JS to PHP uses the RSA Algorithm for encrypted communication, jsrsa

JS to PHP uses the RSA Algorithm for encrypted communication, jsrsa

We usually submit the user login form, and the user name and password are POST directly to the backend in plain text, which is easy to be listened to by others.

When I do rsa on js, I feel that jsencrypt is well encapsulated, but I still encountered some pitfalls in use, So I entered the code to fill in the pitfalls ~

Https://github.com/travist/jsencrypt project here

I will not talk about jsencrypt and RSA much.

Jsencrypt is incompatible with the latest PHP, so it took a long time to make some changes in js.

Can directly download the modified js: http://pan.baidu.com/s/1qYu0FA8

1. Edit jsencrypt. js and add three methods:

1 function RSAEncryptLong (text) {2 var length = (this. n. bitLength () + 7)> 3)-11; 3 if (length <= 0) return false; 4 var ret = ""; 5 var I = 0; 6 while (I + length <text. length) {7 ret + = this. _ short_encrypt (text. substring (I, I + length); 8 I + = length; 9} 10 ret + = this. _ short_encrypt (text. substring (I, text. length); 11 return ret; 12} 13 14/** 15 * base64 encoded 16 * @ param {Object} str17 */18 function base64encode (str) {19 var out, i, len; 20 var c1, c2, c3; 21 len = str. length; 22 I = 0; 23 out = ""; 24 while (I <len) {25 c1 = str. charCodeAt (I ++) & 0xff; 26 if (I = len) {27 out + = base64EncodeChars. charAt (c1> 2); 28 out + = base64EncodeChars. charAt (c1 & 0x3) <4); 29 out + = "="; 30 break; 31} 32 c2 = str. charCodeAt (I ++); 33 if (I = len) {34 out + = base64EncodeChars. charAt (c1> 2); 35 out + = base64EncodeChars. charAt (c1 & 0x3) <4) | (c2 & 0xF0)> 4); 36 out ++ = base64EncodeChars. charAt (c2 & 0xF) <2); 37 out + = "="; 38 break; 39} 40 c3 = str. charCodeAt (I ++); 41 out + = base64EncodeChars. charAt (c1> 2); 42 out + = base64EncodeChars. charAt (c1 & 0x3) <4) | (c2 & 0xF0)> 4); 43 out ++ = base64EncodeChars. charAt (c2 & 0xF) <2) | (c3 & 0xC0)> 6); 44 out + = base64EncodeChars. charAt (c3 & 0x3F); 45} 46 return out; 47} 48 49/** 50 * base64 decoding 51 * @ param {Object} str52 */53 function base64decode (str) {54 var c1, c2, c3, c4; 55 var I, len, out; 56 len = str. length; 57 I = 0; 58 out = ""; 59 while (I <len) {60/* c1 */61 do {62 c1 = base64DecodeChars [str. charCodeAt (I ++) & 0xff]; 63} 64 while (I <len & c1 =-1); 65 if (c1 =-1) 66 break; 67/* c2 */68 do {69 c2 = base64DecodeChars [str. charCodeAt (I ++) & 0xff]; 70} 71 while (I <len & c2 =-1); 72 if (c2 =-1) 73 break; 74 out + = String. fromCharCode (c1 <2) | (c2 & 0x30)> 4); 75/* c3 */76 do {77 c3 = str. charCodeAt (I ++) & 0xff; 78 if (c3 = 61) 79 return out; 80 c3 = base64DecodeChars [c3]; 81} 82 while (I <len & c3 =-1); 83 if (c3 =-1) 84 break; 85 out + = String. fromCharCode (c2 & 0XF) <4) | (c3 & 0x3C)> 2); 86/* c4 */87 do {88 c4 = str. charCodeAt (I ++) & 0xff; 89 if (c4 = 61) 90 return out; 91 c4 = base64DecodeChars [c4]; 92} 93 while (I <len & c4 =-1); 94 if (c4 =-1) 95 break; 96 out + = String. fromCharCode (c3 & 0x03) <6) | c4); 97} 98 return out; 99}

2. Find this line.

RSAKey.prototype.encrypt = RSAEncrypt;

To:

RSAKey.prototype.encrypt = RSAEncryptLong;RSAKey.prototype._short_encrypt = RSAEncrypt;

3. Find this line of code.

JSEncrypt.prototype.encrypt = function (string) {  // Return the encrypted string.  try {    return hex2b64(this.getKey().encrypt(string));  }

To:

JSEncrypt.prototype.encrypt = function (string) {  // Return the encrypted string.  try {    return base64encode(this.getKey().encrypt(string));  }

 

4. Page js encryption code

1 <script type="text/javascript" src="jsencrypt.js"></script>2 <script>3 function encrypt(msg) {4     var rsa = new JSEncrypt();5     rsa.setPublic('

-----BEGIN PUBLIC KEY-----MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6LHB0pVFfBSUkTtzQVXvX4ohF3M0jb/7JdTs3GJccf+VhYjIIdOmFFGrJFXAI459VbTuobG/yoCN5OOWs7NrCZvFQ3gS9u7RU2Mf7vK3So+hP56ijWMMzVkmBwyKF9U6NQ4Q4NhUMIpe/8HA87eps1n2emxEbxrNanvSQi3c1VwIDAQAB-----END PUBLIC KEY-----

', '10001'); 
6  return rsa.encrypt(msg); 
7 } 
8 </script>

 

5. PHP code decryption

 1 require_once('Crypt/RSA.php'); 2 define("KEY_PRIVATE", "

-----BEGIN RSA PRIVATE KEY-----
MIICWwIBAAKBgQC6LHB0pVFfBSUkTtzQVXvX4ohF3M0jb/7JdTs3GJccf+VhYjII
dOmFFGrJFXAI459VbTuobG/yoCN5OOWs7NrCZvFQ3gS9u7RU2Mf7vK3So+hP56ij
WMMzVkmBwyKF9U6NQ4Q4NhUMIpe/8HA87eps1n2emxEbxrNanvSQi3c1VwIDAQAB
AoGAR/EWP60Gha5qTN6Aq6zs3161hDGvv8rubRD1IfRJqISvsfMNHIF5H6jlHvE+
yuCS2KMOU6YbmGlTa+uVrT4VxjKqDhvRoym4oOXdZURlr2hHsQjB5A20Ud6mh2dA
TpbXodxBHz9xA/KJanesFUipQMftzfjezDCSOtM/DwiqZ+ECQQDltR45mSpmK9/k
Izk76iQiQe3Elxvhu/FFo/g23fMk4dG2ZObUmTnGED81VOp8TqR9/WJ0NFHywoGy
J/sdZdORAkEAz3uxMWWsG0ywSb6tRuxr1zVBRPkzH3v0tuNxFl09dKq2HS4U2uAD
nXFnyseSpWEZB9asrH1+frYIFjxFSra2ZwJAL/kWeeMCFtp85NFyZ4/rwffQ52jD
mu48YlXvRc4utHow6Q3Do4zoovPLr6CvZAysj992S1yN7Mwwd/uflzEn8QJADRtX
OjOeB6t0h3QQJibROSsYEG9dl2ORNexwPGVveGtATd+XWaxFDjEXyWuKDAByQFiD
V/Ilh4OgRydPiUS5iQJAdSjhqtN1kz5nyiP8tYbmwxhMojLl7qSNkYJEarhml6Wy
gvInF7gsoOg/MUC8Ytgv+f93gi2aHGR/rn0ODRkqqg==
-----END RSA PRIVATE KEY-----

"); 
10 
11 function decrypt(msg) { 
12  $rsa = new Crypt_RSA(); 
13  $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); 
14  $rsa->loadKey(KEY_PRIVATE, CRYPT_RSA_PRIVATE_FORMAT_PKCS1); 
15  $s = new Math_BigInteger(base64_decode(msg), 16); 
16  retrun $rsa->decrypt($s->toBytes()); 
17 }

 

Generation of RSA key pairs online: http://travistidwell.com/jsencrypt/demo/

 

Finally, I hope this solution can help some of you. If there is any problem with my article, please feel free to contact me to help me correct it.

 

Refer:

Http://travistidwell.com/jsencrypt/

Http://travistidwell.com/jsencrypt/demo/

Http://bestmike007.com/2011/08/secure-data-transmission-between-pure-php-and-javascript-using-rsa/