈν
β’
HMACμ μ¬μ©ν λ©μμ§ μΈμ¦
β’
무μμ λ°μ΄νΈ μμ± λ± λ€μν 보μ κ΄λ ¨ μμ
μ νμ©λ©λλ€.
μ°Έκ³
bcrypt λ°©μμΌλ‘ μνΈν
β’
bcrypt λͺ¨λ μ€μΉ
npm install bcrypt
JavaScript
볡μ¬
β’
bcrypt μνΈν
const bcrypt = require('bcrypt');
const readline = require('readline');
const saltRounds = 10; // μνΈλ₯Ό μμ±νλ λΌμ΄λ μ
const salt = bcrypt.genSaltSync(saltRounds); // μνΈ μμ±
const password = '123456';
const hashedPassword = bcrypt.hashSync(password, salt);
console.log('Hashed Password:', hashedPassword);
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout
});
// λΉλ°λ²νΈ μ
λ ₯
rl.question('Enter your password: ', (userInputPassword) => {
// μ
λ ₯λ λΉλ°λ²νΈ
console.log('You entered:', userInputPassword);
// λΉλ°λ²νΈ κ²μ¦
bcrypt.compare(userInputPassword, hashedPassword, (err, result) => {
if (err) {
console.error('Comparison Error:', err);
} else {
if (result) {
console.log('Password Match: User is authenticated.');
} else {
console.log('Password Mismatch: User authentication failed.');
}
}
// μ¬μ©μ΄ λλλ©΄ μΈν°νμ΄μ€λ₯Ό λ«μ
rl.close();
});
});
// μΈν°νμ΄μ€κ° λ«ν λμ μ΄λ²€νΈ 리μ€λ
rl.on('close', () => {
console.log('Input interface closed.');
});
JavaScript
볡μ¬