Client hash encryption (Javascript hash encryption, with source code), javascript

Source: Internet
Author: User
Tags hmac md5 hash account security

Client hash encryption (Javascript hash encryption, with source code), javascript
Summary

It is hard to imagine the network environment in which users use the applications we developed. If the network environment in which users are located is not a trusted environment, the user's account security may be threatened, for example, when a user logs on, the account and password submitted by the user are stolen by the network sniffer. The client's encrypted data can effectively prevent the network sniffer from stealing data, after the client-side Javascript encrypts the data, it is submitted to the server for verification, which effectively improves the security factor of the system. This complies with the in-depth defense principle and the confidentiality of data security elements; this article describes two common encryption algorithms: md5 and sha1;

 

HashEncrypt encryption object

The encryption algorithm encapsulates HashEncrypt objects, including MD5 and SHA1 methods and HashFormat attributes. In addition, it extends the String type of the system and adds md5 and sha1 methods to its instances;

Attribute

HashFormat: output format enumeration, object type, static structure: {Base64: "Base64", Hex: "Hex", String: "String "}

Method

MD5 Method

HashEncrypt. MD5 (string, ascii, hexUpperCase)

 

String type: string, required for the content to be encrypted

Ascii type: bool (optional) indicates whether to use ASCII encoding. The default value is Unicode.

HexUpperCase type: bool, optional. Whether the output hexadecimal encoding is uppercase or not

 

HashEncrypt. MD5 (string, base64Pad, ascii)

String type: string, the content to be encrypted

Ascii type: bool. Indicates whether to use ASCII character encoding. The default value is Unicode.

Base64Pad type: string. The default Filling Character of the output base64 is "=". If this parameter is set to a string, the default output format is base64 encoding.

 

HashEncrypt. MD5 (string, hexUpperCase)

 

String type: string, the content to be encrypted

HexUpperCase type: number, 1 indicates that the output hexadecimal code is uppercase;

 

HashEncrypt. MD5 (string, options)

 

String type: string, the content to be encrypted

Options type: object, encrypted Parameter options;

 

Options attribute description:

 

Ascii type: bool. Indicates whether to use ASCII character encoding. The default value is Unicode.

 

Base64 type: string. The default Filling Character of the output base64 is "=". If this parameter is set to a string, the default output format is base64 encoding.

 

HexUpperCase type: bool, whether the output hexadecimal encoding is capital

 

Format: HashEncrypt. HashFormat Enumeration type, which indicates the output format of the ciphertext. Optional values include:

"Base64" base64 encoding format, "Hex" hexadecimal encoding format, and "String" direct conversion of String format;

 

HmacKey type: string, optional. Use the MD5 Hash function to calculate the hash-based message Verification Code (HMAC ),

This HMAC process blends the key with the message data, uses the hash function to hash the mixed result, blends the obtained hash value with the key, and then applies the hash function again. The length of the output hash value is 128 bits.

 

Example:

<Script> var data = HashEncrypt. MD5 ("hello world! ", False, false); //" hello world! ". Md5 (false, false) // The result above this line of code is the same document. write (data); </script>

Output result: 99da75326ffaf6acc0debe844b359894

 

SHA1 Method

The signature of this method is exactly the same as that of the MD5 method. We will not repeat it here, hahaha ..

 

Download Code:

Source code and method demonstration

Http://files.cnblogs.com/Jackson-Bruce/%E5% AE %A2%E6%88%B7%E7% AB %AF%E5%93%88%E5%B8%8C%E5%8A%A0%E5%AF%86.zip

Release

Http://files.cnblogs.com/Jackson-Bruce/HashEncrypt.min.js

Related information:

Http://pajhome.org.uk/crypt/md5

 


Why is hash encryption irreversible?

Irreversible encryption algorithms do not require keys during encryption. After a plaintext is input, the system processes the encrypted data directly into a ciphertext. the encrypted data cannot be decrypted, only when the plaintext is re-entered and processed by the same irreversible encryption algorithm again, the same encrypted ciphertext is obtained and re-identified by the system. Obviously, in this type of encryption process, encryption is self-encryption, and decryption is self-encryption. The so-called decryption is actually re-encryption, and the applied "password" is the input plaintext. The irreversible encryption algorithm does not have the key storage and distribution issues and is suitable for distributed network systems. However, due to the complexity of encryption computing, the workload is quite heavy. It is usually used only when the data volume is limited, for example, password encryption widely used in computer systems uses irreversible encryption algorithms. In recent years, with the continuous improvement of computer system performance, the application field of irreversible encryption is gradually increasing. Among the many irreversible encryption algorithms used in computer networks, the MD5 Algorithm invented by RSA and the irreversible encryption Standard self-built (Secure Hash Standard: Safe and messy Information Standard) proposed by the National Bureau of Standards).

If there are two passwords 3 and 4, my encryption algorithm is 3 + 4, and the result is 7, but through 7, I cannot determine that the two passwords are 3 and 4, there are many combinations, which are the simplest and irreversible, so they can only be tried one by one through brute force cracking.

For hash Encryption

N hash is a non-inverse algorithm.

But I don't think there are absolutely safe algorithms.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.