本文介绍了加密存储在我的数据库中的数据的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我目前正在使用nodejs作为后端,将ORM和postgres用作我的数据库.

i am currently using nodejs as my backend, sequelize ORM and postgres as my db.

我的用户注册时,我正在尝试使用内置的加密模块对数据进行加密.

When my user is signing up, i am trying to encrypt the data using the builtin crypto module.

一切正常,但是由于我正在生成自定义IV,因此加密数据都采用相同的IV,因为每次节点重新启动时都会呈现该数据.如何为每个字段赋予不同的IV?

everything is working but since i am generating a custom IV, the encrypted data all take the same IV since it is rendered every time node restarts. How do i give each field a different IV?

这是我第一次加密数据,有人可以告诉我我在做什么吗?

This is my first time encrypting data, can someone tell me if what i am doing is correct or not?

let key ="12345678123456781234567812345678";
let iv = crypto.randomBytes(16);

router.post(
 "/register",
 (req, res) => {

 let cipher1 = crypto.createCipheriv('aes-256-cbc', Buffer.from(key), iv);
 let cipher2 = crypto.createCipheriv('aes-256-cbc', Buffer.from(key), iv);
 let cipher3 = crypto.createCipheriv('aes-256-cbc', Buffer.from(key), iv);
 let cipher4 = crypto.createCipheriv('aes-256-cbc', Buffer.from(key), iv);
 let cipher5 = crypto.createCipheriv('aes-256-cbc', Buffer.from(key), iv);

 let mobilenumber = cipher1.update(req.body.mobilenumber);
 const encrypted_mobilenumber = Buffer.concat([mobilenumber, cipher1.final()]);

 let firstname = cipher2.update(req.body.firstname);
 const encrypted_firstname = Buffer.concat([firstname, cipher2.final()]);

 let lastname = cipher3.update(req.body.lastname);
 const encrypted_lastname = Buffer.concat([lastname, cipher3.final()]);

 let dob = cipher4.update(req.body.dob);
 const encrypted_dob = Buffer.concat([dob, cipher4.final()]);

 const fullAddress= req.body.housenumber + ', ' + req.body.address1 +
                    (req.body.address2===''?'': ', ' + req.body.address2 ) +
                   ', ' + req.body.city + ', ' + req.body.postcode + ', ' + req.body.country

 let address = cipher5.update(fullAddress);
 const encrypted_address = Buffer.concat([address, cipher5.final()]);

              User.create({
                            email: req.body.email,
                            mobilenumber:iv.toString('hex') + ':' + encrypted_mobilenumber.toString('hex'),
                            passcode: req.body.passcode,
                            firstname:iv.toString('hex') + ':' + encrypted_firstname.toString('hex'),
                            lastname:iv.toString('hex') + ':' + encrypted_lastname.toString('hex'),
                            dob:iv.toString('hex') + ':' + encrypted_dob.toString('hex'),
                            address:iv.toString('hex') + ':' + encrypted_address.toString('hex')
                          })

推荐答案

我认为我们可以通过引入一个新函数cryptoField()来简化此代码,该函数将使用提供的密钥对给定字段进行加密并将iv放在其前面返回之前.

I think we can simplify this code by introducing a new function, encryptField(), that will encrypt a given field with the key provided and prepend the iv to it before returning.

我还建议创建一个getFullAddress函数,以将地址组件转换为完整地址.

I would also suggest creating a getFullAddress function to turn address components into the full address.

所有这些都将大大减少代码长度和重复:

All of this should significantly reduce code length and duplication:

const key = "12345678123456781234567812345678";

function encryptField(data, key) {
    const iv = crypto.randomBytes(16);
    const cipher = crypto.createCipheriv('aes-256-cbc', Buffer.from(key), iv);
    return iv.toString('base64') + ':' + Buffer.concat([cipher.update(data),cipher.final()]).toString("base64");
}

function getFullAddress({housenumber, address1, address2, city, postcode, country}) {
    return [housenumber, address1, ...(address2 ? [address2]: []), city, postcode, country].join(", ");
}

router.post(
    "/register",
    (req, res) => {
        User.create({
            email: encryptField(req.body.email, key),
            mobilenumber: encryptField(req.body.mobilenumber, key),
            passcode: req.body.passcode,
            firstname: encryptField(req.body.firstname, key),
            lastname: encryptField(req.body.lastname, key),
            dob: encryptField(req.body.dob, key),
            address: encryptField(getFullAddress(req.body), key)
        })
    }
)

这篇关于加密存储在我的数据库中的数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-31 09:22