我尝试使用crypto
库在NodeJS
中实现HKDFExpand
目标是在NodeJS
中解密加密的bitwarden
(密码管理器)密码保护导出。我尝试在NodeJS
中模仿相同的行为,但扩展的键与我使用的python版本不同。
JavaScript:
import crypto from 'crypto'
const salt = 'salt'
const iterations = 100000
const password = '123'
const masterKey = crypto.pbkdf2Sync(password, salt, iterations, 32,'sha256');
const streched = crypto.createHmac('sha256', 'enc').update(masterKey).digest();
console.log(masterKey.toString('hex')) // 5bb4...5990 <- Same
console.log(streched.toString('hex')) // 82be...6890 <- Different
Python:
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import kdf, hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives.kdf.hkdf import HKDFExpand
salt = 'salt'
iterations = 100000
password = b'123'
kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=bytes(salt, "utf-8"), iterations=iterations,backend=default_backend())
master_key = kdf.derive(password)
hkdf = HKDFExpand(algorithm=hashes.SHA256(), length=32, info=b"enc", backend=default_backend())
streched = hkdf.derive(master_key)
print(master_key.hex()) # 5bb4...5990 <- Same
print(streched.hex()) # 5bf9...473b <- Different
1条答案
按热度按时间2w2cym1i1#
我在bitwarden源代码中发现了这个函数,它可以工作