RSA 加解密的例子,JS加密--php解密
来源:互联网 发布:淘宝买ipad可靠吗 编辑:程序博客网 时间:2024/04/28 20:13
在网上找到一个很好的RSA 加解密的例子:其中JS用的库在 https://github.com/ziyan/javascript-rsa 上能找到(要用到的加解密库文件有jsbn.js jsbn2.js sha1.js rsa.js 记得加上jsbn2.js不然会出错的)完整的例子上面也有,可以下载。下面粘贴一下例子:
login.html
<html><head><meta content="text/html; charset=utf-8" http-equiv="Content-Type" /><title>Javascript RSA - Login Test</title><script type="text/javascript" src="jsbn.js"></script><script type="text/javascript" src="rsa.js"></script><script type="text/javascript" src="sha1.js"></script><script type="text/javascript" src="jsbn2.js"></script><script type="text/javascript">var $pem = "-----BEGIN PUBLIC KEY-----MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMYQWDqtLgDKlQvWzacGeBMQpbicd/uoXAvgLNpFZLM7zuYFDhrYncRsl8LIHK0K3f7e1aFmUVgM4LrKU2WFIw0CAwEAAQ==-----END PUBLIC KEY-----";var $key = RSA.getPublicKey($pem);function assemble() {var password_field = document.getElementById("password");var data_field = document.getElementById("data");data_field.value=sha1(password_field.value) + (new Date().getTime());}function encrypt() {var login_field = document.getElementById("login");var data_field = document.getElementById("data");login_field.value=RSA.encrypt(data_field.value, $key);}</script></head><body><h1>Javascript RSA - Login Test</h1>This test is an example to perform user login using javascript RSA. <br/><ol><li>The user type in E-mail as username and a password.</li><li>The client-side javascript hashes the password using SHA-1.</li><li>The client-side javascript attach a timestamp to the end of the hash.</li><li>The client-side javascript encrypt the whole thing with the RSA public key.</li><li>The browser submits the encrypted data.</li></ol><strong>For testing purpose, the credential to login is any E-mail with the password "test".</strong><br/><br/><form action="login.php" method="post">Email:<br/><input name="email" type="text" size="40"/><br/>Password:<br/><input id="password" type="password" size="40"/><br/><input type="button" onclick="assemble()" value="1. Assemble"/><br/><textarea id="data" cols="50" rows="2"></textarea><br/><input type="button" onclick="encrypt()" value="2. Encrypt"/><br/><textarea id="login" name="login" cols="50" rows="10"></textarea><br/><input name="submit" type="submit" value="3. Login" size="10"/></form></body></html>
login.php
login.php<html><head><meta content="text/html; charset=utf-8" http-equiv="Content-Type" /><title>Javascript RSA - Login Test</title></head><body><?phpdefine("KEY_PUBLIC", "-----BEGIN PUBLIC KEY-----MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAMYQWDqtLgDKlQvWzacGeBMQpbicd/uoXAvgLNpFZLM7zuYFDhrYncRsl8LIHK0K3f7e1aFmUVgM4LrKU2WFIw0CAwEAAQ==-----END PUBLIC KEY-----");define("KEY_PRIVATE", "-----BEGIN RSA PRIVATE KEY-----Proc-Type: 4,ENCRYPTEDDEK-Info: DES-EDE3-CBC,2BE9EB9BD7712C2BFQ9nRtev8hFY+FXkbnH2qBdg7+cD4x759C5c+5PhwWAVccOA4nvtBnE4AUT1bC+Hr/viTPzL5M0vFbAfpOPeUVfuCYXmAxFwcW+pn++UtlNezMtWqZdGPSPc86OqtChEPjZ5rNBhjTAY7xXX2n+jbZSq8M2LSWyM4gy3Oj8QMnKwdGNWeM/E/4uYyMr5V3Eb7KveReWJnZ3r3mF7uWJYCjABRzVF8k5sn86FpRn6pLWRHigkpiyNGF7acJMRqaSYRUIrVf5xclLloUoSuEAe8HSdTH7oxl3vqf8byedqzuWyAxCFWRNr2e+TJ79f1XPJm9vLhWhm1BWM3OiB8iw2MkaTx/RCEf31O3cgNG3bcW/uIZrvdV0xRhHsjk0HNFNIQOEcS73avo2o4ncPJpxLGqg+a0ERtRhFRp0JdgwCxl8=-----END RSA PRIVATE KEY-----");define("KEY_PASSPHRASE", "testkey");define("TEST_PASSWORD", "test");function login($email, $login) { // decrypt argument if(!openssl_private_decrypt($login, $login, openssl_pkey_get_private(KEY_PRIVATE,KEY_PASSPHRASE))) { echo "Failed to decrypt message.\n"; return false; } // expecting sha1password+timestamp if(strlen($login)<44) return false; // extract password $password = substr($login,0,40); // extract stamp, stamp has milliseconds and is bigger than int $stamp = substr($login,40); // extract timestamp, timestamp is in seconds, and is an int $timestamp = substr($stamp,0,strlen($stamp)-3); if(!is_numeric($timestamp)) return false; // check timestamp if(abs(time() - (int)$timestamp) > 300) { echo "Timestamp expired. Client and server times may be out of sync.\n"; return false; } // construct stamp //$stamp = "user.login.".sha1($email).".".$stamp; // take a note of the stamp, each unique stamp can only be used once //if($memcache->get($stamp) != NULL) return false; //$memcache->set($stamp,1,USER_LOGIN_TIMESTAMP_TTL); // connect to db and check password // check password if (pack("H*",$password)!=pack("H*",sha1(TEST_PASSWORD))) { echo "Password incorrect.\n"; return false; } return true;}?><h1>Javascript RSA - Login Test</h1>This test is an example to perform user login using javascript RSA. <br/><ol><li>Once the encrypted data is received, the server side decrypt using private key.</li><li>The message is separated into two parts, the hash and the timestamp.</li><li>The timestamp is checked to make sure the request is made in recent time. Set to allow up to 30 second difference.</li><li>The timestamp is recorded to make sure no single timestamp is repeated for a user.</li><li>The password hash is compared to the hash in the database.</li></ol>For testing purpose, the credential to login is any E-mail with the password "test".<br/>No database connection is made in this test. A hardcoded check is used. <br/>Also the duplicate timestamp check is by-passed since it requires the presence of a memcached server.<br/>The result is displayed:<br/><pre><?php $email = $_REQUEST["email"]; $login = base64_decode($_REQUEST["login"]); if(login($email, $login)) echo "login succeeded!"; else echo "login failed!";?></pre>The source code for this php file is available <a href="login.txt">here</a>.</body></html>
另外2个可以参考的例子的链接,都很值得一看:
http://blog.csdn.net/linvo/article/details/5666975
http://stackoverflow.com/questions/610048/rsa-encryption-decryption-compatible-with-javascript-and-php
0 0
- RSA 加解密的例子,JS加密--php解密
- rsa加解密,js加密,php解密
- PHP JS RSA 加解密
- RSA加密/解密例子
- 加密解密算法java实现(5)—RSA 加解密的例子
- 加密解密算法java实现(6)—RSA 分段加解密的例子
- php,js RSA加解密密码
- JS与PHP互通的RSA加解密
- PHP--RSA加密解密
- php rsa加密解密
- Java 进行 RSA 加解密的例子
- Java 进行 RSA 加解密的例子
- php的RSA加密解密算法
- PHP的学习--RSA加密解密
- PHP的AES/RSA加密解密算法
- js的RSA和AES加密解密
- PHP RSA加解密示例
- PHP RSA加解密示例
- verilog入门经验(二)--分频及counter的巧用
- MySql安装每次出现startService问题
- SVN:One or more files are in a conflicted state
- globk通常的应用(转)
- vim以指定格式打开文件
- RSA 加解密的例子,JS加密--php解密
- 【QT‘】 Object::connect: No such signal
- MVC模式--背包拖拽(一)
- 户口从海峡人才迁入到厦门人才
- 守护进程
- Get free FIFA coins from wager matches.
- stm32.cube(六)——HAL.FLASH
- 每天进步一点点——linux——cp
- 在web上创建可视化的交互式数据javascript框架-JavaScript InfoVis Toolkit