下面是我必须用于我正在构建的控制面板的密码哈希算法。原始函数在 PHP 中,但我正在重写它以便在 JavaScript 中与 Node.js 一起使用。
一切似乎都很顺利,但随后我调用了 fMod 并发生了崩溃:
RangeError: toFixed() digits argument must be between 0 and 20
尽管使用其他值,fmod 函数似乎也能正常工作。我在 fMod 中标记了抛出异常的行。
密码的正确哈希值应该是:
0x31c7296631df873d0891b7b77ae0c6c6
代码:
// JavaScript Version
var pass = "Cake99";
console.log(pCrypt2(pass));
function pCrypt2(plain) {
var array_mul = [213119, 213247, 213203, 213821];
var array_add = [2529077, 2529089, 2529589, 2529997];
var dst = Array.apply(null, new Array(16)).map(Number.prototype.valueOf,0);
var key = Array.apply(null, new Array(16)).map(Number.prototype.valueOf,0);
for (var i = 0; i < plain.length; i++ ) {
dst[i] = key[i] = ord(plain.substr(i, 1));
}
var val = [];
for (var i = 0; i <= 3; i++ ) {
val[i] = fmod((key[i * 4 + 0] + key[i * 4 + 1] * 0x100 + key[i * 4 + 2] * 0x10000 + key[i * 4 + 3] * 0x1000000) * array_mul[i] + array_add[i], 4294967296 );
}
for (i = 0; i <= 3; i++ ) {
key[i * 4 + 0] = val[i] & 0xff;
key[i * 4 + 1] = val[i] / 0x100 & 0xff;
key[i * 4 + 2] = val[i] / 0x10000 & 0xff;
key[i * 4 + 3] = val[i] / 0x1000000 & 0xff;
}
dst[0] = dst[0] ^ key[0];
for (var i = 1; i <= 15; i++ ) {
dst[i] = dst[i] ^ dst[i - 1] ^ key[i];
}
for (var i = 0; i <= 15; i++ ) {
if (dst [i] == 0 ) {
dst [i] = 0x66;
}
}
var encrypted = "0x";
for (var i = 0; i <= 15; i++ ) {
if (dst [i] < 16 ) {
encrypted = encrypted + "0";
}
encrypted = encrypted + dst[i].toString(16);
}
return (encrypted);
}
function ord(string) {
// discuss at: http://phpjs.org/functions/ord/
// original by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
// bugfixed by: Onno Marsman
// improved by: Brett Zamir (http://brett-zamir.me)
// input by: incidence
var str = string + '',
code = str.charCodeAt(0);
if (0xD800 <= code && code <= 0xDBFF) { // High surrogate (could change last hex to 0xDB7F to treat high private surrogates as single characters)
var hi = code;
if (str.length === 1) {
return code; // This is just a high surrogate with no following low surrogate, so we return its value;
// we could also throw an error as it is not a complete character, but someone may want to know
}
var low = str.charCodeAt(1);
return ((hi - 0xD800) * 0x400) + (low - 0xDC00) + 0x10000;
}
if (0xDC00 <= code && code <= 0xDFFF) { // Low surrogate
return code; // This is just a low surrogate with no preceding high surrogate, so we return its value;
// we could also throw an error as it is not a complete character, but someone may want to know
}
return code;
}
function fmod(x, y) {
// discuss at: http://phpjs.org/functions/fmod/
// original by: Onno Marsman
// input by: Brett Zamir (http://brett-zamir.me)
// bugfixed by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
// example 1: fmod(5.7, 1.3);
// returns 1: 0.5
var tmp, tmp2, p = 0,
pY = 0,
l = 0.0,
l2 = 0.0;
tmp = x.toExponential()
.match(/^.\.?(.*)e(.+)$/);
p = parseInt(tmp[2], 10) - (tmp[1] + '')
.length;
tmp = y.toExponential()
.match(/^.\.?(.*)e(.+)$/);
pY = parseInt(tmp[2], 10) - (tmp[1] + '')
.length;
if (pY > p) {
p = pY;
}
tmp2 = (x % y);
if (p < -100 || p > 20) {
// toFixed will give an out of bound error so we fix it like this:
l = Math.round(Math.log(tmp2) / Math.log(10));
l2 = Math.pow(10, l);
return (tmp2 / l2)
.toFixed(l - p) * l2;
} else {
return parseFloat(tmp2.toFixed(-p)); <<< ---- FAILS HERE ---------
}
}
//PHP原创--------------------------------
function encrypt( $plain )
{
$array_mul = array ( 0 => 213119, 1 => 213247, 2 => 213203, 3 => 213821 );
$array_add = array ( 0 => 2529077, 1 => 2529089, 2 => 2529589, 3 => 2529997 );
$dst = $key = array ( 0 => 0, 1 => 0, 2 => 0, 3 => 0, 4 => 0, 5 => 0, 6 => 0, 7 => 0, 8 => 0, 9 => 0, 10 => 0, 11 => 0, 12 => 0, 13 => 0, 14 => 0, 15 => 0 );
for ( $i = 0; $i < strlen ( $plain ); $i++ ) {
$dst [ $i ] = $key [ $i ] = ord ( substr ( $plain, $i, 1 ) );
}
for ( $i = 0; $i <= 3; $i++ ) {
$val [ $i ] = fmod ( ( $key [ $i * 4 + 0 ] + $key [ $i * 4 + 1 ] * 0x100 + $key [ $i * 4 + 2 ] * 0x10000 + $key [ $i * 4 + 3 ] * 0x1000000 ) * $array_mul [ $i ] + $array_add [ $i ], 4294967296 );
}
for ( $i = 0; $i <= 3; $i++ ) {
$key [ $i * 4 + 0 ] = $val [ $i ] & 0xff;
$key [ $i * 4 + 1 ] = $val [ $i ] / 0x100 & 0xff;
$key [ $i * 4 + 2 ] = $val [ $i ] / 0x10000 & 0xff;
$key [ $i * 4 + 3 ] = $val [ $i ] / 0x1000000 & 0xff;
}
$dst [ 0 ] = $dst [ 0 ] ^ $key [ 0 ];
for ( $i = 1; $i <= 15; $i++ ) {
$dst [ $i ] = $dst [ $i ] ^ $dst [ $i - 1 ] ^ $key [ $i ];
}
for ( $i = 0; $i <= 15; $i++ ) {
if ( $dst [ $i ] == 0 ) {
$dst [ $i ] = 0x66;
}
}
$encrypted = "0x";
for ( $i = 0; $i <= 15; $i++ ) {
if ( $dst [ $i ] < 16 ) {
$encrypted .= "0";
}
$encrypted .= dechex($dst[$i]);
}
return ( $encrypted );
}
最佳答案
您正在将 -p 作为位数传递给第 111 行中的 parseFloat(),在这部分代码中:
....
if (p < -100 || p > 20) {
// toFixed will give an out of bound error so we fix it like this:
l = Math.round(Math.log(tmp2) / Math.log(10));
l2 = Math.pow(10, l);
return (tmp2 / l2)
.toFixed(l - p) * l2;
} else {
return parseFloat(tmp2.toFixed(-p));
}
在计算时,-p 等于 -1。
为了演示的目的,如果我们将最后三行更改为
...
} else {
for(var i=0; i<=20;i++) {
console.log(parseFloat(tmp2.toFixed(i)));
}
//return parseFloat(tmp2.toFixed(-p));
}
我们得到
2529997
2529997
2529997
...
2529997
2529997
2529997
这是因为在第 101 行中,您得到了两个整数的模数。
tmp2 = (x % y);
两个整数的模在 JavaScript 中始终是一个整数。
因此,在第 112 行的 parseFloat() 中使用任何数字位数返回相同的值:
...
} else {
var i = Math.floor(Math.random()*20);
return parseFloat(tmp2.toFixed(i));
}
并运行脚本:
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
所以是的,去掉减号,或者如果您只处理整数,则完全删除 p。
还有其他几种方法可以解决此问题。
请注意,Number.prototype.toFixed() 将在 p > 0 时抛出 RangeError。由于 p 的计算方式,当存在舍入或前导零时会发生这种情况:
> x = 12345; tmp = x.toExponential().match(/^.\.?(.*)e(.+)$/); p = parseInt(tmp[2], 10) - (tmp[1] + '').length;
0
> x = 1234567890123456789; tmp = x.toExponential().match(/^.\.?(.*)e(.+)$/); p = parseInt(tmp[2], 10) - (tmp[1] + '').length;
2
> x = 101000; tmp = x.toExponential().match(/^.\.?(.*)e(.+)$/); p = parseInt(tmp[2], 10) - (tmp[1] + '').length;
3
您当前使用 x:3626296650629732529077 和 y:4294967296 调用 fmod,这导致 p = 1。
您可以修改 fmod 函数以拒绝负值:
if (p < -100 || p > 20) {
// toFixed will give an out of bound error so we fix it like this:
l = Math.round(Math.log(tmp2) / Math.log(10));
l2 = Math.pow(10, l);
return (tmp2 / l2)
.toFixed(l - p) * l2;
} else if ( p > 0 ) {
return parseFloat(tmp2.toFixed(p));
} else {
return parseFloat(tmp2.toFixed(-p));
}
我们修改您的 pCrypt2 函数以使用较小的 x。
有关 JavaScript 舍入的更多详细信息,请参阅 Number.prototype.toFixed()。
关于javascript - PHP转JS密码加密算法抛异常,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/22651663/