javascript - JSEncrypt 到 PHP 非对称加密

问题描述

我正在尝试从客户端到服务器进行非对称加密，客户端拥有公钥，服务器拥有私钥。

在客户端，我在 javascript 中使用 JSEncrypt 来使用我的公钥进行加密。从那里我使用 AJAX 将加密数据发送到我的 PHP 脚本。我尝试用它openssl_private_decrypt()来解密数据，但它总是返回false。我试过告诉它期待不同的填充，即使我确定它是 PKCS1。

有人可以告诉我我做错了什么吗？

以下是所有相关代码：

JAVASCRIPT：

function getpubkey(){ //Gets Public Key from server
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function(){
    if (this.readyState == 4 && this.status == 200){
        pubkey = this.responseText;
    }
};
xmlhttp.open("POST", "PHP/ajax.php", false);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.send("do=getpub");
}


function encryptdata(plaintext){ //Encrypts argument with Public Key
var encrypt = new JSEncrypt();
encrypt.setPublicKey(pubkey);
var encrypted = encrypt.encrypt(plaintext);
return encrypted;
}


function login(){ //Sends login data to server and displays response on page
getpubkey();
var encuser = encryptdata(document.getElementById('username').value);
var encpass = encryptdata(document.getElementById('password').value);
encuser = window.btoa(encuser);
encpass = window.btoa(encpass);
var xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function(){
    if (this.readyState == 4 && this.status == 200){
            document.getElementById('maincontent').innerHTML = this.responseText;
    }
};
xmlhttp.open("POST", "PHP/ajax.php", true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.send("do=login&param1="+encuser+"&param2="+encpass);

}

PHP (ajax.php):

if (!isset($_POST['do'])){
header("Location: ../index.php");
die();
}

$do = $_POST['do'];

if(isset($_POST['param1'])){
$param1 = $_POST['param1'];
}

if(isset($_POST['param2'])){
$param2 = $_POST['param2'];
}


$allow = 1;
require("../KEYS/priv.php"); //Contains $priv which holds the private key
if(openssl_private_decrypt(base64_decode($param1), $username, $priv, OPENSSL_PKCS1_PADDING)){
    $return = $username;
}
else{
    $return = "Decrypt Failed";
}

if(isset($return)){
echo $return;
}

priv.php：

<?php

if (!isset($allow)){
    header("Location: ../index.php");
    die();
}

$priv = "-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAtzAVRzbQWzZi7wjqA/0magqlWQfKJhrfnCuytqwNR0rMKk+h
Gx1c+1YaPsN0ZMdBVWyBWJYWzlCjWOKx1vnYgBb3MPXn1QvGkrv+WtXX3VQRsPjW
tjaAqLYdjP/m64+pVDr54mt4RzNxi1dQ/PRD6TnjdVhLMpftPv1ELTWCl2tyzSTP
3G2LY4dDVstuhzO8+3R9PaIle7CnVZ/2qSSbHVN4Juzn3zSemjRykoZLoV3VLsHU
2Cb3m21tCMWB7BFlChd2cYiXeZamJHaypvK+6ZjQgEN7IYeb4ALOIx50WntOC67S
29qpG1MZ84TF/OLtVTFWFM+buSCvYpPMMSzSqQIDAQABAoIBAFy/7aYW7Luh98mL
O+E1JWP/a+R9+y374UfTIDM5PafhCSpLEwkFfvSKjdNFZwM3l67Gt17A718amPoC
HYT5D1MbTaDugKjvw2S75nbbWuZnEGYIN74eLlo9iwy+7I5MOLG7ApZPT6DNPSoN
1aWdj1zgwHfDcp91KNwBo6k4NJyxIK0xVSvdcnecpndQ611BUicz3mfMUoa+axDg
GROs7IQvEyYMru0E2/lZdURJS1uNg+T3kyBs3zINibwNEFsf8V3e90haWlMjc5MW
nNFTo4KWPoHZCWIsyMPZfinjEk/5+DKdFFIQAY7YWUhjnu23Qc4oRu4hb+vTFXQt
2FCp2nkCgYEA58QY4zeqhkIPVEWFs/lZDcd/GdwL+/0Dmmm6lUvTQpUG/u0njY9n
JOTyvNc+vH3U9FWm3yPKX+HbARC4CMV/x9jU8QIIa0ARcETjh6BQGaEkIReDeXhq
X3kwcdSuhqK9nrmp1ocGeIYFGZPrrofJI+1gODCMtdgqt9pbN+8UJxsCgYEAylel
rpsFSiAx0bBcZ9kCPHYHpR2kdpcv4iOunpPJLJQ+p0KhCdDA1J7LftlNVS1Pg34W
aD3nundbH0D/8B1qnlXvPIDBGOEbnfnKAdf0ti1cznQoBsIzwa56Fcu8MqK9DQXJ
AHkmEIdHjPtXjM7fEEuz4kRLjcdirV2T5+KZNYsCgYBCioqaseDDqzO7fjpk8bIf
wqc7RXIrZvkh3Dk1pA+DjkXz6yLwAbwbW6BVl3brpzT88Zp3dk8kODQomiQ8YHfP
aPG6QFsqb7qSATVSOzTEJv+4gIe+2FOyFZlTFT0GarMGX0fjz+CLue686TtBYLrf
FcgKWeYMT4P0RTzrUjj3AQKBgQCf/Rtg6uwMx1X88dCuv/S3r6+ty7ldl39h9Eq+
0iWwHOtJPzKr2yaNN525h8JQxgnn84tuEvymAHfJR5DW37uMxG/sS/XiYSOADqC+
Qm4YmdeW2ltHtMhNrVKU50nAU9LdeCSNPj1ttjlJ7PY1vOC9Ns5d6xg+W1fXsnUf
VZlErwKBgQCLWkrCqsxjKvWBQIE7DgtF5e2eFuuwIWwPODn3uNR7DCrpy7PyBVAd
TWrKw+Uu0FmVgEiMWlIWjgse58/ZaBHXzqU5ScsibshJU/tacG+M1uqxAcyr+p03
qkSuqbJ6OqUnOWwATrEFLxt5BVnwLlizp9sPggEIJ6mMdOW9J6wONA==
-----END RSA PRIVATE KEY-----";

?>

我的钥匙：

上市：

-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzAVRzbQWzZi7wjqA/0m agqlWQfKJhrfnCuytqwNR0rMKk+hGx1c+1YaPsN0ZMdBVWyBWJYWzlCjWOKx1vnY gBb3MPXn1QvGkrv+WtXX3VQRsPjWtjaAqLYdjP/m64+pVDr54mt4RzNxi1dQ/PRD 6TnjdVhLMpftPv1ELTWCl2tyzSTP3G2LY4dDVstuhzO8+3R9PaIle7CnVZ/2qSSb HVN4Juzn3zSemjRykoZLoV3VLsHU2Cb3m21tCMWB7BFlChd2cYiXeZamJHaypvK+ 6ZjQgEN7IYeb4ALOIx50WntOC67S29qpG1MZ84TF/OLtVTFWFM+buSCvYpPMMSzS qQIDAQAB -----END PUBLIC KEY -----

私人的：

-----BEGIN RSA PRIVATE KEY----- MIIEpAIBAAKCAQEAtzAVRzbQWzZi7wjqA/0magqlWQfKJhrfnCuytqwNR0rMKk+h Gx1c+1YaPsN0ZMdBVWyBWJYWzlCjWOKx1vnYgBb3MPXn1QvGkrv+WtXX3VQRsPjW tjaAqLYdjP/m64+pVDr54mt4RzNxi1dQ/PRD6TnjdVhLMpftPv1ELTWCl2tyzSTP 3G2LY4dDVstuhzO8+3R9PaIle7CnVZ/2qSSbHVN4Juzn3zSemjRykoZLoV3VLsHU 2Cb3m21tCMWB7BFlChd2cYiXeZamJHaypvK+6ZjQgEN7IYeb4ALOIx50WntOC67S 29qpG1MZ84TF/OLtVTFWFM+buSCvYpPMMSzSqQIDAQABAoIBAFy/7aYW7Luh98mL O+E1JWP/ a+R9+y374UfTIDM5PafhCSpLEwkFfvSKjdNFZwM3l67Gt17A718amPoC HYT5D1MbTaDugKjvw2S75nbbWuZnEGYIN74eLlo9iwy+7I5MOLG7ApZPT6DNPSoN 1aWdj1zgwHfDcp91KNwBo6k4NJyxIK0xVSvdcnecpndQ611BUicz3mfMUoa+axDg GROs7IQvEyYMru0E2/lZdURJS1uNg+T3kyBs3zINibwNEFsf8V3e90haWlMjc5MW nNFTo4KWPoHZCWIsyMPZfinjEk/5+DKdFFIQAY7YWUhjnu23Qc4oRu4hb+vTFXQt 2FCp2nkCgYEA58QY4zeqhkIPVEWFs/lZDcd/GdwL+/0Dmmm6lUvTQpUG/u0njY9nJOTyvNc+vH3U9FWm3yPKX+HbARC4CMV/x9jU8QIIa0ARcETjh6BQGaEkIReDeXhq X3kwcdSuhqK9nrmp1ocGeIYFGZPrrofJI+1gODCMtdgqt9pbN+8UJxsCgYEAylel rpsFSiAx0bBcZ9kCPHYHpR2kdpcv4iOunpPJLJQ+p0KhCdDA1J7LftlNVS1Pg34W aD3nundbH0D/8B1qnlXvPIDBGOEbnfnKAdf0ti1cznQoBsIzwa56Fcu8MqK9DQXJ AHkmEIdHjPtXjM7fEEuz4kRLjcdirV2T5+KZNYsCgYBCioqaseDDqzO7fjpk8bIf wqc7RXIrZvkh3Dk1pA+DjkXz6yLwAbwbW6BVl3brpzT88Zp3dk8kODQomiQ8YHfP aPG6QFsqb7qSATVSOzTEJv+4gIe+2FOyFZlTFT0GarMGX0fjz+CLue686TtBYLrf FcgKWeYMT4P0RTzrUjj3AQKBgQCf/Rtg6uwMx1X88dCuv/S3r6+ty7ldl39h9Eq+ 0iWwHOtJPzKr2yaNN525h8JQxgnn84tuEvymAHfJR5DW37uMxG/sS/XiYSOADqC+ Qm4YmdeW2ltHtMhNrVKU50nAU9LdeCSNPj1ttjlJ7PY1vOC9Ns5d6xg+W1fXsnUf VZlErwKBgQCLWkrCqsxjKvWBQIE7DgtF5e2eFuuwIWwPODn3uNR7DCrpy7PyBVAd TWrKw+Uu0FmVgEiMWlIWjgse58 /ZaBHXzqU5ScsibshJU/tacG+M1uqxAcyr+p03qkSuqbJ6OqUnOWwATrEFLxt5BVnwLlizp9sPggEIJ6mMdOW9J6wONA== -----结束 RSA 私钥-----

标签： javascriptphpencryptionencryption-asymmetricjsencrypt