密码加密算法在从PHP转换为JS时抛出异常

Question

下面是我必须使用的密码哈希算法,用于我正在构建的控制面板.原始函数是在PHP中,但我正在重写它以与JavaScript中的Node.js一起使用.

一切似乎都很好,但接着我打电话给fMod崩溃:

RangeError: toFixed() digits argument must be between 0 and 20

该fmod函数似乎与其他值一起正常工作.我已经标记了fMod引发异常的行.

密码的正确哈希值应为:

0x31c7296631df873d0891b7b77ae0c6c6

码:

// JavaScript Version
var pass = "Cake99";

console.log(pCrypt2(pass));

function pCrypt2(plain) {

    var array_mul = [213119, 213247, 213203, 213821];
    var array_add = [2529077, 2529089, 2529589, 2529997];
    var dst = Array.apply(null, new Array(16)).map(Number.prototype.valueOf,0);
    var key = Array.apply(null, new Array(16)).map(Number.prototype.valueOf,0);

    for (var i = 0; i < plain.length; i++ ) {
        dst[i] = key[i] = ord(plain.substr(i, 1));
    }

    var val = [];
    for (var i = 0; i <= 3; i++ ) {
        val[i] = fmod((key[i * 4 + 0] + key[i * 4 + 1] * 0x100 + key[i * 4 + 2] * 0x10000 + key[i * 4 + 3] * 0x1000000) * array_mul[i] + array_add[i], 4294967296 );
    }

    for (i = 0; i <= 3; i++ ) {
        key[i * 4 + 0] = val[i] & 0xff;
        key[i * 4 + 1] = val[i] / 0x100 & 0xff;
        key[i * 4 + 2] = val[i] / 0x10000 & 0xff;
        key[i * 4 + 3] = val[i] / 0x1000000 & 0xff;
    }

    dst[0] =  dst[0] ^ key[0];
    for (var i = 1; i <= 15; i++ ) {
        dst[i] = dst[i] ^ dst[i - 1] ^ key[i];
    }

    for (var i = 0; i <= 15; i++ ) {
        if (dst [i] == 0 ) {
            dst [i] = 0x66;
        }
    }

    var encrypted = "0x";
    for (var i = 0; i <= 15; i++ ) {
        if (dst [i] < 16 ) {
            encrypted = encrypted + "0";
        }
        encrypted = encrypted + dst[i].toString(16);

    }
    return (encrypted);
}

function ord(string) {
    //  discuss at: http://phpjs.org/functions/ord/
    // original by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
    // bugfixed by: Onno Marsman
    // improved by: Brett Zamir (http://brett-zamir.me)
    //    input by: incidence
    var str = string + '',
        code = str.charCodeAt(0);
    if (0xD800 <= code && code <= 0xDBFF) { // High surrogate (could change last hex to 0xDB7F to treat high private surrogates as single characters)
        var hi = code;
        if (str.length === 1) {
            return code; // This is just a high surrogate with no following low surrogate, so we return its value;
            // we could also throw an error as it is not a complete character, but someone may want to know
        }
        var low = str.charCodeAt(1);
        return ((hi - 0xD800) * 0x400) + (low - 0xDC00) + 0x10000;
    }
    if (0xDC00 <= code && code <= 0xDFFF) { // Low surrogate
        return code; // This is just a low surrogate with no preceding high surrogate, so we return its value;
        // we could also throw an error as it is not a complete character, but someone may want to know
    }
    return code;
}

function fmod(x, y) {
    //  discuss at: http://phpjs.org/functions/fmod/
    // original by: Onno Marsman
    //    input by: Brett Zamir (http://brett-zamir.me)
    // bugfixed by: Kevin van Zonneveld (http://kevin.vanzonneveld.net)
    //   example 1: fmod(5.7, 1.3);
    //   returns 1: 0.5

    var tmp, tmp2, p = 0,
        pY = 0,
        l = 0.0,
        l2 = 0.0;

    tmp = x.toExponential()
        .match(/^.\.?(.*)e(.+)$/);
    p = parseInt(tmp[2], 10) - (tmp[1] + '')
        .length;
    tmp = y.toExponential()
        .match(/^.\.?(.*)e(.+)$/);
    pY = parseInt(tmp[2], 10) - (tmp[1] + '')
        .length;

    if (pY > p) {
        p = pY;
    }

    tmp2 = (x % y);

    if (p < -100 || p > 20) {
        // toFixed will give an out of bound error so we fix it like this:
        l = Math.round(Math.log(tmp2) / Math.log(10));
        l2 = Math.pow(10, l);

        return (tmp2 / l2)
            .toFixed(l - p) * l2;
    } else {
        return parseFloat(tmp2.toFixed(-p)); <<< ---- FAILS HERE ---------
    }
}

// PHP原创--------------------------------

function encrypt( $plain )
{
  $array_mul = array ( 0 => 213119, 1 => 213247, 2 => 213203, 3 => 213821 );
  $array_add = array ( 0 => 2529077, 1 => 2529089, 2 => 2529589, 3 => 2529997 );
  $dst = $key = array ( 0 => 0, 1 => 0, 2 => 0, 3 => 0, 4 => 0, 5 => 0, 6 => 0, 7 => 0, 8 => 0, 9 => 0, 10 => 0, 11 => 0, 12 => 0, 13 => 0, 14 => 0, 15 => 0 );

  for ( $i = 0; $i < strlen ( $plain ); $i++ ) {
    $dst [ $i ] = $key [ $i ] = ord ( substr ( $plain, $i, 1 ) );
  }

  for ( $i = 0; $i <= 3; $i++ ) {
    $val [ $i ] = fmod ( ( $key [ $i * 4 + 0 ] + $key [ $i * 4 + 1 ] * 0x100 + $key [ $i * 4 + 2 ] * 0x10000 + $key [ $i * 4 + 3 ] * 0x1000000 ) * $array_mul [ $i ] + $array_add [ $i ], 4294967296 );
  }

  for ( $i = 0; $i <= 3; $i++ ) {
    $key [ $i * 4 + 0 ] = $val [ $i ] & 0xff;
    $key [ $i * 4 + 1 ] = $val [ $i ] / 0x100 & 0xff;
    $key [ $i * 4 + 2 ] = $val [ $i ] / 0x10000 & 0xff;
    $key [ $i * 4 + 3 ] = $val [ $i ] / 0x1000000 & 0xff;
  }

  $dst [ 0 ] = $dst [ 0 ] ^ $key [ 0 ];
  for ( $i = 1; $i <= 15; $i++ ) {
    $dst [ $i ] = $dst [ $i ] ^ $dst [ $i - 1 ] ^ $key [ $i ];
  }

  for ( $i = 0; $i <= 15; $i++ ) {
    if ( $dst [ $i ] == 0 ) {
      $dst [ $i ] = 0x66;
    }
  }

  $encrypted = "0x";
  for ( $i = 0; $i <= 15; $i++ ) {
    if ( $dst [ $i ] < 16 ) {
      $encrypted .= "0";
    }
    $encrypted .= dechex($dst[$i]);
  }
  return ( $encrypted );
}

Answer 1

您将传递-p给parseFloat()第111行中的数字位数,在此部分代码中:

....
if (p < -100 || p > 20) {
    // toFixed will give an out of bound error so we fix it like this:
    l = Math.round(Math.log(tmp2) / Math.log(10));
    l2 = Math.pow(10, l);

    return (tmp2 / l2)
        .toFixed(l - p) * l2;
} else {
    return parseFloat(tmp2.toFixed(-p)); 
}

在评估时,-p等于-1.

出于演示的目的,如果我们将最后三行更改为

...
} else {

    for(var i=0; i<=20;i++) {
        console.log(parseFloat(tmp2.toFixed(i)));
    }
    //return parseFloat(tmp2.toFixed(-p)); 
}

我们得到了

2529997
2529997
2529997
...
2529997
2529997
2529997

这是因为在第101行,你得到两个整数的模数.

tmp2 = (x % y);

两个整数的模数在JavaScript中始终是整数.

因此,在第112行的parseFloat()中使用任意值来返回相同的值:

...
} else {
    var i = Math.floor(Math.random()*20);
    return parseFloat(tmp2.toFixed(i)); 
}

并运行脚本:

alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6
alain@vaio ~/dev/test % node script.js
0x31c7296631df873d0891b7b77ae0c6c6

所以是的,丢失减号,或完全删除p,如果你只处理整数.

还有另外两种方法可以解决这个问题.

请注意,Number.prototype.toFixed()在抛出RangeError时p > 0.由于计算p的方式,当出现舍入或有前导零时会发生这种情况:

> x = 12345; tmp = x.toExponential().match(/^.\.?(.*)e(.+)$/); p = parseInt(tmp[2], 10) - (tmp[1] + '').length;
0

> x = 1234567890123456789; tmp = x.toExponential().match(/^.\.?(.*)e(.+)$/); p = parseInt(tmp[2], 10) - (tmp[1] + '').length;
2

> x = 101000; tmp = x.toExponential().match(/^.\.?(.*)e(.+)$/); p = parseInt(tmp[2], 10) - (tmp[1] + '').length;
3

您当前正在使用x:3626296650629732529077和y:4294967296调用fmod,这会导致p = 1.

你可以修改fmod函数来拒绝负值:

if (p < -100 || p > 20) {
    // toFixed will give an out of bound error so we fix it like this:
    l = Math.round(Math.log(tmp2) / Math.log(10));
    l2 = Math.pow(10, l);

    return (tmp2 / l2)
        .toFixed(l - p) * l2;
} else if ( p > 0 ) {
    return parseFloat(tmp2.toFixed(p)); 
} else {
    return parseFloat(tmp2.toFixed(-p)); 
}

我们修改你的pCrypt2函数以使用更小的x.

有关JavaScript舍入的更多详细信息,请参见Number.prototype.toFixed().