crypto.getDiffieHellman(groupName)


创建预定义的 DiffieHellmanGroup 密钥交换对象。 支持的组是:'modp1''modp2''modp5'(在 RFC 2412 中定义,但请参阅注意事项)和 'modp14''modp15''modp16''modp17''modp18'(在 RFC 3526 中定义)。 返回的对象模仿 crypto.createDiffieHellman() 创建的对象的接口,但不允许更改键(例如,使用 diffieHellman.setPublicKey())。 使用这种方法的优点是双方不必事先生成或交换组模数,既节省了处理器时间又节省了通信时间。

示例(获取共享密钥):

const crypto = require('crypto');
const alice = crypto.getDiffieHellman('modp14');
const bob = crypto.getDiffieHellman('modp14');

alice.generateKeys();
bob.generateKeys();

const aliceSecret = alice.computeSecret(bob.getPublicKey(), null, 'hex');
const bobSecret = bob.computeSecret(alice.getPublicKey(), null, 'hex');

/* aliceSecret 和 bobSecret 应该是一样的 */
console.log(aliceSecret === bobSecret);

Creates a predefined DiffieHellmanGroup key exchange object. The supported groups are: 'modp1', 'modp2', 'modp5' (defined in RFC 2412, but see Caveats) and 'modp14', 'modp15', 'modp16', 'modp17', 'modp18' (defined in RFC 3526). The returned object mimics the interface of objects created by crypto.createDiffieHellman(), but will not allow changing the keys (with diffieHellman.setPublicKey(), for example). The advantage of using this method is that the parties do not have to generate nor exchange a group modulus beforehand, saving both processor and communication time.

Example (obtaining a shared secret):

const crypto = require('crypto');
const alice = crypto.getDiffieHellman('modp14');
const bob = crypto.getDiffieHellman('modp14');

alice.generateKeys();
bob.generateKeys();

const aliceSecret = alice.computeSecret(bob.getPublicKey(), null, 'hex');
const bobSecret = bob.computeSecret(alice.getPublicKey(), null, 'hex');

/* aliceSecret and bobSecret should be the same */
console.log(aliceSecret === bobSecret);