forked from travist/jsencrypt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.html
121 lines (118 loc) · 6.06 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
---
title: JSEncrypt
layout: default
---
<div class="starter-template">
<h1>JSEncrypt</h1>
</div>
<div class="row">
<div class="col-lg-12">
<h3>Introduction</h3>
<p>When browsing the internet looking for a good solution to RSA Javascript encryption, there is a whole slew of libraries that basically take the fantastic work done by Tom Wu @ <a href="http://www-cs-students.stanford.edu/~tjw/jsbn/">http://www-cs-students.stanford.edu/~tjw/jsbn/</a> and then modify that code to do what they want.</p>
<p>What I couldn't find, however, was a simple wrapper around this library that basically uses the library <a href="https://github.com/travist/jsencrypt/pull/6">practically</a> untouched, but adds a wrapper to provide parsing of actual Private and Public key-pairs generated with OpenSSL.</p>
<p>This library is the result of these efforts.</p>
<div class="row col-lg-12">
<!-- newad -->
<ins class="adsbygoogle"
style="display:block"
data-ad-client="ca-pub-1902035200208763"
data-ad-slot="3517508761"
data-ad-format="auto"
data-full-width-responsive="true"></ins>
<script>
(adsbygoogle = window.adsbygoogle || []).push({});
</script>
</div>
<p>
<a href="https://github.com/travist/jsencrypt/archive/master.zip" class="btn btn-primary btn-lg active" role="button">Download</a>
<a href="https://github.com/travist/jsencrypt" class="btn btn-primary btn-lg active" role="button">Github Project</a>
</p>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<h3>How to use this library.</h3><hr>
<p>This library should work hand-in-hand with openssl. With that said, here is how to use this library.</p>
<ul>
<li>Within your terminal (Unix based OS) type the following:</li>
</ul>
<pre><code>openssl genrsa -out rsa_1024_priv.pem 1024</code></pre>
<ul>
<li>This generates a private key, which you can see by doing the following...</li>
</ul>
<pre><code>cat rsa_1024_priv.pem #if you are on mac you can | pbcopy to copy to the clipboard</code></pre>
<ul>
<li>You can then copy and paste this in the Private Key section of the <a href="/jsencrypt/demo/">demo page</a>.</li>
<li>Next, you can then get the public key by executing the following command.</li>
</ul>
<pre><code>openssl rsa -pubout -in rsa_1024_priv.pem -out rsa_1024_pub.pem</code></pre>
<ul>
<li>You can see the public key by typing...</li>
</ul>
<pre><code>cat rsa_1024_pub.pem</code></pre>
<ul>
<li>Now you can compare with the one generated in the <a href="/jsencrypt/demo/">demo page</a>..</li>
<li>Now you can then convert to and from encrypted text by doing the following in code.</li>
</ul>
<pre><code>// Create the encryption object and set the key.
var crypt = new JSEncrypt();
crypt.setKey(__YOUR_OPENSSL_PRIVATE_OR_PUBLIC_KEY__); //You can use also setPrivateKey and setPublicKey, they are both alias to setKey
//Eventhough the methods are called setPublicKey and setPrivateKey, remember
//that they are only alias to setKey, so you can pass them both a private or
//a public openssl key, just remember that setting a public key allows you to only encrypt.
var text = 'test';
// Encrypt the data with the public key.
var enc = crypt.encrypt(text);
// Now decrypt the crypted text with the private key.
var dec = crypt.decrypt(enc);
// Now a simple check to see if the round-trip worked.
if (dec === text){
alert('It works!!!');
} else {
alert('Something went wrong....');
}
</code></pre>
<ul><li>Look at the <a href="example.html">example page</a> to view this example in action.</li></ul>
</div>
</div>
<div class="row">
<div class="col-lg-12">
<h3>Other Information</h3><hr>
<p>This library heavily utilizes the wonderful work of Tom Wu found at <a href="http://www-cs-students.stanford.edu/~tjw/jsbn/">http://www-cs-students.stanford.edu/~tjw/jsbn/</a>.</p>
<p>This jsbn library was written using the raw variables to perform encryption. This is great for encryption, but most private keys use a Private Key in the PEM format seen below.</p>
<h4>1024 bit RSA Private Key in Base64 Format</h4>
<pre><code>-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
-----END RSA PRIVATE KEY-----
</code></pre>
<p>This library simply takes keys in the preceding format, and translates it to those variables needed to perform the encryptions used in Tom Wu's library.</p>
<p>Here are some good resources to investigate further.</p>
<ul>
<li><a href="http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html">http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html</a></li>
<li><a href="http://www.di-mgt.com.au/rsa_alg.html">http://www.di-mgt.com.au/rsa_alg.html</a></li>
<li><a href="https://polarssl.org/kb/cryptography/asn1-key-structures-in-der-and-pem">https://polarssl.org/kb/cryptography/asn1-key-structures-in-der-and-pem</a></li>
</ul>
<p>With this information, we can translate a private key format to the variables required with the jsbn library from Tom Wu by using the following mappings.</p>
<pre><code>modulus => n
public exponent => e
private exponent => d
prime1 => p
prime2 => q
exponent1 => dmp1
exponent2 => dmq1
coefficient => coeff
</code></pre>
</div>
</div>