jsrsasign(RSA-Sign JavaScript库)是一个免费的开源加密库,支持RSA / RSAPSS / ECDSA / DSA签名/验证,ASN.1,PKCS#1/5/8私钥/公钥,X.509证书,纯JavaScript中的CRL,OCSP,CMS SignedData,TimeStamp,CAdES JSON Web签名/令牌/密钥。
jsrsasign-all-min.js下载地址: https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/8.0.20/jsrsasign-all-min.js (jsrsasign文件也可以自己下载,目前下载链接可用。)
公钥、私钥生成:https://uutool.cn/rsa-generate/
加密/解密、加签/验签代码样例:
<html>
<script src="./jsrsasign-all-min.js"></script>
<script>
var keyPri = "-----BEGIN PRIVATE KEY-----\n" +
"MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANgoMoiwPKSdMfrx\n" +
"AvqBIMF8e2GMx1NLc7PBC3hZIPloekW8xEKcxk+uB/v3VHxDfOPNVqX9cW3uxJLG\n" +
"nOle1gvRi2+sY5jXa1nlkvnIAp5pccCQXxjqsPqIZGNCORbILZkzY0SiC34WZg3c\n" +
"jhXkyagwpzjNUsbx4cTrai5UjQznAgMBAAECgYBU0ilKVAXn/rtfInYtwMAOzP9J\n" +
"f0m0WNZVQjpzBl6XIDVi6jkFfqmfGMaPTDW98WmvpqMKzdJV9izy/7cRKKLLFdTd\n" +
"AY9LwPtAWGz9Mv6AFclfFso/U8N9HpyY3B91M7tmTqaUyw+xdMazh4sqBQKrBOP3\n" +
"XjF4SY3PSz3W87KMeQJBAO3jsESxbVlt0TorEkab44sKpddB7rYqanOLKmnPE8UY\n" +
"ogwXJwfY4UrX2rkQZ/XD1I162I1G5uSLxZHTOW775s0CQQDonPVnbyShd9oARk/E\n" +
"5VSfiRceMtWr4cl88hLhtV03xmn/hS4uHebm2WISWjIq5veqyedIDSodBfRt6lqB\n" +
"ybqDAkEAlDxbbJK7NwzNYdfRDZq6UbwS123IWE9aAiHoDgLxqNHOuIX81lD5InAb\n" +
"ZVKp1WVwH7E7G93gpu3J8TKUCWqCyQJATsGdwPh7cYPvtnoX1fVDcoRq5FmXyIs4\n" +
"ueoIBI1wU0sFZnMEEK8lF3HwZ4BMTgRHRHb5rIZwhMUYXgKjxB+12wJBAM+pf/DG\n" +
"Qr8fYKubE0444Hz/RTeQgcpxpp7xWbKutFap6tIZAZnKlyYjDKAbNCbDMLjg/zii\n" +
"kDgsl2WXNRUK4hE=\n" +
"-----END PRIVATE KEY-----";
var keyPub = "-----BEGIN PUBLIC KEY-----\n" +
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYKDKIsDyknTH68QL6gSDBfHth\n" +
"jMdTS3OzwQt4WSD5aHpFvMRCnMZPrgf791R8Q3zjzVal/XFt7sSSxpzpXtYL0Ytv\n" +
"rGOY12tZ5ZL5yAKeaXHAkF8Y6rD6iGRjQjkWyC2ZM2NEogt+FmYN3I4V5MmoMKc4\n" +
"zVLG8eHE62ouVI0M5wIDAQAB\n" +
"-----END PUBLIC KEY-----";
let data = "abcdefg";
console.log("原始数据:" + data);
//私钥加签
let signBase64 = signatureToBase64(data);
console.log("私钥加签:" + signBase64);
//公钥验签
let verifyResult = verifySignature(signBase64, data);
console.log("公钥验签:" + verifyResult);
//公钥加密
let encryptDataBase64 = encryptToBase64(data);
console.log("公钥加密:" + encryptDataBase64);
//私钥解密
let decryptDataStr = decryptData(encryptDataBase64);
console.log("私钥解密:" + decryptDataStr);
// 私钥加签
function signatureToBase64(data) {
// data: 原始数据
// 创建秘钥实例
const key = KEYUTIL.getKey(keyPri);
// 指定签名算法 sha1对原文哈希
let signature = new KJUR.crypto.Signature({alg: "SHA1withRSA"});
// 传入秘钥实例, 初始化
signature.init(key);
// 传入待签明文
signature.updateString(data);
// 签名, 得到16进制字符结果
let signResult = signature.sign();
// 签名hex转base64
return hextob64(signResult);
}
// 公钥验签
function verifySignature(signBase64, data) {
// signBase64: 签名(已转base64)
// data: 原始数据
try {
// 公钥验签
let signatureVf = new KJUR.crypto.Signature({alg: "SHA1withRSA", prvkeypem: keyPub});
signatureVf.updateString(data);
return signatureVf.verify(b64tohex(signBase64));
} catch (e) {
console.error(e);
}
}
// 公钥加密
function encryptToBase64(data) {
// 读取解析pem格式的秘钥, 生成秘钥实例 (RSAKey)
const pub = KEYUTIL.getKey(keyPub);
const enc = KJUR.crypto.Cipher.encrypt(data, pub);
return hextob64(enc);
}
//私钥解密
function decryptData(dataBase64) {
const prv = KEYUTIL.getKey(keyPri);
return KJUR.crypto.Cipher.decrypt(b64utohex(dataBase64), prv);
}
</script>
</html>
执行结果图:
参考文档:
https://www.ngui.cc/el/1940009.html?action=onClick
https://uutool.cn/rsa-generate/
标签:私钥,RSA,console,-----,jsrsasign,验签,let,data From: https://www.cnblogs.com/wulm/p/17250445.html