上周由于前后端使用的RSA加密规范不统一,加密方式更改使用微信小程序wx_rsa加密方式。根据需求前端直接生成密钥对,研究了下:
生成PKCS8规范的密钥对
test(){
let keyPair = this.generateKeypairPkcs8()
let publicKey = '-----BEGIN PUBLIC KEY-----' + keyPair[0] + '-----END PUBLIC KEY-----'
let privateKey = '-----BEGIN PRIVATE KEY-----' + keyPair[1] + '-----END PRIVATE KEY-----'
let str = 'word'
let encStr = this.encryptPkcs8(str,publicKey)
console.log('加密结果:'+encStr)
let decStr = this.decryptPkcs8(encStr,privateKey)
console.log('解密结果:'+decStr)
}
encryptPkcs8(str, publicKey){
let encrypt = new RSA.RSAKey()
encrypt = RSA.KEYUTIL.getKey(publicKey)
let encStr = encrypt.encrypt(str)
encStr = RSA.hex2b64(encStr)
return encStr
},
decryptPkcs8(str, privateKey){
let decrypt = new RSA.RSAKey()
decrypt = RSA.KEYUTIL.getKey(privateKey)
let encStr = RSA.b64tohex(str)
let decStr = decrypt.decrypt(encStr)
return decStr
},
generateKeypairPkcs8(){
let keyPair = RSA.KEYUTIL.generateKeypair('RSA',1024)
let publicKey = RSA.KEYUTIL.getPEM(keyPair.pubKeyObj,'PKCS8PUB')
let privateKey = RSA.KEYUTIL.getPEM(keyPair.prvKeyObj,'PKCS8PRV')
// 去除-----*** RSA **** KEY----- 和空格换行
publicKey = (publicKey.split('-----'))[2];
publicKey = publicKey.replace(/\n/g, "").replace(/\r/g, "").replace(/\t/g, "").replace(/\s*/g, "");
privateKey = (privateKey.split('-----'))[2];
privateKey = privateKey.replace(/\n/g, "").replace(/\r/g, "").replace(/\t/g, "").replace(/\s*/g, "");
return [publicKey, privateKey];
}
详细可查看API文档:http://kjur.github.io/jsrsasign/api/symbols/KEYUTIL.html#.generateKeypair