javascript中的RSA加密和Java中的解密
[英]RSA Encryption in javascript and Decryption in Java
问题描述
I have an application that has frontend as HTML, Javascript, and backend as Java, I need to use RSA to send passwords and sensitive stuff. 
我有一个应用程序,前端为HTML,Javascript和后端作为Java,我需要使用RSA发送密码和敏感的东西。 I'm using JSEncrpt in javascript and Bouncy castle in java. 我在javascript中使用JSEncrpt,在java中使用Bouncy castle。 I need to know how can I manage keys . 我需要知道如何管理密钥 。 If I create keys dynamically in javascript how can I send private key to my backend or vice-versa. 如果我在javascript中动态创建密钥,我如何将私钥发送到我的后端,反之亦然。 My javascript code is visible to user storing private key in javascript is not an option. 我的javascript代码是可见的,用户在javascript中存储私钥不是一个选项。
Javascript code: Javascript代码:
var text = "Hello World";
var privkey="MIICdQIB..........";
var pubkey="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvFZQtGLPQKV0h....";
var encrypt = new JSEncrypt();
encrypt.setPublicKey(pubkey);
var ciphertext = encrypt.encrypt(text);
console.log("ciphertext : " + base64ToHex(ciphertext));
var decrypt = new JSEncrypt();
decrypt.setPrivateKey(privkey);
var plaintext = decrypt.decrypt(hexToBase64(cipher));
console.log("plaintext : " + plaintext);
and for java code see example on : http://www.mysamplecode.com/2011/08/java-rsa-encrypt-string-using-bouncy.html 对于java代码,请参阅示例: http : //www.mysamplecode.com/2011/08/java-rsa-encrypt-string-using-bouncy.html
1 个解决方案
解决方案1
0 2018-07-30 10:56:07
and for java code see example on : http://www.mysamplecode.com/2011/08/java-rsa-encrypt-string-using-bouncy.html
Please note this example is wrong from usability perspective. 请注意这个例子从可用性的角度来看是错误的。 RSA itself is inteded to encrypt small piece of information (such as keys for symmetric encryption), not any longer/larger data. RSA本身打算加密小块信息(例如用于对称加密的密钥),而不是任何更长/更大的数据。 Have a look at hybrid cryptosystem . 看看混合密码系统 。 And when using older PKCS1.5 padding the encrypted data need to have high entropy. 当使用较旧的PKCS1.5填充时,加密数据需要具有高熵。 So - do not use RSA with data themselves, rather use hybrid cryptosystem (most of the high level libraries will do that). 所以 - 不要将RSA与数据本身一起使用,而是使用混合密码系统(大多数高级库都会这样做)。
I need double encryption
It adds up complexity, but not necessary security. 它增加了复杂性,但没有必要的安全性。
You'd need encrypt data outside TLS (https) only when you intend to store or resend the data encrypted. 只有在打算存储或重新发送加密数据时,才需要在TLS(https)之外加密数据。 Maybe you do, just we don't see any justification. 也许你这样做,只是我们没有看到任何理由。
The issue is - RSA is intended ensure integrity and confidentiality of data. 问题是 - RSA旨在确保数据的完整性和机密性。 TLS (based on RSA or eliptic curves) as well protects against the MIM (man in the middle) attack. TLS(基于RSA或eliptic曲线)也可以防御MIM(中间人)攻击。 If you randomly generate the keys without checking possibility to validate the identity (using certificate authority), the MIM (behind TLS) is feasible. 如果您随机生成密钥而不检查验证身份的可能性(使用证书颁发机构),则MIM(在TLS之后)是可行的。
I need to know how can I manage keys.
In asymmetric encryption (RSA) the sender needs only target's public key to encrypt data. 在非对称加密(RSA)中,发送方只需要目标的公钥来加密数据。 And to have security complete, the target needs sender's public key to validate signature (if the message is signed) 为了安全性完成,目标需要发件人的公钥来验证签名(如果邮件已签名)
Basically you can generate a random (symmetric) encryption key and encrypt the key with RSA. 基本上,您可以生成随机(对称)加密密钥并使用RSA加密密钥。 Then the client could send the IV (salt, used with symmetric encryption), RSA encrypted symmetric key, encrypted data (with the symmetric encryption key) and MAC (message authentication code - hash and signature) to other side. 然后,客户端可以向另一方发送IV(盐,用于对称加密),RSA加密对称密钥,加密数据(带有对称加密密钥)和MAC(消息认证码 - 散列和签名)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.