前端ajax请求添加rsa签名,nodejs请求添加签名,nodejs api添加验签
来源:互联网 发布:淘宝物流评价怎么修改 编辑:程序博客网 时间:2024/05/30 13:42
前端ajax请求添加rsa签名
如何使用openssl生成私钥 公钥
http://blog.csdn.net/scape1989/article/details/18959657
教程 :https://github.com/kjur/jsrsasign/wiki/Tutorial-for-Signature-class
文章最后有需要引入的js地址
签名原理是 :
前端使用私钥rsa-sha1签名请求body加密为base64格式的签名
后端base64解密使用公钥rsa-sha1验签
前端代码
<!doctype html><html lang="en"><head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0"> <meta http-equiv="X-UA-Compatible" content="ie=edge"> <title>Document</title> <script src="jquery-3.0.0.min.js"></script> <script src="jsrsasign-latest-all-min.js"></script> <script src="caiqrSign.js"></script></head><body></body><script> var sign = doSign("tangxuelong"); console.log(sign); $.ajax({ type: 'POST', url: "http://localhost/product", beforeSend: function(request) { request.setRequestHeader("caiqiuNodeSign", sign); }, // dataType: 'json', // contentType: "application/json", success: function(data) { console.log(data); }, error: function(xhr, type) { } });</script></html>
doSign方法所在的js文件代码:
if (!window.atob) { var tableStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; var table = tableStr.split(""); window.atob = function (base64) { if (/(=[^=]+|={3,})$/.test(base64)) throw new Error("String contains an invalid character"); base64 = base64.replace(/=/g, ""); var n = base64.length & 3; if (n === 1) throw new Error("String contains an invalid character"); for (var i = 0, j = 0, len = base64.length / 4, bin = []; i < len; ++i) { var a = tableStr.indexOf(base64[j++] || "A"), b = tableStr.indexOf(base64[j++] || "A"); var c = tableStr.indexOf(base64[j++] || "A"), d = tableStr.indexOf(base64[j++] || "A"); if ((a | b | c | d) < 0) throw new Error("String contains an invalid character"); bin[bin.length] = ((a << 2) | (b >> 4)) & 255; bin[bin.length] = ((b << 4) | (c >> 2)) & 255; bin[bin.length] = ((c << 6) | d) & 255; }; return String.fromCharCode.apply(null, bin).substr(0, bin.length + n - 4); }; window.btoa = function (bin) { for (var i = 0, j = 0, len = bin.length / 3, base64 = []; i < len; ++i) { var a = bin.charCodeAt(j++), b = bin.charCodeAt(j++), c = bin.charCodeAt(j++); if ((a | b | c) > 255) throw new Error("String contains an invalid character"); base64[base64.length] = table[a >> 2] + table[((a << 4) & 63) | (b >> 4)] + (isNaN(b) ? "=" : table[((b << 2) & 63) | (c >> 6)]) + (isNaN(b + c) ? "=" : table[c & 63]); } return base64.join(""); };}function hexToBase64(str) { return btoa(String.fromCharCode.apply(null, str.replace(/\r|\n/g, "").replace(/([\da-fA-F]{2}) ?/g, "0x$1 ").replace(/ +$/, "").split(" ")) );}function base64ToHex(str) { for (var i = 0, bin = atob(str.replace(/[ \r\n]+$/, "")), hex = []; i < bin.length; ++i) { var tmp = bin.charCodeAt(i).toString(16); if (tmp.length === 1) tmp = "0" + tmp; hex[hex.length] = tmp; } return hex.join(" ");}/*签名方法*/function doSign(str) { var rsaPrivateKey = '-----BEGIN RSA PRIVATE KEY-----*这里是pem**-----END RSA PRIVATE KEY-----'; // initialize var sig = new KJUR.crypto.Signature({"alg": "SHA1withRSA"}); // initialize for signature generation sig.init(KEYUTIL.getKey(rsaPrivateKey)); // rsaPrivateKey of RSAKey object // update data sig.updateString(str); //calculate signature return hexToBase64(sig.sign());}
nodejs api添加验签
// 该路由使用的中间件router.use(function timeLog(req, res, next) { res.set({ 'Content-Type': 'application/json; charset=utf8', 'Access-Control-Allow-Origin': '*', 'Accept-Language': 'zh-CN' }); //这里开始验证签名 const crypto = require('crypto'); const verify = crypto.createVerify('RSA-SHA1'); verify.write(req.body); verify.end(); const publicKey = `-----BEGIN PUBLIC KEY-----...公钥-----END PUBLIC KEY-----`; console.log(req.header("caiqiuNodeSign")); const signature = new Buffer(req.header("caiqiuNodeSign"),'base64'); console.log(verify.verify(publicKey, signature)); //这里结束 next();});
nodejs请求添加签名
/*签名*/ var params = postData+"&caiqr_timestamp="+(Date.now()+"").substr(0,10)+"&caiqr_version=1.1&gzip=0"; console.log(getUrlVars(params)); const privateKey = `-----BEGIN RSA PRIVATE KEY-----***私钥-----END RSA PRIVATE KEY-----`; var crypto = require('crypto'); var sign = crypto.createSign('RSA-SHA1'); sign.write(params); sign.end(); var caiqrSignature = sign.sign(privateKey, 'base64'); console.log(caiqrSignature); request.post({ url: requestUrl, form: getUrlVars(params), headers:{ "Caiqr-Signature":caiqrSignature } }, function (error, response, body) { try { var jsondata = JSON.parse(body); nodeconfig.httpHeadSetting(res); res.end(JSON.stringify(jsondata)); } catch (e) { nodeconfig.httpHeadSetting(res); res.end('{code:100001,resp:["服务器异常"]}'); } finally { } }); }
都是官方提供的代码,除了前端ajax的代码比较难找。
阅读全文
0 0
- 前端ajax请求添加rsa签名,nodejs请求添加签名,nodejs api添加验签
- openssl+前端jsrsa签名+后端nodejs验签
- 签名添加
- RSA签名与验签
- RSA签名与验签
- RSA签名和验签
- NodeJS Ajax请求
- nodejs ajax 请求
- nodejs模仿ajax请求
- RSA加密、解密、签名、验签 DSA签名、验签
- nodejs添加C++模块
- 添加短信签名功能
- AndroidApp添加签名证书
- php实现rsa签名和验签
- RSA签名和验签过程
- iOS RSA加密 签名与验签
- php rsa 加密、解密、签名、验签
- 跨平台rsa签名与验签
- Windows下cmd黑窗口命令及用法
- [笔记]: 线段树
- Integer to Roman
- 调试内存泄漏
- 中兴4g模块me3620拨号
- 前端ajax请求添加rsa签名,nodejs请求添加签名,nodejs api添加验签
- ubuntu下jdk安装
- Gear VR推出移动冒险InMind 2
- NOIP复习范围--思维导图
- 为Python安装机器学习编程库
- 友盟:微信,QQ,新浪微博第三方登录
- THUWC2017 bipartite
- Android 自定义ScrollView嵌套滚动兼容,监听滑动状态:顶部、底部、停止、滑动中
- smoj1710:砖块II (dp套dp)