Node.js DiffieHellmanGroup类

在本文中，我们将讨论可在 Node.js 加密模块中访问的 DiffieHellmanGroup 类。我们可以利用不同的群组并计算发送者和接收者的密钥，感谢 DiffieHellmanGroup 类。共享密钥位组将用于发送者和接收者之间的密钥交换。Diffie-Hellman 算法基于一个大素数 (P) 和一个生成元 (G)。P 的原根是 G。

原根： 设 G 是素数 P 的原根，那么 G 是介于 [1，P – 1] 之间的整数，X 是介于 [1，P – 2] 之间的整数，对于每个 X 值，GX mod P 的值都是不同的。

以下是 Diffie-Hellman 群组：

SR.No.	Group	Bits
1	modp14	2048 bits
2	modp15	3072 bits
3	modp16	4096 bits
4	modp17	6144 bits
5	modp18	8192 bits

这里的位数代表了素数的长度。如果我们使用 mod14 群来计算共享密钥，那么素数的长度将为2048位。

系统的安全性将取决于素数的长度。假设您使用 mod18 群，则该系统与上述群组相比将更加安全。

示例 1： 在这个示例中，我们将使用 modp14 群组计算Alice和Bob的共享密钥。我们首先为它们创建 DiffieHellmanGroup 对象，并使用 generateKeys() 方法生成公钥和私钥。然后，我们使用先前创建的公钥计算发件人和接收人的共享密钥。最后，我们比较两个共享密钥。如果两个密钥相同，表示密钥在发件人和接收人之间成功共享。

// Importing the getDiffieHellman from crypto module
const { getDiffieHellman } = require('node:crypto');
 
// Creating DiffieHellmanGroup object for alice
let alice = getDiffieHellman('modp14');
 
// Creating DiffieHellmanGroup object for bob
let bob = getDiffieHellman('modp14');
 
// Generates private and public Diffie-Hellman 
// key values, and returns the public key in 
// the specified encoding for alice and bob
alice.generateKeys();
bob.generateKeys();
 
// Computes the shared secret using 
// public keys for alice and bob
let AliceSecret =
    alice.computeSecret(bob.getPublicKey(), null, 'hex');
 
let BobSecret =
    bob.computeSecret(alice.getPublicKey(), null, 'hex');
 
// Alice shared secret key
console.log(AliceSecret);
 
// Bob shared secret key
console.log(BobSecret);
 
// Print true if both secret keys are same
console.log(AliceSecret == BobSecret);

输出：

928d3833a5a4e87369acf80b836c81aab21d28393bb329fc0461be9eb33df60399146a2a7dbcd53e30cdfce2409953a1b4ef04290b22ebb7680a9b46d6e19f84430afb703459af2be3c547ec45a2499ed3ae95b9dff3dc614ad0550ebde073b5a6e88767af65296315dcccbebe2fed6e1f0e4fb810cd6936b2b8dc0a06bb346383a6f9b2b4ed5b5c724ead557d021e275e6d0b2c25133cfafb196562ce227c8be6421b6bdd0aae47d82b98feb618e0886010167cb280a883ba843586ea958c72219f7a115a6d3c2ca53389384664a821075676772ba8f93e686a095f5f70a16e4372085f07fa7d069af107450859e5f88a33fa1e2f81dd69e2076f31870d846f 

928d3833a5a4e87369acf80b836c81aab21d28393bb329fc0461be9eb33df60399146a2a7dbcd53e30cdfce2409953a1b4ef04290b22ebb7680a9b46d6e19f84430afb703459af2be3c547ec45a2499ed3ae95b9dff3dc614ad0550ebde073b5a6e88767af65296315dcccbebe2fed6e1f0e4fb810cd6936b2b8dc0a06bb346383a6f9b2b4ed5b5c724ead557d021e275e6d0b2c25133cfafb196562ce227c8be6421b6bdd0aae47d82b98feb618e0886010167cb280a883ba843586ea958c72219f7a115a6d3c2ca53389384664a821075676772ba8f93e686a095f5f70a16e4372085f07fa7d069af107450859e5f88a33fa1e2f81dd69e2076f31870d846f 

true

示例2： 在这个示例中，我们将使用 modp18 集合，并计算出Alice和Bob的共享密钥。

// Importing the getDiffieHellman from crypto module
const { getDiffieHellman } = require('node:crypto');
 
// Creating DiffieHellmanGroup object for alice
let alice = getDiffieHellman('modp18');
 
// Creating DiffieHellmanGroup object for bob
let bob = getDiffieHellman('modp18');
 
// Generates private and public Diffie-Hellman key values,
// and returns the public key in the specified encoding for
// alice and bob
alice.generateKeys();
bob.generateKeys();
 
// Computes the shared secret using 
// public keys for alice and bob
let AliceSecret =
    alice.computeSecret(bob.getPublicKey(), null, 'hex');
 
let BobSecret =
    bob.computeSecret(alice.getPublicKey(), null, 'hex');
 
// Alice shared secret key
console.log(AliceSecret);
 
// Bob shared secret key
console.log(BobSecret);
 
// Print true if both secret keys are same
console.log(AliceSecret == BobSecret);

输出：

32dbed1cc7a20af8f6bc5555b2fecd8887d2d1be7b59e51893a1881b938aa71af7fdcf66f3ec597c9a9dc8e801d18cf227017aa3fcd5129efdf0b80bdcc1a4ab928b769d61a98dbb2c5006936ab6b9e04567785f71b3edee8c10cc7c6003972b3b9b46ab726a2cb2c92556c6f8a3fdb0e0199f0160228fe087b8d909b7d366cdd2f8c3429002bcd873f38ad1169bfb0131b3b99c41a90058cbcb7ec5f66cb10014c58c13e5ff40896a66e812b708f56f81910bd49499ea902ada86fbd8a8bc3b96fe0d96a909533111b7d37016ecfc99384491824bfb67c30d6120bbaf7369ee4947d5b50a439f64a41568aff6daee3ea72f85cab6fa3d854a68df1b6f3e394f856268b0eb395c548f127665d68bb203fb343161ff170d6c8d39a5ad54ea9799092dc2aa6c191025ea21689ab52098b1059e2e715cd76218276c4e2afb0ef55f32217b8eff016042b7a75e87526d98946a381dfd7cbf0cac72fe0da3fe014cc5debf960022fbc101ff0f1e06471bcbe4e355ff8403354d0d9b637a2037b78044568bfddf83872c749007c9e610be6eb6aa667fa3e833330c69d832dc016d4af4458ea3e667b757acc72bace152c83601fc8d5a2e3dfa6269deae48567069fea5ab197e980a3fb72864975b37ec7dff8df40b3bb5d7c40c886e0b690f6253853c7ad9ea6b5e56c5cc59c88d7aed35b5745e2366ee746f6ac4629b34cedced01b3c6258e117090033734ac5a25439933383601176c40fc2c8184453e7e47111cc71ecc688a0f51a03413b75ee60a88355a7d6b475263528c86be0189ae644769ce35514ae8407500123d17bc84b8541ac0b32b4bdd092ab6f323ce087068a334ac10e19e683ad2b9178bcbe2f2cb49800da294ee76377fa87c553ade76f6b120081dd4c4f06cce8d5e3f292a6ef68aaa50bdfb8413e1d150990303586c82817283fb1f102824b6a99a02653751b37e194359d9c805148d38dc6c9668afb09610e01b0bd193f9162f9cc02ff88af88d56fef3f40aa6920550bc5ab88b364cbbf98d43c5f510b75921e432ac47834f51d82c4dda23971efa23537c0830a6a129e956334b84e639b53c162325831e42943d01d2bba55273951830b0a2bd4c5ef9e2eb8f13f2479a091eef24f67199cf540d0fbf655ac5ffb8d807c17f293078f6a1f8cbfb1705a1b2dc41996cc02cd663df35d0a9da1e5b900fb46ee5c8c01e548a38476a4e2d2074b73af157e98335a34426060c9fed79de50a91115a79bc7fc9023d6800df5d830b7f98db9526f2df5f246c805c81283b664c0441d627072d4506e31be136c279f9ccfb18db7ae9aab484746104e940f2a7e59c803dce55e6515ceb22ce7ea3ba0f9cfdcb39e38cb824cf83103c6cd1ce33ddcfbbc1e510657b46b15422bea493596aed96dd2329ffaf9cc7b202515408358113671f1c6b1567f5b 

32dbed1cc7a20af8f6bc5555b2fecd8887d2d1be7b59e51893a1881b938aa71af7fdcf66f3ec597c9a9dc8e801d18cf227017aa3fcd5129efdf0b80bdcc1a4ab928b769d61a98dbb2c5006936ab6b9e04567785f71b3edee8c10cc7c6003972b3b9b46ab726a2cb2c92556c6f8a3fdb0e0199f0160228fe087b8d909b7d366cdd2f8c3429002bcd873f38ad1169bfb0131b3b99c41a90058cbcb7ec5f66cb10014c58c13e5ff40896a66e812b708f56f81910bd49499ea902ada86fbd8a8bc3b96fe0d96a909533111b7d37016ecfc99384491824bfb67c30d6120bbaf7369ee4947d5b50a439f64a41568aff6daee3ea72f85cab6fa3d854a68df1b6f3e394f856268b0eb395c548f127665d68bb203fb343161ff170d6c8d39a5ad54ea9799092dc2aa6c191025ea21689ab52098b1059e2e715cd76218276c4e2afb0ef55f32217b8eff016042b7a75e87526d98946a381dfd7cbf0cac72fe0da3fe014cc5debf960022fbc101ff0f1e06471bcbe4e355ff8403354d0d9b637a2037b78044568bfddf83872c749007c9e610be6eb6aa667fa3e833330c69d832dc016d4af4458ea3e667b757acc72bace152c83601fc8d5a2e3dfa6269deae48567069fea5ab197e980a3fb72864975b37ec7dff8df40b3bb5d7c40c886e0b690f6253853c7ad9ea6b5e56c5cc59c88d7aed35b5745e2366ee746f6ac4629b34cedced01b3c6258e117090033734ac5a25439933383601176c40fc2c8184453e7e47111cc71ecc688a0f51a03413b75ee60a88355a7d6b475263528c86be0189ae644769ce35514ae8407500123d17bc84b8541ac0b32b4bdd092ab6f323ce087068a334ac10e19e683ad2b9178bcbe2f2cb49800da294ee76377fa87c553ade76f6b120081dd4c4f06cce8d5e3f292a6ef68aaa50bdfb8413e1d150990303586c82817283fb1f102824b6a99a02653751b37e194359d9c805148d38dc6c9668afb09610e01b0bd193f9162f9cc02ff88af88d56fef3f40aa6920550bc5ab88b364cbbf98d43c5f510b75921e432ac47834f51d82c4dda23971efa23537c0830a6a129e956334b84e639b53c162325831e42943d01d2bba55273951830b0a2bd4c5ef9e2eb8f13f2479a091eef24f67199cf540d0fbf655ac5ffb8d807c17f293078f6a1f8cbfb1705a1b2dc41996cc02cd663df35d0a9da1e5b900fb46ee5c8c01e548a38476a4e2d2074b73af157e98335a34426060c9fed79de50a91115a79bc7fc9023d6800df5d830b7f98db9526f2df5f246c805c81283b664c0441d627072d4506e31be136c279f9ccfb18db7ae9aab484746104e940f2a7e59c803dce55e6515ceb22ce7ea3ba0f9cfdcb39e38cb824cf83103c6cd1ce33ddcfbbc1e510657b46b15422bea493596aed96dd2329ffaf9cc7b202515408358113671f1c6b1567f5b 

true

参考资料： https://nodejs.org/api/crypto.html#class-diffiehellmangroup