jcrypt替换为mcrypt_encrypt
[英]javascript alternative to mcrypt_encrypt
问题描述
i am trying to find out is there a javascript library out there that gives functionality for mcrypt_encrypt in php. 
我试图找出是否有一个javascript库,为PHP中的mcrypt_encrypt提供功能。
I am writing a function to access my api using javascript. 我正在编写一个函数来使用javascript访问我的api。 i always encrypt and encode my parameters. 我总是加密和编码我的参数。 This is the method i would like to have a js version of. 这是我希望有一个js版本的方法。
public function sendRequest($request_params)
{
//encrypt the request parameters
$enc_request = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->_app_key, json_encode($request_params), MCRYPT_MODE_ECB));
//create the params array, which will
//be the POST parameters
$params = array();
$params['enc_request'] = $enc_request;
$params['app_id'] = $this->_app_id;
//initialize and setup the curl handler
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->_api_url);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//execute the request
$result = curl_exec($ch);
//json_decode the result
$result = @json_decode($result);
//if everything went great, return the data
return $result;
}
This is the jquery version of the above request ive come up with but it always returns an invalid request. 这是我提出的上述请求的jquery版本,但它总是返回一个无效的请求。 meaning the API fails to decrypt the request 意味着API无法解密请求
var queryAPI = function (request_object,callback)
{
var app_key = 'sdffkjhdsjfhsdjkfhsdkj';
var app_secret = 'hfszdhfkjzxjkcxzkjb';
var app_url = 'http://www.veepiz.com/api/jsonp.php';
var enc_request = $.toJSON(request_object);
var ciphertext =encode64(Crypto.AES.encrypt(enc_request, app_secret, { mode: new Crypto.mode.ECB }));
$.post(app_url,{'app_id':app_key,'enc_request':ciphertext},
function (data)
{
console.log(data);
},'jsonp');
}
here is how i run the above function 这是我如何运行上述功能
var request={'controller':'user','action':'login','emailaddress':email,'password':pass};
queryAPI(request,function (d){console.log(d);});
on the server side api, here is how php decrypts the request 在服务器端api,这是php如何解密请求
$params = json_decode(trim(mcrypt_decrypt( MCRYPT_RIJNDAEL_256, $app_secret, base64_decode( urldecode( $enc_request )), MCRYPT_MODE_ECB )));
//check if the request is valid by checking if it's an array and looking for the controller and action
if( $params == false || isset($params->controller) == false || isset($params->action) == false ) {
$result['success'] = 0;
$result['errormsg'] = "Request is not valid! ";
//echo the result of the API call
header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Content-type: application/javascript');
$result=json_encode($result);
# JSON if no callback
if( ! isset($_GET['callback']))
exit( $result );
# JSONP if valid callback
if(is_valid_callback($_GET['callback']))
exit( "{$_GET['callback']}($result)" );
# Otherwise, bad request
header('Status: 400 Bad Request', true, 400);
}
2 个解决方案
解决方案1
1 2012-03-02 11:31:56
解决方案2
0 2012-03-03 09:31:15
ok i solved this with AES and i found out to always(serverside) urldecode($enc_request) as base64 '=' would alter when posted to the url. 好吧,我用AES解决了这个问题,我发现总是(serverside)urldecode($ enc_request),因为base64'='会在发布到url时发生变化。 The tutorial i used is here JavaScript and PHP Encryption – The Secret Handshake 我使用的教程是JavaScript和PHP加密 - 秘密握手
apparently my problem was being brought up by a problematic encode64() javascript function that returned an invalid base64 string 显然我的问题是由一个有问题的encode64()javascript函数提出来的,它返回了一个无效的base64字符串
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.