简体繁体 English

寻求有关 JavaScript RSA 加密的建议

[英]Looking for advice on JavaScript RSA encryption

原文 2011-05-12 10:19:30 6 5 javascript/ rsa/ encryption

I have a need to encrypt data entered by users on a form on the client side.我需要加密用户在客户端表单上输入的数据。 My environment doesn't have ssl encryption, but I have found out that in my case I can achieve a similar result with RSA encryption.我的环境没有 ssl 加密，但我发现在我的情况下，我可以通过 RSA 加密获得类似的结果。 The public key will be used on the client side, and the owner of the private key will later be able to retrieve and decrypt the data.公钥将在客户端使用，私钥的所有者稍后将能够检索和解密数据。

Before I go down that route, I'd like to make sure I haven't overlooked any key issue.在我走这条路之前，我想确保我没有忽视任何关键问题。 So here are a few questions:所以这里有几个问题：

can you recommend JavaScript libraries that do RSA encryption?你能推荐做 RSA 加密的 JavaScript 库吗？
what guarantees that they are reliable?什么保证它们是可靠的？
what are the shortcomings of this technique?这种技术的缺点是什么？ For example a lost message if the user closes the browser too fast?例如，如果用户关闭浏览器太快会丢失消息？

Generally speaking, I'd be interested in any advice on this JavaScript RSA encryption technique.一般来说，我会对有关这种 JavaScript RSA 加密技术的任何建议感兴趣。

Update: the only RSA JavaScript I have found so far is on this page: http://www.ohdave.com/rsa/ Any feedback on that one?更新：到目前为止，我发现的唯一 RSA JavaScript 是在此页面上： http : //www.ohdave.com/rsa/对此有任何反馈吗？

Also, I am ok with encryption other than RSA, if you have any to recommend.另外，如果您有任何推荐，我可以使用 RSA 以外的加密。 My constraint is to have a 100% JavaScript solution.我的限制是要有一个 100% 的 JavaScript 解决方案。

5 个解决方案

This is possible, however it should be pointed out that this is in no way a replacement for TLS - largely because techniques like this offer no enforceable trust or authentication between the client and server;这是可能的，但是应该指出，这绝不是 TLS 的替代品——主要是因为像这样的技术在客户端和服务器之间没有提供可强制执行的信任或身份验证； your script can't verify the the public key embedded within it is your public key, anyone who can get in between you & your client could substitute their own.您的脚本无法验证其中嵌入的公钥是您的公钥，任何可以进入您和您的客户之间的人都可以替换他们自己的。

https://sourceforge.net/projects/pidcrypt/ seems to be gaining popularity. https://sourceforge.net/projects/pidcrypt/似乎越来越受欢迎。 I am evaluating it to be used in our project.我正在评估它以在我们的项目中使用。 Will post update if I managed to use this library.如果我设法使用这个库，将发布更新。

Take a look to asmcrypto.js — there is a lot of crypto algorithms implemented including RSA and it's really damn fast .看看asmcrypto.js — 已经实现了很多加密算法，包括 RSA，而且它真的非常快。

BTW I'm an author and would be glad to get some feedback and answer your questions if any.顺便说一句，我是一名作者，很高兴得到一些反馈并回答您的问题（如果有的话）。

If your javascript environment is secure (eg. https) and you do not have a requirement to support old browser versions Subtle.Crypto can be used to create a good security model.如果您的 javascript 环境是安全的（例如 https）并且您不需要支持旧浏览器版本，则可以使用Subtle.Crypto来创建良好的安全模型。 You will need to understand well what you are doing and how the encryption, signing, key storage, etc will be achieved in your environment.您需要很好地了解您在做什么以及如何在您的环境中实现加密、签名、密钥存储等。 There are many pitfalls to rolling your own.自己动手有很多陷阱。

A good place to start is to consider if you need to distribute individual AES keys for rapid and secure encryption.一个好的起点是考虑是否需要分发单独的 AES 密钥以进行快速和安全的加密。 If so then you may want to use RSA to encrypt and transmit individual AES keys and then use AES for the bulk of your encryption.如果是这样，那么您可能希望使用 RSA 来加密和传输单个 AES 密钥，然后使用 AES 进行大量加密。 Keep signing in mind.记住要签字。 In many cases simply signing a payload so that it can be verified as intact is enough.在许多情况下，只需对有效负载进行签名，以便验证其完好无损就足够了。 It may be unnecessary to hide your data at rest or in transit.可能没有必要隐藏静态或传输中的数据。

https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto

Plain lightweight javascript library crypto4js has implemented RSA encryption.简单的轻量级 javascript 库 crypto4js 已经实现了 RSA 加密。 You can use it https://github.com/atul19971/crypto4js .你可以使用它https://github.com/atul19971/crypto4js 。