@abubu/kaos 中文文档教程

发布于 4年前 浏览 22 项目主页 更新于 3年前

Ϗɐ⊕????

Kaos 是一个简单但高效的(希望难以破解) 数据加密器。

  • It is tiny with no dependencies
  • It implements Node.js' Transform streams
  • It enables encryption / decryption by chunks
  • Two consecutive encryptions with the same unsalted key generates different outputs

API

Stream.Transform encrypt (key, offset = undefined)

encrypt API 接受两个参数并返回一个 Stream.Transform 实例。

第一个参数是加密密钥,它可以是:

如果使用了不受支持的类型,则Error 消息 Unsupported key type 被抛出。

当通过 (参见示例) 完成加密时,必须使用第二个参数。

// Simple encryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { encrypt } = require('@abubu/kaos')

pipeline(
  createReadStream('file to encrypt'),
  encrypt('my secret key'),
  createWriteStream('encrypted file')
)
  .then(() => console.log('Encryption succeeded.'))
  .catch(() => console.log('Encryption failed.'))

Encryption by chunks

如果要加密的数据按块可用(例如:通过数据包上传),则所有部分都必须使用相同的加盐密钥。 必须为所有第一个块指定每个块的起始偏移量。

// Chunks encryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { key, encrypt } = require('@abubu/kaos')

const myKey = key('my secret key')

myKey.salt()
  // mySaltedKey must be reused for each chunks
  .then(mySaltedKey => pipeline(
    createReadStream('file to encrypt', { start: 0, end: 50 }),
    encrypt(mySaltedKey), // /!\ No offset fo the first chunk
    createWriteStream('encrypted file')
  ))
  .then(() => pipeline(
    createReadStream('file to encrypt', { start: 51 }),
    encrypt(mySaltedKey, 51), // Start offset of this chunk
    createWriteStream('encrypted file', { flags: 'r+', start: 51 })
  ))
  .then(() => console.log('Encryption succeeded.'))
  .catch(() => console.log('Encryption failed.'))

Stream.Transform decrypt (key, range = undefined)

decrypt API 接受两个参数并返回一个 Stream.Transform 实例。

第一个参数是加密密钥,类似于 encrypt API。

仅当解密由块(参见示例) 完成时,才必须使用第二个参数。

注意:解密算法不验证数据是否被正确解密。

// Simple decryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { decrypt } = require('@abubu/kaos')

pipeline(
  createReadStream('file to decrypt'),
  decrypt('my secret key'),
  createWriteStream('decrypted file')
)
  .then(() => console.log('Decryption succeeded.'))
  .catch(() => console.log('Decryption failed.'))

Decryption by chunks

当只有消息的特定部分 必须解码时,key API 提供有关从加密数据加载的范围 的信息。

第一步是阅读key salt。 加盐后,密钥可以重复使用 来解码相同加密数据 的其他范围。

// Chunks decryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { key, decrypt } = require('@abubu/kaos')

const myKey = key('my secret key')

myKey.saltRange()
  .then(range => myKey.salt(createReadStream('file to decrypt', range)))
  // To decode bytes between 1000 and 1100 (inclusively)
  .then(saltedKey => saltedKey.byteRange(1000, 1100))
  .then(range => pipeline(
    createReadStream('file to decrypt', range),
    decrypt(saltedKey, range),
    createWriteStream('decrypted byte range')
  ))
  .then(() => console.log('Decryption succeeded.'))
  .catch(() => console.log('Decryption failed.'))

Ϗɐ⊕𝕤

Kaos is a simple but efficient (and hopefully hard to break) data encrypter.

  • It is tiny with no dependencies
  • It implements Node.js' Transform streams
  • It enables encryption / decryption by chunks
  • Two consecutive encryptions with the same unsalted key generates different outputs

API

Stream.Transform encrypt (key, offset = undefined)

The encrypt API accepts two parameters and returns a Stream.Transform instance.

The first parameter is the encryption key, it can be :

If an unsupported type is used an Error with the message Unsupported key type is thrown.

The second parameter must be used only when the encryption is done by chunks (see example).

// Simple encryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { encrypt } = require('@abubu/kaos')

pipeline(
  createReadStream('file to encrypt'),
  encrypt('my secret key'),
  createWriteStream('encrypted file')
)
  .then(() => console.log('Encryption succeeded.'))
  .catch(() => console.log('Encryption failed.'))

Encryption by chunks

If the data to encrypt is available by chunks (for instance : uploaded by packets), the same salted key must be used for all parts. The start offset of each chunk must be specified for all but the first one.

// Chunks encryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { key, encrypt } = require('@abubu/kaos')

const myKey = key('my secret key')

myKey.salt()
  // mySaltedKey must be reused for each chunks
  .then(mySaltedKey => pipeline(
    createReadStream('file to encrypt', { start: 0, end: 50 }),
    encrypt(mySaltedKey), // /!\ No offset fo the first chunk
    createWriteStream('encrypted file')
  ))
  .then(() => pipeline(
    createReadStream('file to encrypt', { start: 51 }),
    encrypt(mySaltedKey, 51), // Start offset of this chunk
    createWriteStream('encrypted file', { flags: 'r+', start: 51 })
  ))
  .then(() => console.log('Encryption succeeded.'))
  .catch(() => console.log('Encryption failed.'))

Stream.Transform decrypt (key, range = undefined)

The decrypt API accepts two parameters and returns a Stream.Transform instance.

The first parameter is the encryption key, similar to the encrypt API.

The second parameter must be used only when the decryption is done by chunks (see example).

NOTE : the decryption algorithm does not verify if the data is correctly decrypted.

// Simple decryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { decrypt } = require('@abubu/kaos')

pipeline(
  createReadStream('file to decrypt'),
  decrypt('my secret key'),
  createWriteStream('decrypted file')
)
  .then(() => console.log('Decryption succeeded.'))
  .catch(() => console.log('Decryption failed.'))

Decryption by chunks

When only a specific part of the message must be decoded, the key API provides information about the ranges to load from the encrypted data.

The first step consists in reading the key salt. Once salted, the key can be reused to decode other ranges of the same encrypted data.

// Chunks decryption

const { promisify } = require('util')
const pipeline = promisify(require('stream').pipeline)
const { createReadStream, createWriteStream } = require('fs')
const { key, decrypt } = require('@abubu/kaos')

const myKey = key('my secret key')

myKey.saltRange()
  .then(range => myKey.salt(createReadStream('file to decrypt', range)))
  // To decode bytes between 1000 and 1100 (inclusively)
  .then(saltedKey => saltedKey.byteRange(1000, 1100))
  .then(range => pipeline(
    createReadStream('file to decrypt', range),
    decrypt(saltedKey, range),
    createWriteStream('decrypted byte range')
  ))
  .then(() => console.log('Decryption succeeded.'))
  .catch(() => console.log('Decryption failed.'))
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文