stackoom
  简体   繁体   中英

encrypt in php then decrypt in javascript with same key

 原文  2010-11-20 03:10:50       php/ javascript/ encryption/ key

Question

problem: I need php to encrypt using a key then javascript decrypt with same key

reason: trying to encrypt 99% of my javascript in my adobe air app.

what I have so far is this: after purchase and download on the first run of the program the client sends server its mac address. Then php uses mac address to encrypt a txt file that is really a html file with all the javscript (basically the rest of the program) this is then stored client side. no further internet connection will be needed to run the program. On each startup the not encypted javascript will decode the stored file using the mac address and then display it by way of htmlLoader.loadString this way each copy of the program issued will be married to its machine and that machine only. will not open on other machines. I know its crackable but its enough for me. All is tested and working except the encryption method.

I have found ways to encrypt/decrypt in both javascript and php but without a key. The key is the key...

many thanks in advance.

2 answers

solution1
 0  2010-11-20 03:26:06

You will love RSA: http://en.wikipedia.org/wiki/RSA .

A quick Google search also yielded a problem that is almost exactly the same as yours: http://www.sematopia.com/2008/10/rsa-encrypting-in-javascript-and-decrypting-in-php/ .

Basically, you want to do something that derives a public key from a MAC address, as it's the only shared piece of information. This is really easy to crack (all an attacker needs is the MAC address of the client, which is insanely easy to obtain if they are using WiFi, and the address remains virtually static), though.

solution2
 0  2010-11-20 04:47:10

well not just 'a' key it will be the only key for that document. This is an offline program and each download is encrypted just for that computer. yes an attacker that has a valid copy of the program can extract the info. If its an invalid copy on another computer then the mac address will not work. This is not to protect during download, it is to make it not possible for the non code reading user to copy the program to another computer, which is enough security for this project. No point trying to protect a program from the same people we get advise from on these forums. If info is extracted and the code rewritten to run it it will be quickly outdated. On program update the the same method is used and the given mac address will be verified server side and only allowed maybe 2 of the exact same update. But thanks for the info on RSA i am about to try it out

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question PHP-Javascript Encrypt and Decrypt using the same secret key Encrypt on PHP and Decrypt on Javascript Encrypt and decrypt with the same private key? Encrypt and decrypt a license key in PHP php encrypt decrypt with key in database Simple Javascript encrypt, PHP decrypt with shared secret key Encrypt in Javascript, decrypt in PHP, using public-key cryptography Encrypt in Javascript with SJCL and decrypt in PHP Encrypt with PHP, Decrypt with Javascript (cryptojs) JSON decrypt in JavaScript encrypt in PHP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM