Crypto Streams

[00:00:00]
>> There's some more things. We've already, of course, seen some of these. I wasn't expecting, it's early, but there are a lot of core methods in crypto that are streaming. Like doing hashing, signing verification. We already saw creating symmetric ciphers Deciphering as well, as the streaming interface. This is a better method to use that we used.

[00:00:27]
We used this createCipherIv, which is the sequence-based encoding, so that would protect you against some kinds of replay attacks. Why don't we go ahead and use crypto.createHash to make a little program that's gonna hash the results of some input. And maybe we can also play around with zlib a little bit.

[00:00:48]
So let's just make these, and then I'll give all of you a chance to poke around at these APIs as well. So, If we want to create a program that just computes the hash, we can require createHash from ('crypto').createHash. So I believe you give createHash an algorithm name, like sha512, think it's like that.

[00:01:16]
So we can Pipe, stdin into that. It's an easy default. And then pipe the hash back out to stdout, if we like. And I think now we've got a little program, give it some input. And we get back some output. Of course, this is binary output, so maybe it's not the nicest to look at.

[00:01:38]
So we can modify our program to use a hex encoding, or a base-64 encoding, or what have you. So now, If I do Ctrl+B, we get a nice hash. Just to verify that this works correctly, we can take a known string, like abcd, without a new line, and get the hash.

[00:02:00]
Hang on, it's a little bit hard to see like that. So do. Okay, so this is our hash for the string abcd. If I do the same thing for shasum -a 512, I think works, we get the same thing. So our program is working like we would expect, cool.

[00:02:18]
Just add that. If you ever need to do something, like if you have if you implement something like a file upload on your HTTP server, a really useful thing to do is to take the hash of any type of incoming files. Because then if someone ever uploads the same file, either by mistake or maybe the network connection was flaky so they do it again, you could save some space by only storing a single copy by using the hash.

[00:02:45]
Because if someone uploads the same file twice, the hash will be the same, so you don't have to store it again. And the hashes will check that property for you automatically.