JS到PHP使用RSA算法进行加密通讯
我们平时做用户登录表单提交,用户名密码都是明文直接POST到后端,这样很容易被别人从监听到。
在js上做rsa,感觉jsencrypt这个是封装的比较好的,但用起来还是遇到了些坑,所以踩进代码里填填坑~
关于jsencrypt和RSA我就不多介绍了,直接上代码
因为jsencrypt与最新的PHP不兼容所以折腾了好久,在js上做了些改动
1,编辑jsencrypt.js,添加3个方法:
1 functionRSAEncryptLong(text) {2 var length = ((this.n.bitLength()+7)>>3) - 11;3 if (length <= 0) return false;4 var ret = "";5 var i = 0;6 while(i + length
14 /**15 * base64编码16 * @param {Object} str17 */
18 functionbase64encode(str){19 varout, i, len;20 varc1, c2, c3;21 len =str.length;22 i = 0;23 out = "";24 while (i > 2);28 out += base64EncodeChars.charAt((c1 & 0x3) << 4);29 out += "==";30 break;31 }32 c2 = str.charCodeAt(i++);33 if (i ==len) {34 out += base64EncodeChars.charAt(c1 >> 2);35 out += base64EncodeChars.charAt(((c1 & 0x3) << 4) | ((c2 & 0xF0) >> 4));36 out += base64EncodeChars.charAt((c2 & 0xF) << 2);37 out += "=";38 break;39 }40 c3 = str.charCodeAt(i++);41 out += base64EncodeChars.charAt(c1 >> 2);42 out += base64EncodeChars.charAt(((c1 & 0x3) << 4) | ((c2 & 0xF0) >> 4));43 out += base64EncodeChars.charAt(((c2 & 0xF) << 2) | ((c3 & 0xC0) >> 6));44 out += base64EncodeChars.charAt(c3 & 0x3F);45 }46 returnout;47 }48
49 /**50 * base64解码51 * @param {Object} str52 */
53 functionbase64decode(str){54 varc1, c2, c3, c4;55 vari, len, out;56 len =str.length;57 i = 0;58 out = "";59 while (i
61 do{62 c1 = base64DecodeChars[str.charCodeAt(i++) & 0xff];63 }64 while (i < len && c1 == -1);65 if (c1 == -1)66 break;67 /*c2*/
68 do{69 c2 = base64DecodeChars[str.charCodeAt(i++) & 0xff];70 }71 while (i < len && c2 == -1);72 if (c2 == -1)73 break;74 out += String.fromCharCode((c1 << 2) | ((c2 & 0x30) >> 4));75 /*c3*/
76 do{77 c3 = str.charCodeAt(i++) & 0xff;78 if (c3 == 61)79 returnout;80 c3 =base64DecodeChars[c3];81 }82 while (i < len && c3 == -1);83 if (c3 == -1)84 break;85 out += String.fromCharCode(((c2 & 0XF) << 4) | ((c3 & 0x3C) >> 2));86 /*c4*/
87 do{88 c4 = str.charCodeAt(i++) & 0xff;89 if (c4 == 61)90 returnout;91 c4 =base64DecodeChars[c4];92 }93 while (i < len && c4 == -1);94 if (c4 == -1)95 break;96 out += String.fromCharCode(((c3 & 0x03) << 6) |c4);97 }98 returnout;99 }
2,找到这一行
RSAKey.prototype.encrypt = RSAEncrypt;
修改为:
RSAKey.prototype.encrypt =RSAEncryptLong;
RSAKey.prototype._short_encrypt= RSAEncrypt;
3,找到这一行代码
JSEncrypt.prototype.encrypt = function(string) {//Return the encrypted string.
try{return hex2b64(this.getKey().encrypt(string));
}
修改为:
JSEncrypt.prototype.encrypt = function(string) {//Return the encrypted string.
try{return base64encode(this.getKey().encrypt(string));
}
4,页面js加密代码
1
2
3 functionencrypt(msg) {4 var rsa = newJSEncrypt();5 rsa.setPublic('
-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6LHB0pVFfBSUkTtzQVXvX4ohF3M0jb/7JdTs3GJccf+VhYjIIdOmFFGrJFXAI459VbTuobG/yoCN5OOWs7NrCZvFQ3gS9u7RU2Mf7vK3So+hP56ijWMMzVkmBwyKF9U6NQ4Q4NhUMIpe/8HA87eps1n2emxEbxrNanvSQi3c1VwIDAQAB-----END PUBLIC KEY-----
', '10001');6 returnrsa.encrypt(msg);7 }8
5,PHP解密代码
1 require_once('Crypt/RSA.php');2 define("KEY_PRIVATE", "
-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQC6LHB0pVFfBSUkTtzQVXvX4ohF3M0jb/7JdTs3GJccf+VhYjII
dOmFFGrJFXAI459VbTuobG/yoCN5OOWs7NrCZvFQ3gS9u7RU2Mf7vK3So+hP56ij
WMMzVkmBwyKF9U6NQ4Q4NhUMIpe/8HA87eps1n2emxEbxrNanvSQi3c1VwIDAQAB
AoGAR/EWP60Gha5qTN6Aq6zs3161hDGvv8rubRD1IfRJqISvsfMNHIF5H6jlHvE+
yuCS2KMOU6YbmGlTa+uVrT4VxjKqDhvRoym4oOXdZURlr2hHsQjB5A20Ud6mh2dA
TpbXodxBHz9xA/KJanesFUipQMftzfjezDCSOtM/DwiqZ+ECQQDltR45mSpmK9/k
Izk76iQiQe3Elxvhu/FFo/g23fMk4dG2ZObUmTnGED81VOp8TqR9/WJ0NFHywoGy
J/sdZdORAkEAz3uxMWWsG0ywSb6tRuxr1zVBRPkzH3v0tuNxFl09dKq2HS4U2uAD
nXFnyseSpWEZB9asrH1+frYIFjxFSra2ZwJAL/kWeeMCFtp85NFyZ4/rwffQ52jD
mu48YlXvRc4utHow6Q3Do4zoovPLr6CvZAysj992S1yN7Mwwd/uflzEn8QJADRtX
OjOeB6t0h3QQJibROSsYEG9dl2ORNexwPGVveGtATd+XWaxFDjEXyWuKDAByQFiD
V/Ilh4OgRydPiUS5iQJAdSjhqtN1kz5nyiP8tYbmwxhMojLl7qSNkYJEarhml6Wy
gvInF7gsoOg/MUC8Ytgv+f93gi2aHGR/rn0ODRkqqg==
-----END RSA PRIVATE KEY-----
");10
11 functiondecrypt(msg) {12 $rsa = newCrypt_RSA();13 $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);14 $rsa->loadKey(KEY_PRIVATE, CRYPT_RSA_PRIVATE_FORMAT_PKCS1);15 $s = new Math_BigInteger(base64_decode(msg), 16);16 retrun $rsa->decrypt($s->toBytes());17 }
最后 我希望这个解决方案能帮助你们中的一些人。如果我的文章有什么问题,请随时联系帮助我纠正它。
参考: