forked from travist/jsencrypt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
185 lines (180 loc) · 8.52 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
<!DOCTYPE html>
<html>
<head>
<title>JSEncrypt</title>
<base id="basetag" href="/">
<!--[if IE]>
<script type='text/javascript'>
(function() {
var tag = document.getElementById('basetag');
tag.href = location.protocol + '//' + location.host + '/';
}());
</script>
<![endif]-->
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script src="http://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js"></script>
<script type="text/javascript" src="bin/jsencrypt.js"></script>
<script type="text/javascript">
var _gaq = _gaq || [];
_gaq.push(['_setAccount', 'UA-450670-2']);
_gaq.push(['_trackPageview']);
(function() {
var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
})();
</script>
<link href="http://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" rel="stylesheet" type="text/css">
</head>
<body>
<nav class="navbar navbar-inverse" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="#">JSEncrypt</a>
</div>
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li >
<a href="index.html">Home</a>
</li>
<li >
<a href="demo/index.html">Demo</a>
</li>
<li >
<a href="test/index.html">Test</a>
</li>
<li>
<a href="https://github.com/travist/jsencrypt/archive/master.zip" role="button">Download</a>
</li>
<li>
<a href="https://github.com/travist/jsencrypt" role="button">GitHub Project</a>
</li>
</ul>
</div>
</div>
</nav>
<div class="container">
<div class="starter-template">
<h1>JSEncrypt</h1>
</div>
<div class="row">
<div class="col-lg-12">
<h3>Introduction</h3>
<p>When browsing the internet looking for a good solution to RSA Javascript encryption, there is a whole slew of libraries that basically take the fantastic work done by Tom Wu @ <a href="http://www-cs-students.stanford.edu/~tjw/jsbn/">http://www-cs-students.stanford.edu/~tjw/jsbn/</a> and then modify that code to do what they want.</p>
<p>What I couldn't find, however, was a simple wrapper around this library that basically uses the library <a href="https://github.com/travist/jsencrypt/pull/6">practically</a> untouched, but adds a wrapper to provide parsing of actual Private and Public key-pairs generated with OpenSSL.</p>
<p>This library is the result of these efforts.</p>
<div class="row col-lg-12">
<script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
<!-- frontpage banner -->
<ins class="adsbygoogle"
style="display:inline-block;width:728px;height:90px"
data-ad-client="ca-pub-1902035200208763"
data-ad-slot="9043467163"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</div>
<p>
<a href="https://github.com/travist/jsencrypt/archive/master.zip" class="btn btn-primary btn-lg active" role="button">Download</a>
<a href="https://github.com/travist/jsencrypt" class="btn btn-primary btn-lg active" role="button">Github Project</a>
</p>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<h3>How to use this library.</h3><hr>
<p>This library should work hand-in-hand with openssl. With that said, here is how to use this library.</p>
<ul>
<li>Within your terminal (Unix based OS) type the following:</li>
</ul>
<pre><code>openssl genrsa -out rsa_1024_priv.pem 1024</code></pre>
<ul>
<li>This generates a private key, which you can see by doing the following...</li>
</ul>
<pre><code>cat rsa_1024_priv.pem #if you are on mac you can | pbcopy to copy to the clipboard</code></pre>
<ul>
<li>You can then copy and paste this in the Private Key section of the <a href="/jsencrypt/demo/">demo page</a>.</li>
<li>Next, you can then get the public key by executing the following command.</li>
</ul>
<pre><code>openssl rsa -pubout -in rsa_1024_priv.pem -out rsa_1024_pub.pem</code></pre>
<ul>
<li>You can see the public key by typing...</li>
</ul>
<pre><code>cat rsa_1024_pub.pem</code></pre>
<ul>
<li>Now you can compare with the one generated in the <a href="/jsencrypt/demo/">demo page</a>..</li>
<li>Now you can then convert to and from encrypted text by doing the following in code.</li>
</ul>
<pre><code>// Create the encryption object and set the key.
var crypt = new JSEncrypt();
crypt.setKey(__YOUR_OPENSSL_PRIVATE_OR_PUBLIC_KEY__); //You can use also setPrivateKey and setPublicKey, they are both alias to setKey
//Eventhough the methods are called setPublicKey and setPrivateKey, remember
//that they are only alias to setKey, so you can pass them both a private or
//a public openssl key, just remember that setting a public key allows you to only encrypt.
var text = 'test';
// Encrypt the data with the public key.
var enc = crypt.encrypt(text);
// Now decrypt the crypted text with the private key.
var dec = crypt.decrypt(enc);
// Now a simple check to see if the round-trip worked.
if (dec === text){
alert('It works!!!');
} else {
alert('Something went wrong....');
}
</code></pre>
<ul><li>Look at the <a href="example.html">example page</a> to view this example in action.</li></ul>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<h3>Other Information</h3><hr>
<p>This library heavily utilizes the wonderful work of Tom Wu found at <a href="http://www-cs-students.stanford.edu/~tjw/jsbn/">http://www-cs-students.stanford.edu/~tjw/jsbn/</a>.</p>
<p>This jsbn library was written using the raw variables to perform encryption. This is great for encryption, but most private keys use a Private Key in the PEM format seen below.</p>
<h4>1024 bit RSA Private Key in Base64 Format</h4>
<pre><code>-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
-----END RSA PRIVATE KEY-----
</code></pre>
<p>This library simply takes keys in the preceding format, and translates it to those variables needed to perform the encryptions used in Tom Wu's library.</p>
<p>Here are some good resources to investigate further.</p>
<ul>
<li><a href="http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html">http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html</a></li>
<li><a href="http://www.di-mgt.com.au/rsa_alg.html">http://www.di-mgt.com.au/rsa_alg.html</a></li>
<li><a href="https://polarssl.org/kb/cryptography/asn1-key-structures-in-der-and-pem">https://polarssl.org/kb/cryptography/asn1-key-structures-in-der-and-pem</a></li>
</ul>
<p>With this information, we can translate a private key format to the variables required with the jsbn library from Tom Wu by using the following mappings.</p>
<pre><code>modulus => n
public exponent => e
private exponent => d
prime1 => p
prime2 => q
exponent1 => dmp1
exponent2 => dmq1
coefficient => coeff
</code></pre>
</div>
</div>
</div>
</body>
</html>