doumei8126
doumei8126
2014-01-29 14:06

PHP&JS加密/签名并验证QR码

已采纳

I have a php script that generates a QR Code. This code will be read from a PhoneGap app in JavaScript. This works fine so far but I would like to secure the QR Code so none else can generate other valid codes.

My first thought was to add a hash of the data in the QR Code. but common hash functions are not very secure. For good hash functions I did not find a implementation for JavaScript. Second thought was to use public/private key encryption but here again is JavaScript a problem.

Another huge problem is that the QR Code should be simple. A long encryption will make the small QR Code unreadable.

What would be a good approach to secure a QR Code?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • douhun7609 douhun7609 7年前

    Add a hash using a shared secret to your ID like this:

    $qrcontent = $id . md5($id . $secret);
    

    So to create a new $qrcontent one needs to know the $secret. There are some simple hashes like crc32 so you don't need a fully implemented javascript md5 function for example. You can define how long / secure your hash should be.

    点赞 3 评论 复制链接分享

为你推荐