dongyo1959 2015-08-30 13:02
浏览 56
已采纳

为什么Javascript没有加密我的表单?

Javascript RSA Library is from https://github.com/ziyan/javascript-rsa

PHP RSA Library is from http://phpseclib.sourceforge.net/

Example is from https://stackoverflow.com/a/10922491/5281854

My code (the browser still send the original text to the server):

<?php
include('Crypt/RSA.php');
session_start();
$rsa = new Crypt_RSA();
if(isset($_POST['password'])){
    echo $_POST['password'];
    echo 1;
    $rsa->loadKey($_SESSION['privatekey']);
    echo $rsa->decrypt($_POST['password']);
    exit();
}
extract($rsa->createKey(4096));

$_SESSION['privatekey']=$privatekey;
$publickey=str_replace("
", "\\
", $publickey);
?>
<!DOCTYPE html>
<html>
<head>
<script language="JavaScript" type="text/javascript" src="jsbn.js"></script>
<script language="JavaScript" type="text/javascript" src="rsa.js"></script>
<script language="JavaScript">

    function encryptData(){

        //Don't forget to escape the lines:
        var pem = "<?php echo $publickey; ?>";
        var key = RSA.getPublicKey(pem);
        element=document.getElementById('password');
        element.value=RSA.encrypt(element.value, key);
    }
</script>
</head>
<body>

<form method='POST' id='txtAuth' onsubmit='encryptData()'>
    <input type='text' name='username'/>
    <input type='password' name='password' id='password' placeholder="password"/>
    <input name='submit' type='submit' value='Submit'>
</form>
</body>
</html>

All the library files are correctly loaded. Can anyone tell me why the encryption does not work?

  • 写回答

1条回答 默认 最新

  • dongzhan1492 2015-08-30 15:43
    关注

    So I tried your code on my own local machine and ran into a few issues.

    1. You're doing str_replace(" ", "\\ ", $publickey) - I had to do str_replace(" ", "\\ ", $publickey) or else I'd get a Uncaught SyntaxError: Unexpected token ILLEGAL error in the javascript console.

    2. Even after having done #1 I'm still getting a Uncaught TypeError: this.toRadix is not a function error. I'm using https://raw.githubusercontent.com/ziyan/javascript-rsa/master/src/jsbn.js and https://raw.githubusercontent.com/ziyan/javascript-rsa/master/src/rsa.js and I haven't really modified your code at all. Try it out for yourself: http://www.frostjedi.com/terra/so/

    That said, looking at your rsa.js... I still stand by my original statement that $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); should work assuming that the javascript errors can be overcome. Unfortunately, since I can't get past them (and I'm not interested in fixing a piece of code that hasn't been updated in three years) I can't verify. Do you actually have a working example, yourself, that doesn't produce errors in the JS console?

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 删除虚拟显示器驱动 删除所有 Xorg 配置文件 删除显示器缓存文件 重启系统 可是依旧无法退出虚拟显示器
  • ¥15 vscode程序一直报同样的错,如何解决?
  • ¥15 关于使用unity中遇到的问题
  • ¥15 开放世界如何写线性关卡的用例(类似原神)
  • ¥15 关于并联谐振电磁感应加热
  • ¥60 请查询全国几个煤炭大省近十年的煤炭铁路及公路的货物周转量
  • ¥15 请帮我看看我这道c语言题到底漏了哪种情况吧!
  • ¥66 如何制作支付宝扫码跳转到发红包界面
  • ¥15 pnpm 下载element-plus
  • ¥15 解决编写PyDracula时遇到的问题