Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/javascript/421.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Javascript 使用CryptoJS解密openssl_seal中的密文_Javascript_Php_Openssl_Cryptography_Cryptojs - Fatal编程技术网
Fatal编程技术网
  • javascript/
  • Javascript 使用CryptoJS解密openssl_seal中的密文

Javascript 使用CryptoJS解密openssl_seal中的密文

javascript php openssl cryptography

Javascript 使用CryptoJS解密openssl_seal中的密文,javascript,php,openssl,cryptography,cryptojs,Javascript,Php,Openssl,Cryptography,Cryptojs,我需要用PHP使用公钥对消息进行编码,用javascript使用私钥对消息进行解码 这是测试代码: <?php $message = 'sevenflash'; $public_key = openssl_get_publickey(file_get_contents('pubkey.pem')); $encrypted = $e = NULL; openssl_seal($message, $encrypted, $e, array($public_key)); $sealed_d

我需要用PHP使用公钥对消息进行编码,用javascript使用私钥对消息进行解码

这是测试代码:

<?php
$message = 'sevenflash';

$public_key = openssl_get_publickey(file_get_contents('pubkey.pem'));

$encrypted = $e = NULL;
openssl_seal($message, $encrypted, $e, array($public_key));

$sealed_data = base64_encode($encrypted);
$envelope = base64_encode($e[0]);

$unsealed = null;
openssl_open(base64_decode($sealed_data), $unsealed, base64_decode($envelope), file_get_contents('privatekey.pem'));
echo $unsealed; // This is sevenflash

$embed = "<script>var encrypted = '$sealed_data'; var envelope = '$envelope'; </script>";
?>
<html>
<head>
    <script type="text/javascript" src="rc4.js"></script>
    <script type="text/javascript" src="enc-base64.js"></script>
    <script type="text/javascript" src="jsencrypt/bin/jsencrypt.js"></script>
    <?php echo $embed; ?>
    <script>
        var private_key = `...`;

        var crypt = new JSEncrypt();
        crypt.setPrivateKey(private_key);
        var theKey = crypt.decrypt(envelope);

        var decrypted = CryptoJS.RC4.decrypt(encrypted, theKey);
        console.log(decrypted.toString()); // This must be sevenflash, but this is 696a2b0440220d69e8c3
    </script>
</head>
<body>

</body>
</html>

CryptoJS解密需要一个
CipherParams
对象代替密文,一个
WordArray
代替密钥。如果您将密钥作为字符串传递,那么它将假定它是密码,并尝试从MD5和不存在的salt中派生密钥

尝试分析所有内容:


var decrypted = CryptoJS.RC4.decrypt({
    ciphertext: CryptoJS.enc.Base64.parse(encrypted)
}, CryptoJS.enc.Latin1.parse(theKey));


JSEncrypt从
crypt.decrypt()
函数返回一个“普通字符串”,这意味着必须使用拉丁语1或UTF-8编码对其进行解析。

但我无法使它与JSEncrypt一起工作,因此我使用了:

默认情况下,CrypoJS'
.toString()
返回十六进制编码的版本。您可以覆盖它以获取文本数据:


console.log(decrypted.toString(CryptoJS.enc.Utf8));




var private_key=`----开始RSA私钥-----
MIIEpAIBAAKCAQEAx1u1OPc+KT1vmLea4ro0VtdiQa9Pj7oFMF04uIPKb5BEuN6w
rHj3dQkdoeT3vWZaR/eAOnxSIgl4PwNm9C6AeW5vHAq/4XFP4FZBTBFQCM3H6TT
m8FxmuTZQVr+Kgrkgiob/C5+bWHhD+RFUNAW8CGNVMHHD4ATXCVIMUHYLCSKX
YOWng9aRO5kAvDx0KXyZ60YsJJwUouPat/vBdoHljRZhzOb7KHSek4yd//0zBmBW
3y9z+KG8WRPGEOCUTTGE14QBGH/EGHRP9QAHFGV4A9KFD77S0SPU7UZMFZBUYIT5
Dhtcact4SJuJz2617I1gujGe51j5Oyex70hoEQIDAQABAoIBACJl5IMLxiH/g73q
EEOGTXK2ELG0UHMMKZAHYRXORQ+3dy4L+VSG4AILOA8PZJ68QDWR6PPX6WVZUX
TpZbX7eUIn/IKWUPMIGPRQU4WUQWYCAU7YASEXDR7KEG7YQKZ7TXDYROBCVZ6R
BSYEAC9BEAGXGIAR8RKWHRBQMKX5KOX+3NOPN2VREQWTSP5BEBMNC/2u3k3BfIW
5ucgaYlbrzfYULx2DZdBEuBtourE0yQePxNvTDd6tjcSnH/G/pZdy9GXamvgbIRH
5YCzO9gaiEzRgbddX96AHNXK7LmmSOvX4mdzjmkNb4yKud8+/fpX9fa4sIzKBMuB
15rdfzECgYEA/58+QBU2RJME5QA6UMQYTZF7AVLK2ZFFBS6LT/ItnlQ283sKaHS
VKZJMVVVQ7HJBVFJJ6AUAWZZ9XHOJBDPVKWVHGZFNDX7IA6CTH9Q0CQ8KSMHVBD
SSEKLWK5OCXBD8DIVCLX8HRR13WBHK+L9Ct4/4+/2kA9bnsJKi92cCgYEAx6cr
A8faHUdIHSo01S8bRijCOVLKNXuOsgqVxe05RrcqJI/QPAHTFPVM1RUB97SQ9PW
Eqanrwoonmogvwzmk3hk6mlskfbpehclqgvtsrlp4mil9e06pqw6fmuxfrk/5
FCws84vyijzt4/qvh1tXJoX7+XSSA82V86WJ0CCGYEA0FHSVJ3Z/5cSI4dlVUM/
GDDQMJSZ8VBBKI4A6WFQ6A9PQD5OxOAG7ORUFTAHXTA8LK6A7YV2UNG7FJ9YH1L
+7 OPE5E0QNRPF/RA82UEhJhovKNT+koFUY2Z68hTyVz+jcQHcOAdrQu5akPiC1aS
hLwe/M5z+a96B0caAGkEOvECgYEAkOM3zB6Uovq/0qp2fN8ao+egS4lRRU7NV1dn
Kapmfohmddkuc8gkaw6d+vyjtzwVCa26kinpFl6xvJadlP5FRBQ46Wf4tFlcOHs
q9NxQ2kVUNCRuTlMz760ej6npq4gQ0e2MnV8iaHd+YQN/4xFJA2BQVFCDAUR1LOG
HoeS+Lecgyasjhctnqueqvxo2cdjq1da3ug/P3c0Eg5DyrB7w7Fwtq/eeSsZOf
R1et6S+ARAEFCLX2VEF9CK4HCTESNZRZJ4I5HB4Y//B1og777H/jrT7H1NZfU11
Iwly+S/SlgTR9BrXCJsfenslolp/rMgiD2G8sky5yFRmrDB7qj8/Nw==
-----结束RSA私钥------`;
var encrypted='E+moZJOeVuxgsg==';风险值包络='LMJqdAu+FVPVKLGBORQLWKY/S/56KHENT528K2D0LUDZL7Nymsgycrto5BD4W17OH6HYC+0yg/‌​Ws+GQPIIWIMCQZE1KQY+1+UVH4Gr1OLT2CGEUDID09DDQVSXI0VCYYQXYXWZIQVD2JUN1A0H1QHWC4‌​LinzkJSP6HuhH+D52eEcXep5H4cjjy62rgGIR5YyQO/RBXuYYBBRSgmeniFjY9FbR8AaBkhcCVYeBH28u‌​Bi0dx27hPQ0yVlVWrG3KuR2i441Ruhb4J+AOnr+K1uIMT+rnk8Th8eTTc/E1CSRZO9GASFEYK8MJDWFQ‌​2/FJ5Qnp9uHl1aN/1RSg==';
var privateKey=forge.pki.privateKeyFromPem(私钥);
var theKey=privateKey.decrypt(forge.util.decode64(信封),'RSAES-PKCS1-V1_5');
var decrypted=CryptoJS.RC4.decrypt({
密文:CryptoJS.enc.Base64.parse(加密)
},CryptoJS.enc.Latin1.parse(theKey));
log(decrypted.toString(CryptoJS.enc.Utf8))



通过浏览器加载JS中的私钥?如果私钥对每个人都可见,那么做什么有什么意义?你不认为PHP应该有私钥,JS应该有公钥吗?客户端有一个带有私钥和公钥的证书。公钥发送到服务器。服务器为客户端加密消息并将其保存到数据库。客户端接收消息并使用私钥解密此消息。此私钥将从存储在客户端的.pem文件中检索。为什么每个人都可以看到这个密钥?@N.B.我猜OP想说私钥是硬编码的,用于测试目的,但一旦加密和解密工作正常,它将严格保存在客户端(例如localStorage)。错误:格式错误的UTF-8数据您能提供一个私钥和密文示例吗?我想试试看[事实上,openssl_open在测试代码中使用这个密钥就可以正常工作。我明天会研究它。你能展示一些示例
加密的
信封
值吗?var encrypted='E+moZJOeVuxgsg==';var envelope='LMJqdAu+FVPxVpVkLgBOrqLWkY/S/56khetnt528k2d0ludzl7nymsgycrto5bd4w17oh6tothyc+0yg/Ws+gqpiicqze1kkkkkkqy+1+1+uvh4gr12cgdidd09DDQVSXI0VCYYYYQXYXWZIQVD2JUN1A0H1QHWC4LINZKJSP6HUHH+D52eEcXep5H4cjjy62rgGIR5YyQO/RBXUYBBRSGMENIFJY9FBR8AABKHCCVYEBH2UBI0DX27HPQ0YVLVRG3KUR2I441RUHB4J+AOnr+K1uIMT+rnk8Th8eTTc/E1CSRZO9GASFEYK8MWFQ2/FJ5Qnp9uHl1aN/1RSg=';

console.log(decrypted.toString(CryptoJS.enc.Utf8));