场景:
前端传递敏感数据,为了不让黑客容易破解,需要对前端传递过来的数据进行加密,后端进行解密
原理
前端公钥加密,后端私钥解密
步骤
1、查看公钥和私钥
2、实例化JSEncrypt
<input type="hidden" id="public_key" value="私钥串"
<scirpt >
pub_key = $('#public_key').val();
var js_encrypt = new JSEncrypt();
//初始化公钥
js_encrypt.setPublicKey(pub_key);
//加密
parameter = '{"type":"'+type+'", "username": "'+username+'", "mobile": "'+mobile+'", "password": "'+password+'", "captcha": "'+captcha+'"}';
enData = js_encrypt.encrypt(parameter);
$.ajax({
url: "index.php",//当前ajax请求的地址
type: 'post',//请求的方式
async: true,//是否异步 默认为异步
data: {param:enData},//当前ajax请求的参数
dataType: "json",
success: function (data) {//发送成功时的代码执行
}
});
</script>
4、服务端解密
<?php
/**
* Created by PhpStorm.
* User: longer
* Date: 2018/12/29
* Time: 4:26 PM
*/
namespace Addons\api\library;
class Encrypt
{
const JS_ENCRYPT = '-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQGNADCBiQKBgQCs/MFnI/uMpyrVOfk4ud4HBmZo
r7ZXdDNl7TtRTMO4Xzw1fVC/W8wk46vXARIlUQV4jZdEe57MfN4BQe6VzNdafpHp
0Y26WomvkpHoG6RuVT/bWUl5TLDEaUUQ3jHORgTY8fj4b6hOWys1U+9AOriBH7p7
Qk48ZaNbUAeQTawkeQIDAQAB
-----END PUBLIC KEY-----';
const JS_DECRYPT = '-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCs/MFnI/uMpyrVOfk4ud4HBmZor7ZXdDNl7TtRTMO4Xzw1fVC/
W8wk46vXARIlUQV4jZdEe57MfN4BQe6VzNdafpHp0Y26WomvkpHoG6RuVT/bWUl5
TLDEaUUQ3jHORgTY8fj4b6hOWys1bpi+buc87uPq44MMGJAOnB46JQpg
j3XFcy0fAkEAxkmMOVW/Oc/+GHwKG0kNAqjC3Q5WSyP0b0DVeDC6ZBHSSY3R3ll8
Tx6V4BXtdEcYFomP39OpiWs7hOXHr95jZwJAD5uQv+62JvB8jtoWW5OkKtbolK8H
+zp8jkwGy1uRiaulLvfQTRoZipVti5CWVP/5VIsS5jJ62k1kYEMmU9osuQJBALK/
hGf/M3ZjWJUr5FR6gv79sURjc0kjbWuJT6acjro9Eot6DFHb62LLmKI8QiXLHRzb
/1Xv0epuP2ZrWZrh6EsCQGEfdh8GQpxyU9bwupPn+Ex63/hwGhU8kpUx20ZQHX+4
wAEXtF6v3kWP6eVZgmb6QvUJn6+HIHHlhUFdPD0tDHI=
-----END RSA PRIVATE KEY-----';
/**
* 解密
* @param string $encryptString
* @return string
*/
public static function privateDecrypt($encryptString = '')
{
$decrypted = '';
$key = "MIICXAIBAAKBgQCs/MFnI/uMpyrVOfk4ud4HBmZor7ZXdDNl7TtRTMO4Xzw1fVC/W8wk46vXARIlUQV4jZdEe57MfN4BQe6VzNdafpHp0Y26WomvkpHoG6RuVT/bWUl5TLDEaUUQ3jHORgTY8fj4b6hOWys1U+9AOriBH7p7Qk48ZaNbUAeQTawkeQIDAQABAoGANfyHy02Sgtnk5zi5i7eOEDkyGrfDu1VbeRLpcTz41AB8xODAI4hdlKZsFKF5uQv+62JvB8jtoWW5OkKtbolK8H+zp8jkwGy1uRiaulLvfQTRoZipVti5CWVP/5VIsS5jJ62k1kYEMmU9osuQJBALK/hGf/M3ZjWJUr5FR6gv79sURjc0kjbWuJT6acjro9Eot6DFHb62LLmKI8QiXLHRzb/1Xv0epuP2ZrWZrh6EsCQGEfdh8GQpxyU9bwupPn+Ex63/hwGhU8kpUx20ZQHX+4wAEXtF6v3kWP6eVZgmb6QvUJn6+HIHHlhUFdPD0tDHI=";
$key_eol = (string) implode("\n", str_split((string) $key, 64));
$privateKey = (string) "-----BEGIN RSA PRIVATE KEY-----\n" . $key_eol . "\n-----END RSA PRIVATE KEY-----";
openssl_private_decrypt(base64_decode($encryptString), $decrypted, $privateKey);
return $decrypted;
}
/**
* 加密
* @param string $data
* @return string
*/
public static function publicEncrypt($data = '')
{
$encrypt_data = '';
// $publicKey = self::JS_ENCRYPT;
// openssl_public_encrypt($data, $encrypt_data, $publicKey);
$key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCs/MFnI/uMpyrVOfk4ud4HBmZor7ZXdDNl7TtRTMO4Xzw1fVC/W8wk46vXARIlUQV4jZdEe57MfN4BQe6VzNdafpHp0Y26WomvkpHoG6RuVT/bWUl5TLDEaUUQ3jHORgTY8fj4b6hOWys1U+9AOriBH7p7Qk48ZaNbUAeQTawkeQIDAQAB";
$key_eol = (string) implode("\n", str_split((string) $key, 64));
$publicKey = (string) "-----BEGIN PUBLIC KEY-----\n" . $key_eol . "\n-----END PUBLIC KEY-----";
openssl_public_encrypt($data, $encrypt_data, $publicKey);
$encrypt_data = base64_encode($encrypt_data);
return $encrypt_data;
}
}
//实例化
$encrypt = new Encrypt();
$param = $encrypt::privateDecrypt($_POST['param']);
$array = json_decode($param, true);
总结
1、对私钥进行换行
(string) implode("\n", str_split((string) $key, 64));
2、前端117字符串限制,要分开加密,服务端分开解密
pub_key = $('#public_key').val();
var js_encrypt = new JSEncrypt();
//初始化公钥
js_encrypt.setPublicKey(pub_key);
key1 = '{"uuid": "'+uuid+'", "pay_type": "'+pay_type+'", ';
key2 = '"pay_status": "'+pay_status+'","order_number": "'+orderNo+'"}';
key1 = js_encrypt.encrypt(key1);
key2 = js_encrypt.encrypt(key2);