简体繁体 English

从javascript应用程序发送和接收加密数据

[英]Sending and receiving encrypted data from a javascript app

原文 2013-03-11 16:54:54 3 2 javascript/ encryption

I have an interactive html5 app that let's people customize products on the client-side. 我有一个交互式html5应用程序，让人们在客户端定制产品。 As a user is customizing, the price updates based on individual component prices. 当用户定制时，价格会根据单个组件价格进行更新。

Once this is done, the person hits checkout, I send the customization to the server, and the server takes over the checkout process. 完成此操作后，此人将结帐，我将自定义发送到服务器，服务器将接管结帐流程。

Obviously sending price data to the server is pointless, since anyone could spoof the POST data. 显然，将价格数据发送到服务器是没有意义的，因为任何人都可以欺骗POST数据。 So, I tried writing a server side script that will regenerate the price according to the components selected (sent to the server with the customization data), and show that on checkout instead. 因此，我尝试编写服务器端脚本，根据所选组件（使用自定义数据发送到服务器）重新生成价格，并在结帐时显示。 However, the server side calculation is proving very difficult, due to complex customizations offered; 但是，由于提供的复杂定制，服务器端计算非常困难; and it seems like I have to rewrite the entire client-side customization logic on the server-side (which is a lot of work). 似乎我必须在服务器端重写整个客户端自定义逻辑（这是很多工作）。

Before I continue writing the server-side script I wanted to know if it is at all possible to send the price data to the server in a way (asymmetric key auth perhaps) that cannot be spoofed? 在我继续编写服务器端脚本之前，我想知道是否可以以某种方式（可能是非对称密钥auth）将价格数据发送到服务器而不能被欺骗？

2 个解决方案

You should never never never trust client-side code. 您永远不应该永远不会信任客户端代码。 If you want to spare yourself the headache of rewriting your client-side code, you could just put the relevant JavaScript on the server and call it from your server code (Not that I'm suggesting you should do that). 如果您想省去重写客户端代码的麻烦，您可以将相关的JavaScript放在服务器上并从服务器代码中调用它（不是我建议您应该这样做）。 Another thing I would recommend doing is recalculating the price based on the contents of a full postback once the user is done with their customization, and then displaying the recalculated price to the user in order to allow them to confirm it. 我建议做的另一件事是在用户完成自定义后，根据完整回发的内容重新计算价格，然后向用户显示重新计算的价格，以便他们确认。 That way if any client-side shenanigans have occurred, the user will get the real price anyway, and I'm sure that if it differs even slightly from the previous price, your support people will hear all about it. 这样，如果发生任何客户端恶作剧，用户无论如何都会得到真正的价格，而且我确信如果它与之前的价格略有不同，那么你的支持人员会听到所有关于它的信息。

Never trust the information clients send you. 永远不要相信客户发送给您的信息。

To answer your question, it is possible to use encryption to send data from the client to the server. 要回答您的问题，可以使用加密将数据从客户端发送到服务器。 However, the problem here is the data being encrypted can be modified even before the encryption. 但是，这里的问题是即使在加密之前也可以修改加密的数据。 So, encryption is not really the solution. 因此，加密并不是真正的解决方案。 The client might modify the data before encryption and the server will not know this if there are no server-side checking. 客户端可能在加密之前修改数据，如果没有服务器端检查，服务器将不知道这一点。

Even with public-private key encryption, this will still be unsafe. 即使使用公钥 - 私钥加密，这仍然是不安全的。 There will only be an assurance that your data will not be tampered from the user to the server. 只能保证您的数据不会从用户篡改到服务器。 It cannot be spoofed by third parties but your user can spoof it, thereby making the encryption pointless. 它不能被第三方欺骗，但您的用户可以欺骗它，从而使加密毫无意义。 So, do not trust the user to send you valid legitimate information. 因此， 不要相信用户向您发送有效的合法信息。

You should really double check everything in the server. 你应该仔细检查服务器中的所有内容。 And you will not need encryption unless privacy is an issue (which probably is based on your description). 除非隐私是一个问题（可能基于您的描述），否则您不需要加密。 This can easily be solved by using https. 这可以通过使用https轻松解决。

The client-side javascript you created can serve as immediate feedback to the users, they see prices as they make changes to the forms. 您创建的客户端JavaScript可以作为对用户的即时反馈，他们会在对表单进行更改时看到价格。 This is good because they do not need to wait for the server to process the information, which the server should upon submission of the form. 这很好，因为他们不需要等待服务器处理信息，服务器在提交表单时应该这样做。