JSEncrypt转换为PHP非对称加密

时间:2018-08-28 14:00:22

标签: javascript php encryption encryption-asymmetric jsencrypt

我正在尝试从客户端到服务器进行非对称加密,其中客户端具有公共密钥,而服务器具有私有。

在客户端,我使用javascript中的JSEncrypt使用我的公钥进行加密。从那里,我使用AJAX将加密的数据发送到我的PHP脚本。我尝试使用openssl_private_decrypt()解密数据,但它始终返回false。我已经尝试告诉它期望不同的填充,即使我确定它是PKCS1。

有人可以告诉我我在做什么错吗?

以下是所有相关代码:

JAVASCRIPT:

function getpubkey(){ //Gets Public Key from server
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function(){
    if (this.readyState == 4 && this.status == 200){
        pubkey = this.responseText;
    }
};
xmlhttp.open("POST", "PHP/ajax.php", false);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.send("do=getpub");
}


function encryptdata(plaintext){ //Encrypts argument with Public Key
var encrypt = new JSEncrypt();
encrypt.setPublicKey(pubkey);
var encrypted = encrypt.encrypt(plaintext);
return encrypted;
}


function login(){ //Sends login data to server and displays response on page
getpubkey();
var encuser = encryptdata(document.getElementById('username').value);
var encpass = encryptdata(document.getElementById('password').value);
encuser = window.btoa(encuser);
encpass = window.btoa(encpass);
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function(){
    if (this.readyState == 4 && this.status == 200){
            document.getElementById('maincontent').innerHTML = this.responseText;
    }
};
xmlhttp.open("POST", "PHP/ajax.php", true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.send("do=login&param1="+encuser+"&param2="+encpass);

}

PHP(ajax.php):

if (!isset($_POST['do'])){
header("Location: ../index.php");
die();
}

$do = $_POST['do'];

if(isset($_POST['param1'])){
$param1 = $_POST['param1'];
}

if(isset($_POST['param2'])){
$param2 = $_POST['param2'];
}


$allow = 1;
require("../KEYS/priv.php"); //Contains $priv which holds the private key
if(openssl_private_decrypt(base64_decode($param1), $username, $priv, OPENSSL_PKCS1_PADDING)){
    $return = $username;
}
else{
    $return = "Decrypt Failed";
}

if(isset($return)){
echo $return;
}

priv.php:

<?php

if (!isset($allow)){
    header("Location: ../index.php");
    die();
}

$priv = "-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAtzAVRzbQWzZi7wjqA/0magqlWQfKJhrfnCuytqwNR0rMKk+h
Gx1c+1YaPsN0ZMdBVWyBWJYWzlCjWOKx1vnYgBb3MPXn1QvGkrv+WtXX3VQRsPjW
tjaAqLYdjP/m64+pVDr54mt4RzNxi1dQ/PRD6TnjdVhLMpftPv1ELTWCl2tyzSTP
3G2LY4dDVstuhzO8+3R9PaIle7CnVZ/2qSSbHVN4Juzn3zSemjRykoZLoV3VLsHU
2Cb3m21tCMWB7BFlChd2cYiXeZamJHaypvK+6ZjQgEN7IYeb4ALOIx50WntOC67S
29qpG1MZ84TF/OLtVTFWFM+buSCvYpPMMSzSqQIDAQABAoIBAFy/7aYW7Luh98mL
O+E1JWP/a+R9+y374UfTIDM5PafhCSpLEwkFfvSKjdNFZwM3l67Gt17A718amPoC
HYT5D1MbTaDugKjvw2S75nbbWuZnEGYIN74eLlo9iwy+7I5MOLG7ApZPT6DNPSoN
1aWdj1zgwHfDcp91KNwBo6k4NJyxIK0xVSvdcnecpndQ611BUicz3mfMUoa+axDg
GROs7IQvEyYMru0E2/lZdURJS1uNg+T3kyBs3zINibwNEFsf8V3e90haWlMjc5MW
nNFTo4KWPoHZCWIsyMPZfinjEk/5+DKdFFIQAY7YWUhjnu23Qc4oRu4hb+vTFXQt
2FCp2nkCgYEA58QY4zeqhkIPVEWFs/lZDcd/GdwL+/0Dmmm6lUvTQpUG/u0njY9n
JOTyvNc+vH3U9FWm3yPKX+HbARC4CMV/x9jU8QIIa0ARcETjh6BQGaEkIReDeXhq
X3kwcdSuhqK9nrmp1ocGeIYFGZPrrofJI+1gODCMtdgqt9pbN+8UJxsCgYEAylel
rpsFSiAx0bBcZ9kCPHYHpR2kdpcv4iOunpPJLJQ+p0KhCdDA1J7LftlNVS1Pg34W
aD3nundbH0D/8B1qnlXvPIDBGOEbnfnKAdf0ti1cznQoBsIzwa56Fcu8MqK9DQXJ
AHkmEIdHjPtXjM7fEEuz4kRLjcdirV2T5+KZNYsCgYBCioqaseDDqzO7fjpk8bIf
wqc7RXIrZvkh3Dk1pA+DjkXz6yLwAbwbW6BVl3brpzT88Zp3dk8kODQomiQ8YHfP
aPG6QFsqb7qSATVSOzTEJv+4gIe+2FOyFZlTFT0GarMGX0fjz+CLue686TtBYLrf
FcgKWeYMT4P0RTzrUjj3AQKBgQCf/Rtg6uwMx1X88dCuv/S3r6+ty7ldl39h9Eq+
0iWwHOtJPzKr2yaNN525h8JQxgnn84tuEvymAHfJR5DW37uMxG/sS/XiYSOADqC+
Qm4YmdeW2ltHtMhNrVKU50nAU9LdeCSNPj1ttjlJ7PY1vOC9Ns5d6xg+W1fXsnUf
VZlErwKBgQCLWkrCqsxjKvWBQIE7DgtF5e2eFuuwIWwPODn3uNR7DCrpy7PyBVAd
TWrKw+Uu0FmVgEiMWlIWjgse58/ZaBHXzqU5ScsibshJU/tacG+M1uqxAcyr+p03
qkSuqbJ6OqUnOWwATrEFLxt5BVnwLlizp9sPggEIJ6mMdOW9J6wONA==
-----END RSA PRIVATE KEY-----";

?>

我的键:

公共:

  

----- BEGIN公钥----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzAVRzbQWzZi7wjqA / 0m   agqlWQfKJhrfnCuytqwNR0rMKk + hGx1c + 1YaPsN0ZMdBVWyBWJYWzlCjWOKx1vnY   gBb3MPXn1QvGkrv + WtXX3VQRsPjWtjaAqLYdjP / m64 + pVDr54mt4RzNxi1dQ / PRD   6TnjdVhLMpftPv1ELTWCl2tyzSTP3G2LY4dDVstuhzO8 + 3R9PaIle7CnVZ / 2qSSb   HVN4Juzn3zSemjRykoZLoV3VLsHU2Cb3m21tCMWB7BFlChd2cYiXeZamJHaypvK +   6ZjQgEN7IYeb4ALOIx50WntOC67S29qpG1MZ84TF / OLtVTFWFM + buSCvYpPMMSzS   qQIDAQAB   ----- END公钥-----

私人:

  

---开始使用RSA专用密钥----- MIIEpAIBAAKCAQEAtzAVRzbQWzZi7wjqA / 0magqlWQfKJhrfnCuytqwNR0rMKk + h   Gx1c + 1YaPsN0ZMdBVWyBWJYWzlCjWOKx1vnYgBb3MPXn1QvGkrv + WtXX3VQRsPjW   tjaAqLYdjP / m64 + pVDr54mt4RzNxi1dQ / PRD6TnjdVhLMpftPv1ELTWCl2tyzSTP   3G2LY4dDVstuhzO8 + 3R9PaIle7CnVZ / 2qSSbHVN4Juzn3zSemjRykoZLoV3VLsHU   2Cb3m21tCMWB7BFlChd2cYiXeZamJHaypvK + 6ZjQgEN7IYeb4ALOIx50WntOC67S   29qpG1MZ84TF / OLtVTFWFM + buSCvYpPMMSzSqQIDAQABAoIBAFy / 7aYW7Luh98mL   O + E1JWP / a + R9 + y374UfTIDM5PafhCSpLEwkFfvSKjdNFZwM3l67Gt17A718amPoC   HYT5D1MbTaDugKjvw2S75nbbWuZnEGYIN74eLlo9iwy + 7I5MOLG7ApZPT6DNPSoN   1aWdj1zgwHfDcp91KNwBo6k4NJyxIK0xVSvdcnecpndQ611BUicz3mfMUoa + axDg   GROs7IQvEyYMru0E2 / lZdURJS1uNg + T3kyBs3zINibwNEFsf8V3e90haWlMjc5MW   nNFTo4KWPoHZCWIsyMPZfinjEk / 5 + DKdFFIQAY7YWUhjnu23Qc4oRu4hb + vTFXQt   2FCp2nkCgYEA58QY4zeqhkIPVEWFs / lZDcd / GdwL + / 0Dmmm6lUvTQpUG / u0njY9n   JOTyvNc + vH3U9FWm3yPKX + HbARC4CMV / x9jU8QIIa0ARcETjh6BQGaEkIReDeXhq   X3kwcdSuhqK9nrmp1ocGeIYFGZPrrofJI + 1gODCMtdgqt9pbN + 8UJxsCgYEAylel   rpsFSiAx0bBcZ9kCPHYHpR2kdpcv4iOunpPJLJQ + p0KhCdDA1J7LftlNVS1Pg34W   aD3nundbH0D / 8B1qnlXvPIDBGOEbnfnKAdf0ti1cznQoBsIzwa56Fcu8MqK9DQXJ   AHkmEIdHjPtXjM7fEEuz4kRLjcdirV2T5 + KZNYsCgYBCioqaseDDqzO7fjpk8bIf   wqc7RXIrZvkh3Dk1pA + DjkXz6yLwAbwbW6BVl3brpzT88Zp3dk8kODQomiQ8YHfP   aPG6QFsqb7qSATVSOzTEJv + 4gIe + 2FOyFZlTFT0GarMGX0fjz + CLue686TtBYLrf   FcgKWeYMT4P0RTzrUjj3AQKBgQCf / Rtg6uwMx1X88dCuv / S3r6 + ty7ldl39h9Eq +   0iWwHOtJPzKr2yaNN525h8JQxgnn84tuEvymAHfJR5DW37uMxG / sS / XiYSOADqC +   Qm4YmdeW2ltHtMhNrVKU50nAU9LdeCSNPj1ttjlJ7PY1vOC9Ns5d6xg + W1fXsnUf   VZlErwKBgQCLWkrCqsxjKvWBQIE7DgtF5e2eFuuwIWwPODn3uNR7DCrpy7PyBVAd   TWrKw + Uu0FmVgEiMWlIWjgse58 / ZaBHXzqq5ScsibshJU / tacG + M1uqxAcyr + p03   qkSuqbJ6OqUnOWwATrEFLxt5BVnwLlizp9sPggEIJ6mMdOW9J6wONA ==   -----结束RSA私钥-----

1 个答案:

答案 0 :(得分:1)

不知道在这段时间之后它是否仍然有帮助。我通过阅读 jsencrypt 的源代码找到了原因。在此处查看您的代码:

var encrypt = new JSEncrypt();
encrypt.setPublicKey(pubkey);
var encrypted = encrypt.encrypt(plaintext);

在这之后你做到了

var encuser = encryptdata(document.getElementById('username').value);
var encpass = encryptdata(document.getElementById('password').value);
encuser = window.btoa(encuser);
encpass = window.btoa(encpass);

您加密用户,然后使用 btoa() 函数将其编码为 Base64。

但结果是 encrypt.encrypt() 返回的结果已经是 Base64 了。对,encuserencpass 不需要被编码成 Base64,他们已经是了!!!

所以只需删除

encuser = window.btoa(encuser);
encpass = window.btoa(encpass);

我觉得应该没问题。

顺便说一句,我浏览了 JSEncrypt 提供的所有文档,但没有提到他们的结果是 Base64...

相关问题
最新问题