如何在用 JSEncrypt 加密的 PHP 中解密数据
[英]How to decrypt data in PHP encrypted with JSEncrypt
问题描述
I'm trying to secure communication between a JS front-end and a PHP backend by using symmetric and asymmetric encryption.
我试图通过使用对称和非对称加密来保护 JS 前端和 PHP 后端之间的通信。 I'm creating a symmetric key on the client and encrypting it with the server's public key with JSEncrypt and sending it to the server for future use.我正在客户端上创建一个对称密钥,并使用 JSEncrypt 使用服务器的公钥对其进行加密,然后将其发送到服务器以备将来使用。 However, I'm getting stuck when I get the data on the server side.但是,当我在服务器端获取数据时,我陷入了困境。 openssl_open requires an envelope to decrypt the symmetric key and I'm not even positive what data is supposed to be in the envelope. openssl_open 需要一个信封来解密对称密钥,我什至不确定信封中应该有什么数据。 I was under the impression that the envelope is the symmetric key that was encrypted with the public key, but using that has not worked.我的印象是信封是用公钥加密的对称密钥,但使用它不起作用。 I've also tried different combinations of decoding as I've read that JSEncrypt encodes the message in base 64 and the key in hex, but those attempts are fruitless as well.我还尝试了不同的解码组合,因为我读到 JSEncrypt 将消息以 base 64 编码,密钥以十六进制编码,但这些尝试也毫无结果。
JS encryption code: JS加密代码:
let pub = "-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----";
//I have a function that just creates a random string of characters
let key = generateKey(32);
let aesData = CryptoJS.AES.encrypt( "test", key );
let symKey = aesData.key + ":::" + aesData.iv;
let msg = aesData.toString();
let rsa = new JSEncrypt();
rsa.setPublicKey( pub );
let cryptKey = rsa.encrypt( symKey );
//I'm passing the data through a hidden form field
$("#key").val(cryptKey + ":::" + msg);
PHP decryption code: PHP解密代码:
$key = openssl_get_privatekey( file_get_contents( $_SERVER["PRIV_KEY"]) );
$encryptedKey = explode( ":::", $msg )[0];
$realMsg = base64_decode(explode( ":::", $msg )[1]);
openssl_open($realMsg, $decrypted, $encryptedKey, $key);
return $decrypted;
The code above outputs nothing because the openssl_open call fails (returns false).上面的代码什么都不输出,因为 openssl_open 调用失败(返回 false)。 When I base 64 decode the $encryptedKey variable, I get:当我对 $encryptedKey 变量进行 base 64 解码时,我得到:
�vEi���pΕ��d_���@����욲JE��
but the symmetric key changes every time, so the output changes every time as well.但是对称密钥每次都会改变,因此输出也每次都会改变。 Like I said, I've tried different encoding combinations, but they all return similar nonsense.就像我说的,我尝试了不同的编码组合,但它们都返回类似的废话。 As the JS code shows, I've encrypted the message "test".正如 JS 代码所示,我已经加密了消息“test”。
I've never implemented encryption before, so I might be way off the mark here, but after staring at this code for days, any insight would be appreciated.我以前从未实现过加密,所以我在这里可能会偏离目标,但是在盯着这段代码几天之后,任何见解都将不胜感激。
Edit: I'm having problems decrypting with my private key in PHP, not with the symmetric key编辑:我在用 PHP 中的私钥解密时遇到问题,而不是对称密钥
1 个解决方案
解决方案1
2 2018-02-25 19:16:32
Figured it out!!!弄清楚了!!! So, I found out that PHP has a function to decrypt without needing an envelope called openssl_private_decrypt that uses a private key to decrypt a message.所以,我发现 PHP 有一个解密函数,不需要一个叫做openssl_private_decrypt的信封,它使用私钥来解密消息。 By using that function and base 64 decoding the encrypted key, I am able to decrypt the symmetric key on the server side and will hopefully be able to decrypt the message symmetrically now.通过使用该函数和 base 64 解码加密密钥,我能够在服务器端解密对称密钥,并且希望现在能够对称地解密消息。 For those interested, my code on the server side is:对于那些感兴趣的人,我在服务器端的代码是:
$key = openssl_get_privatekey( file_get_contents( $_SERVER['PRIV_KEY'] ) );
$encryptedKey = base64_decode(explode( ":::", $msg )[0]);
if( openssl_private_decrypt($encryptedKey, $decrypted, $key) )
{
return $decrypted;
}
return $encryptedKey;
And on the client side, my code is the same as it was above.在客户端,我的代码与上面的相同。 Hope this helps someone!希望这可以帮助某人!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.