加密Cryptico.js,用OpenSSL解密 [英] Encrypt with Cryptico.js, Decrypt with OpenSSL
问题描述
我正在服务器上创建公钥/私钥,将密钥发送给加密用户密码的JavaScript客户端。客户端将密码发送到服务器,服务器使用私钥对其进行解密,但密码恢复为空。我已经验证了所有支持情况的值是正确的,所以这是具体的加密/解密。我在哪里出错?
I am creating a public/private key on the server, sending the key to the JavaScript client where it encrypts a users password. The client sends the password to the server, and the server uses the private key to decrypt it, but the password is coming back null. I have verified all values supporting the situation are correct, so it's something with the encryption/decryption specifically. Where am I going wrong?
可能是cryptico.js与php openssl不兼容?
Possibly, is cryptico.js not compatible with php openssl?
图书馆信息:
https://github.com/wwwtyro/cryptico
http://www.php.net/manual/en/function.openssl-pkey-new.php
以下是相关代码片段:
PHP - 创建公钥/私钥
$config = array(
"digest_alg" => "sha512",
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
// Create the private and public key
$res = openssl_pkey_new($config);
// Extract the private key from $res to $privateKey
openssl_pkey_export($res, $privateKey);
// Extract the public key from $res to $publicKey
$publicKey = openssl_pkey_get_details($res);
$publicKey = $publicKey["key"];
JavaScript - 客户端使用公钥加密数据。
var xhr = new XMLHttpRequest();
var data = new FormData();
xhr.open('POST', '/signUp2.php');
data.append('user', User);
var encryptedPassword = cryptico.encrypt(password, localStorage["publicKey"]);
data.append('password', encryptedPassword.cipher);
xhr.onreadystatechange = function()
{
if(xhr.readyState == 4 && xhr.status == 200)
{
var jsonArray = JSON.parse(xhr.responseText);
if(jsonArray[0] == "0")
{
alert("Account created. You may now sign in.");
}
else
alert("Error Code: " + jsonArray[0]);
}
}
xhr.send(data);
PHP - 服务器收到加密密码和attemps解密失败
openssl_private_decrypt($encryptedPassword, $decryptedPassword, $row[1]);
推荐答案
cryptico.js可以使用openssl,但是我们有要修改它一点。
cryptico.js could work with openssl, but we have to modify it a bit.
它不直接识别pem格式的公钥(其中openssl的使用)。我们必须在php端提取公钥的n和e部分:
it don't directly recognize the public key in pem format (which openssl use). we have to extract the 'n' and 'e' part of a public key in php side:
$key = openssl_pkey_new(array(
'private_key_bits' => 1024,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
'digest_alg' => 'sha256'
));
$detail = openssl_pkey_get_details($key);
$n = base64_encode($detail['rsa']['n']);
$e = bin2hex($detail['rsa']['e']);
另外cryptico.js硬编码公钥的'e'部分(见publicKeyFromString的定义api.js),所以我们需要解决这个问题:
also, cryptico.js hardcoded the 'e' part of a public key (see definition of publicKeyFromString in api.js), so we need to fix this:
my.publicKeyFromString = function(string)
{
var tokens = string.split("|");
var N = my.b64to16(tokens[0]);
var E = tokens.length > 1 ? tokens[1] : "03";
var rsa = new RSAKey();
rsa.setPublic(N, E);
return rsa
}
现在我们可以加密字符串: p>
now we are able to encrypt strings:
var publicKey = "{$n}|{$e}",
encrypted = cryptico.encrypt("plain text", publicKey);
作业尚未完成。 cryptico.encrypt的结果不是简单地由RSA加密。实际上,它由两部分组合:由RSA加密的aes密钥和用AES加密的明文密码。如果我们只需要RSA,我们可以修改my.encrypt:
job is not finished yet. the result of cryptico.encrypt is NOT simply encrypted by RSA. indeed, it was combined of two parts: an aes key encrypted by RSA, and the cipher of the plain text encrypted with that aes key by AES. if we only need RSA, we could modify my.encrypt:
my.encrypt = function(plaintext, publickeystring, signingkey)
{
var cipherblock = "";
try
{
var publickey = my.publicKeyFromString(publickeystring);
cipherblock += my.b16to64(publickey.encrypt(plaintext));
}
catch(err)
{
return {status: "Invalid public key"};
}
return {status: "success", cipher: cipherblock};
}
现在我们可以使用openssl解密密码:
now we are able to decrypt the cipher with openssl:
$private = openssl_pkey_get_private("YOUR PRIVATE KEY STRING IN PEM");
// $encrypted is the result of cryptico.encrypt() in javascript side
openssl_private_decrypt(base64_decode($encrypted), $decrypted, $private);
// now $decrypted holds the decrypted plain text
这篇关于加密Cryptico.js,用OpenSSL解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!