On this page
@std/crypto
Overview Jump to heading
Extensions to the Web Crypto supporting additional encryption APIs, but also delegating to the built-in APIs when possible.
import { crypto } from "@std/crypto/crypto";
const message = "Hello, Deno!";
const encoder = new TextEncoder();
const data = encoder.encode(message);
await crypto.subtle.digest("BLAKE3", data);
Add to your project Jump to heading
deno add jsr:@std/crypto
See all symbols in @std/crypto on
什么是 Web Crypto? Jump to heading
Web Crypto API 是一套标准的低级加密基本功能,支持在网页浏览器和类似 Deno 的环境中使用。它提供安全的方法用于哈希、加密、解密、签名和验证数据,适合需要保护敏感信息的场景。
为什么使用 @std/crypto? Jump to heading
该包提供了兼容 Web Crypto 的辅助工具和算法(例如 BLAKE3),且 API 易于使用。适用场景包括:
- API 客户端和 SDK:签名/验证负载、计算请求校验和,或用 BLAKE3 生成缓存验证器(类似 ETag)。
- 命令行工具和构建系统:对文件和目录生成指纹,以用于缓存、构建产物完整性或变更检测。
- 边缘/无服务器应用:验证 webhook 和 JWT 部分,存储前对正文进行哈希,或进行常数时间密码比较。
- 数据管道:通过快速哈希去重二进制数据;根据内容生成稳定 ID。
示例 Jump to heading
哈希 Jump to heading
import { crypto } from "@std/crypto/crypto";
const data = new TextEncoder().encode("hello");
const hash = await crypto.subtle.digest("BLAKE3", data);
console.log(new Uint8Array(hash));
哈希转十六进制 Jump to heading
import { crypto } from "@std/crypto/crypto";
const toHex = (bytes: Uint8Array) =>
Array.from(bytes).map((b) => b.toString(16).padStart(2, "0")).join("");
const data = new TextEncoder().encode("hello");
const buf = await crypto.subtle.digest("BLAKE3", data);
console.log(toHex(new Uint8Array(buf))); // 例如 "ea..."
哈希文件(BLAKE3) Jump to heading
import { crypto } from "@std/crypto/crypto";
const file = await Deno.readFile("./README.md");
const buf = await crypto.subtle.digest("BLAKE3", file);
console.log(new Uint8Array(buf));
常数时间比较 Jump to heading
import { crypto } from "@std/crypto/crypto";
import { timingSafeEqual } from "@std/crypto/timing-safe-equal";
const enc = new TextEncoder();
const a = new Uint8Array(
await crypto.subtle.digest("BLAKE3", enc.encode("abc")),
);
const b = new Uint8Array(
await crypto.subtle.digest("BLAKE3", enc.encode("abd")),
);
console.log(timingSafeEqual(a, b)); // false
同步哈希(脚本) Jump to heading
import { crypto } from "@std/crypto/crypto";
const data = new TextEncoder().encode("fast");
const buf = crypto.subtle.digestSync("BLAKE3", data);
console.log(new Uint8Array(buf));
随机字节 Jump to heading
import { crypto } from "@std/crypto/crypto";
const iv = new Uint8Array(12);
crypto.getRandomValues(iv);
console.log(iv);
AES-GCM 加密/解密(Web Crypto) Jump to heading
import { crypto } from "@std/crypto/crypto";
const key = await crypto.subtle.generateKey(
{ name: "AES-GCM", length: 256 },
true,
["encrypt", "decrypt"],
);
const iv = crypto.getRandomValues(new Uint8Array(12));
const data = new TextEncoder().encode("secret message");
const ciphertext = await crypto.subtle.encrypt(
{ name: "AES-GCM", iv },
key,
data,
);
const plaintext = await crypto.subtle.decrypt(
{ name: "AES-GCM", iv },
key,
ciphertext,
);
console.log(new TextDecoder().decode(new Uint8Array(plaintext))); // "secret message"
小贴士 Jump to heading
- 优先使用 Web Crypto 提供的基础功能;避免自行实现加密算法。
- 使用
TextEncoder对输入编码,并用字节或十六进制比较结果。