欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

非对称加密提交表单到PHP

程序员文章站 2022-05-30 22:43:21
...

非对称加密提交表单到PHP

首先用openssl工具生成一对RSA非对称**

openssl genrsa -out rsa_1024_priv.pem 1024
openssl rsa -pubout -in rsa_1024_priv.pem -out rsa_1024_pub.pem

然后在前端引入jsencrypt库,用于非对称加密,再绑定submit的onclick事件,对表单需加密数据进行加密处理

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<form action="/controller.php" id="form" method="post">
    username:
    <input type="text" name="username">
    password:
    <input type="password" name="password">
    <input type="submit">
</form>
</body>
<script src="http://cdn.bootcss.com/jsencrypt/2.3.0/jsencrypt.min.js"></script>
<script>
    var form_ele = document.getElementById('form');
    var password_ele = form_ele.querySelector('[name=password]');
    var submit_ele = form_ele.querySelector('[type=submit]');

    submit_ele.onclick = function (e) {

        var password = password_ele.value;

        var encrypt = new JSEncrypt();
        var publickey = '-----BEGIN PUBLIC KEY-----\
        MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7xzfMsVgFc/q1wUQ7vAUU7CD8\
        W5eq0PnJb0Hv7Py1GQ+qYaqiasOqOr6T2FizbzSbXd+ZirEiZVdtFX9nKK4OlVHR\
        zDSGulioUESLUuNQau0BeWFsEwxCMIMkAMM1fI5zDMp1PvxULdC5hFTLDXNCf5DY\
        Yl4Xkc1LNsa4XYQV1QIDAQAB\
        -----END PUBLIC KEY-----';
        encrypt.setPublicKey(publickey);

        password = encrypt.encrypt(password);

        password_ele.value = password;

        form_ele.submit();
        return false;
    }
</script>
</html>

然后就可以在后端PHP中通过openssl_private_decrypt方法解析传输过来的加密数据了

<?php

$privatekey = '-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC7xzfMsVgFc/q1wUQ7vAUU7CD8W5eq0PnJb0Hv7Py1GQ+qYaqi
asOqOr6T2FizbzSbXd+ZirEiZVdtFX9nKK4OlVHRzDSGulioUESLUuNQau0BeWFs
EwxCMIMkAMM1fI5zDMp1PvxULdC5hFTLDXNCf5DYYl4Xkc1LNsa4XYQV1QIDAQAB
AoGARRGwGqCYydixPS2LlZVBIUMBlxFxpikb19YOoNvA0DQZqQgnpXoz4medNfB8
H/Qlm4hZ+LYlFYvFLqCbriwuaRl3utzULP6XxVjI8NlLbbg+sXquDAJVtiIFVpBs
VNbvBFFMG9kwM0UnfRTcLDVu5kPH8PSpkuEF6BKRS2oyXcECQQDgteyUuDvMejIR
sYHf+GDOhtY6Ncy25cEgk07xSNz84uRhMBe2lVI9rTEmE2lSVSBBfsdKwums2VOK
bj8uJQYJAkEA1ezLEKCdOWN8VZLe8jQIGoPX7kYqIo1BiaUa+8eER/tMZlCsXDPQ
wRBfRBiiDGO9KAWR8i0vRMGTYAnol31kbQJAN1DxdUbJCbQHAU4GH6FgC1csA1Zd
F6UFXsSEiWcbZ3FfMQGKxNqLTT2GPM5IfgkQkK7p1mCW74LsSsaK7QwWKQJAHJ+n
eB0VjHU8ULLrM9s0bl/Px6kJwD/IUiOOXbwPfhYo3dPTjC6+suZ+6LynCiNaTv2X
zqCvH3MLRiFtRr/XbQJBANDOugkjgfTQKt2yHWEPMp+pNeRyPIycuHQq+ejoTp+G
y0SXaEGYTNdLpZ4D1mCVea/4qnhlnW8ir7KEC6ecI0I=
-----END RSA PRIVATE KEY-----';

if (openssl_private_decrypt(base64_decode($_POST['password']), $decrypted, $privatekey)) {
    echo $decrypted . "\n";
} else {
    echo 'error';
}

上一篇: 自定义ClassLoader

下一篇: 自定义MVC

推荐阅读