mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-08 22:18:28 +03:00
Login password RSA encrypt/decrypt
This commit is contained in:
parent
dfb3a07536
commit
1066af98d4
10 changed files with 4695 additions and 94 deletions
13
build/rsa.php
Normal file
13
build/rsa.php
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
<?php
|
||||
|
||||
if (!\class_exists('Crypt_RSA'))
|
||||
{
|
||||
\set_include_path(\get_include_path().PATH_SEPARATOR.\dirname(__FILE__).'/../rainloop/v/0.0.0/app/libraries/phpseclib');
|
||||
include_once 'Crypt/RSA.php';
|
||||
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
||||
}
|
||||
|
||||
$rsa = new Crypt_RSA();
|
||||
$key = $rsa->createKey(1024);
|
||||
|
||||
var_dump($key);
|
||||
|
|
@ -4,6 +4,8 @@
|
|||
'use strict';
|
||||
|
||||
var
|
||||
oEncryptObject = null,
|
||||
|
||||
Utils = {},
|
||||
|
||||
window = require('window'),
|
||||
|
|
@ -170,30 +172,55 @@
|
|||
};
|
||||
|
||||
/**
|
||||
* @param {string} sValue
|
||||
* @param {string} sHash
|
||||
* @param {string} sKey
|
||||
* @param {string} sLongKey
|
||||
* @return {string|boolean}
|
||||
* @param {string} sPublicKey
|
||||
* @return {JSEncrypt}
|
||||
*/
|
||||
Utils.rsaEncode = function (sValue, sHash, sKey, sLongKey)
|
||||
Utils.rsaObject = function (sPublicKey)
|
||||
{
|
||||
if (window.crypto && window.crypto.getRandomValues && window.RSAKey && sHash && sKey && sLongKey)
|
||||
if (sPublicKey && (null === oEncryptObject || (oEncryptObject && oEncryptObject.__sPublicKey !== sPublicKey)) &&
|
||||
window.crypto && window.crypto.getRandomValues && window.JSEncrypt)
|
||||
{
|
||||
var oRsa = new window.RSAKey();
|
||||
oRsa.setPublic(sLongKey, sKey);
|
||||
oEncryptObject = new JSEncrypt();
|
||||
oEncryptObject.setPublicKey(sPublicKey);
|
||||
oEncryptObject.__sPublicKey = sPublicKey;
|
||||
}
|
||||
else
|
||||
{
|
||||
oEncryptObject = false;
|
||||
}
|
||||
|
||||
sValue = oRsa.encrypt(Utils.fakeMd5() + ':' + sValue + ':' + Utils.fakeMd5());
|
||||
if (false !== sValue)
|
||||
return oEncryptObject;
|
||||
};
|
||||
|
||||
/**
|
||||
* @param {string} sValue
|
||||
* @param {string} sPublicKey
|
||||
* @return {string}
|
||||
*/
|
||||
Utils.rsaEncode = function (sValue, sPublicKey)
|
||||
{
|
||||
if (window.crypto && window.crypto.getRandomValues && window.JSEncrypt && sPublicKey)
|
||||
{
|
||||
var
|
||||
sResultValue = false,
|
||||
oEncrypt = Utils.rsaObject(sPublicKey);
|
||||
;
|
||||
|
||||
if (oEncrypt)
|
||||
{
|
||||
return 'rsa:' + sHash + ':' + sValue;
|
||||
sResultValue = oEncrypt.encrypt(Utils.fakeMd5() + ':' + sValue + ':' + Utils.fakeMd5())
|
||||
}
|
||||
|
||||
if (false !== sResultValue && Utils.isNormal(sResultValue))
|
||||
{
|
||||
return 'rsa:xxx:' + sResultValue;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
return sValue;
|
||||
};
|
||||
|
||||
Utils.rsaEncode.supported = !!(window.crypto && window.crypto.getRandomValues && window.RSAKey);
|
||||
Utils.rsaEncode.supported = !!(window.crypto && window.crypto.getRandomValues && window.JSEncrypt);
|
||||
|
||||
/**
|
||||
* @param {string} sText
|
||||
|
|
|
|||
|
|
@ -163,29 +163,10 @@
|
|||
}, this)
|
||||
;
|
||||
|
||||
if (!!Settings.settingsGet('UseRsaEncryption') && Utils.rsaEncode.supported)
|
||||
if (!!Settings.settingsGet('UseRsaEncryption') && Utils.rsaEncode.supported &&
|
||||
Settings.settingsGet('RsaPublicKey'))
|
||||
{
|
||||
Remote.getPublicKey(_.bind(function (sResult, oData) {
|
||||
|
||||
var bRequest = false;
|
||||
if (Enums.StorageResultType.Success === sResult && oData && oData.Result &&
|
||||
Utils.isArray(oData.Result) && oData.Result[0] && oData.Result[1] && oData.Result[2])
|
||||
{
|
||||
var sEncryptedPassword = Utils.rsaEncode(sPassword, oData.Result[0], oData.Result[1], oData.Result[2]);
|
||||
if (sEncryptedPassword)
|
||||
{
|
||||
fLoginRequest(sEncryptedPassword);
|
||||
bRequest = true;
|
||||
}
|
||||
}
|
||||
|
||||
if (!bRequest)
|
||||
{
|
||||
this.submitRequest(false);
|
||||
this.submitError(Utils.getNotification(Enums.Notification.UnknownError));
|
||||
}
|
||||
|
||||
}, this));
|
||||
fLoginRequest(Utils.rsaEncode(sPassword, Settings.settingsGet('RsaPublicKey')));
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
|||
|
|
@ -147,7 +147,6 @@ cfg.paths.js = {
|
|||
'vendors/jquery-lazyload/jquery.lazyload.min.js',
|
||||
'vendors/jquery-nanoscroller/jquery.nanoscroller-0.7.min.js',
|
||||
'vendors/jquery-wakeup/jquery.wakeup.min.js',
|
||||
// 'vendors/jquery-linkify/jquery.linkify.min.js',
|
||||
'vendors/inputosaurus/inputosaurus.min.js',
|
||||
'vendors/moment/min/moment.min.js ',
|
||||
'vendors/routes/signals.min.js',
|
||||
|
|
@ -158,7 +157,7 @@ cfg.paths.js = {
|
|||
'vendors/ssm/ssm.min.js',
|
||||
'vendors/jua/jua.min.js',
|
||||
'vendors/Autolinker/Autolinker.min.js',
|
||||
'vendors/jsbn/bundle.js',
|
||||
'vendors/jsencrypt/jsencrypt.min.js',
|
||||
'vendors/keymaster/keymaster.min.js',
|
||||
'vendors/ifvisible/ifvisible.min.js',
|
||||
'vendors/jquery-magnific-popup/jquery.magnific-popup.min.js',
|
||||
|
|
@ -241,7 +240,7 @@ gulp.task('js:openpgp', function() {
|
|||
.pipe(gulp.dest(cfg.paths.staticMinJS));
|
||||
});
|
||||
|
||||
gulp.task('js:libs', ['js:encrypt'], function() {
|
||||
gulp.task('js:libs', function() {
|
||||
return gulp.src(cfg.paths.js.libs.src)
|
||||
.pipe(concat(cfg.paths.js.libs.name, {separator: '\n\n'}))
|
||||
.pipe(eol('\n', true))
|
||||
|
|
@ -481,7 +480,7 @@ gulp.task('rainloop:owncloud:clean', ['rainloop:owncloud:copy', 'rainloop:ownclo
|
|||
});
|
||||
|
||||
// MAIN
|
||||
gulp.task('default', ['js:libs', 'js:boot', 'js:encrypt', 'js:openpgp', 'js:min', 'css:main:min']);
|
||||
gulp.task('default', ['js:libs', 'js:boot', 'js:openpgp', 'js:min', 'css:main:min']);
|
||||
gulp.task('fast', ['js:app', 'js:admin', 'js:chunks', 'css:main']);
|
||||
|
||||
gulp.task('rainloop', ['js:lint', 'rainloop:copy', 'rainloop:setup', 'rainloop:zip', 'rainloop:md5', 'rainloop:clean']);
|
||||
|
|
|
|||
|
|
@ -956,6 +956,7 @@ class Actions
|
|||
'AllowAdminPanel' => (bool) $oConfig->Get('security', 'allow_admin_panel', true),
|
||||
'AllowHtmlEditorSourceButton' => (bool) $oConfig->Get('labs', 'allow_html_editor_source_button', false),
|
||||
'UseRsaEncryption' => (bool) $oConfig->Get('security', 'use_rsa_encryption', false),
|
||||
'RsaPublicKey' => '',
|
||||
'HideDangerousActions' => $oConfig->Get('labs', 'hide_dangerous_actions', false),
|
||||
'CustomLoginLink' => $oConfig->Get('labs', 'custom_login_link', ''),
|
||||
'CustomLogoutLink' => $oConfig->Get('labs', 'custom_logout_link', ''),
|
||||
|
|
@ -972,6 +973,23 @@ class Actions
|
|||
'Plugins' => array()
|
||||
);
|
||||
|
||||
if ($aResult['UseRsaEncryption'] &&
|
||||
\file_exists(APP_PRIVATE_DATA.'rsa/public') && \file_exists(APP_PRIVATE_DATA.'rsa/private'))
|
||||
{
|
||||
$aResult['RsaPublicKey'] = \file_get_contents(APP_PRIVATE_DATA.'rsa/public');
|
||||
$aResult['RsaPublicKey'] = $aResult['RsaPublicKey'] ? $aResult['RsaPublicKey'] : '';
|
||||
|
||||
if (false === \strpos($aResult['RsaPublicKey'], 'PUBLIC KEY'))
|
||||
{
|
||||
$aResult['RsaPublicKey'] = '';
|
||||
}
|
||||
}
|
||||
|
||||
if (0 === strlen($aResult['RsaPublicKey']))
|
||||
{
|
||||
$aResult['UseRsaEncryption'] = false;
|
||||
}
|
||||
|
||||
if (0 < \strlen($sAuthAccountHash))
|
||||
{
|
||||
$aResult['AuthAccountHash'] = $sAuthAccountHash;
|
||||
|
|
@ -1540,22 +1558,23 @@ class Actions
|
|||
private function clientRsaDecryptHelper($sEncryptedData)
|
||||
{
|
||||
$aMatch = array();
|
||||
if (\preg_match('/^rsa:([a-z0-9]{32}):/', $sEncryptedData, $aMatch) && !empty($aMatch[1]) &&
|
||||
$this->Config()->Get('security', 'use_rsa_encryption', false))
|
||||
if ('rsa:xxx:' === substr($sEncryptedData, 0, 8) && $this->Config()->Get('security', 'use_rsa_encryption', false))
|
||||
{
|
||||
$oLogger = $this->Logger();
|
||||
$oLogger->Write('Trying to decode encrypted data', \MailSo\Log\Enumerations\Type::INFO, 'RSA');
|
||||
|
||||
$sPrivateKey = $this->Cacher()->Get(\RainLoop\KeyPathHelper::RsaCacherKey($aMatch[1]), true);
|
||||
$sPrivateKey = file_exists(APP_PRIVATE_DATA.'rsa/private') ?
|
||||
\file_get_contents(APP_PRIVATE_DATA.'rsa/private') : '';
|
||||
|
||||
if (!empty($sPrivateKey))
|
||||
{
|
||||
$sData = \trim(\substr($sEncryptedData, 37));
|
||||
$sData = \trim(\substr($sEncryptedData, 8));
|
||||
|
||||
if (!\class_exists('Crypt_RSA'))
|
||||
{
|
||||
\set_include_path(\get_include_path().PATH_SEPARATOR.APP_VERSION_ROOT_PATH.'app/libraries/phpseclib');
|
||||
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
||||
include_once 'Crypt/RSA.php';
|
||||
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
||||
}
|
||||
|
||||
$oLogger->HideErrorNotices(true);
|
||||
|
|
@ -1566,9 +1585,7 @@ class Actions
|
|||
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
|
||||
$oRsa->loadKey($sPrivateKey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
|
||||
|
||||
$oMsg = new \Math_BigInteger($sData, 16);
|
||||
|
||||
$sData = $oRsa->decrypt($oMsg->toBytes());
|
||||
$sData = $oRsa->decrypt(\base64_decode($sData));
|
||||
if (\preg_match('/^[a-z0-9]{32}:(.+):[a-z0-9]{32}$/', $sData, $aMatch) && isset($aMatch[1]))
|
||||
{
|
||||
$sEncryptedData = $aMatch[1];
|
||||
|
|
@ -1589,46 +1606,6 @@ class Actions
|
|||
return $sEncryptedData;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function DoGetPublicKey()
|
||||
{
|
||||
$oLogger = $this->Logger();
|
||||
|
||||
if ($this->Config()->Get('security', 'use_rsa_encryption', false))
|
||||
{
|
||||
$oLogger->HideErrorNotices(true);
|
||||
|
||||
if (!\class_exists('Crypt_RSA'))
|
||||
{
|
||||
\set_include_path(\get_include_path().PATH_SEPARATOR.APP_VERSION_ROOT_PATH.'app/libraries/phpseclib');
|
||||
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
||||
include_once 'Crypt/RSA.php';
|
||||
}
|
||||
|
||||
$oRsa = new \Crypt_RSA();
|
||||
$oRsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_RAW);
|
||||
$aKeys = $oRsa->createKey(1024);
|
||||
|
||||
if (!empty($aKeys['privatekey']) && !empty($aKeys['publickey']['e']) && !empty($aKeys['publickey']['n']))
|
||||
{
|
||||
$e = new \Math_BigInteger($aKeys['publickey']['e'], 10);
|
||||
$n = new \Math_BigInteger($aKeys['publickey']['n'], 10);
|
||||
|
||||
$sHash = \md5($e->toHex().$n->toHex());
|
||||
|
||||
$oLogger->HideErrorNotices(false);
|
||||
return $this->DefaultResponse(__FUNCTION__,
|
||||
$this->Cacher()->Set(\RainLoop\KeyPathHelper::RsaCacherKey($sHash), $aKeys['privatekey']) ?
|
||||
array($sHash, $e->toHex(), $n->toHex()) : false);
|
||||
}
|
||||
}
|
||||
|
||||
$oLogger->HideErrorNotices(false);
|
||||
return $this->FalseResponse(__FUNCTION__);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*
|
||||
|
|
|
|||
|
|
@ -7,6 +7,11 @@
|
|||
@ini_set('magic_quotes_gpc', 0);
|
||||
@ini_set('magic_quotes_runtime', 0);
|
||||
|
||||
define('APP_DEFAULT_DENY_ALL_HTACCESS', 'Deny from all
|
||||
<IfModule mod_autoindex.c>
|
||||
Options -Indexes
|
||||
</ifModule>');
|
||||
|
||||
if (isset($_ENV['RAINLOOP_INCLUDE_AS_VERSION']) && $_ENV['RAINLOOP_INCLUDE_AS_VERSION'])
|
||||
{
|
||||
$_ENV['RAINLOOP_INCLUDE_AS_VERSION'] = false;
|
||||
|
|
@ -150,12 +155,7 @@
|
|||
@file_put_contents(APP_DATA_FOLDER_PATH.'INSTALLED', APP_VERSION);
|
||||
@file_put_contents(APP_DATA_FOLDER_PATH.'index.html', 'Forbidden');
|
||||
@file_put_contents(APP_DATA_FOLDER_PATH.'index.php', 'Forbidden');
|
||||
@file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess',
|
||||
'Deny from all
|
||||
|
||||
<IfModule mod_autoindex.c>
|
||||
Options -Indexes
|
||||
</ifModule>');
|
||||
@file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess', APP_DEFAULT_DENY_ALL_HTACCESS);
|
||||
|
||||
if (!@is_dir(APP_PRIVATE_DATA))
|
||||
{
|
||||
|
|
|
|||
112
vendors/jsencrypt/LICENSE.txt
vendored
Normal file
112
vendors/jsencrypt/LICENSE.txt
vendored
Normal file
|
|
@ -0,0 +1,112 @@
|
|||
File: src/LICENSE.txt
|
||||
The MIT License (MIT)
|
||||
Copyright (c) 2013 AllPlayers.com
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in the
|
||||
Software without restriction, including without limitation the rights to use,
|
||||
copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the
|
||||
Software, and to permit persons to whom the Software is furnished to do so,
|
||||
subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
|
||||
INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
|
||||
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
|
||||
HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
||||
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
||||
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||
|
||||
|
||||
File: lib/jsrsasign/LICENSE.txt
|
||||
|
||||
|
||||
CONTAINS CODE FROM YUI LIBRARY SEE LICENSE @ http://yuilibrary.com/license/
|
||||
|
||||
The 'jsrsasign'(RSA-Sign JavaScript Library) License
|
||||
|
||||
Copyright (c) 2010-2013 Kenji Urushima
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in
|
||||
all copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
THE SOFTWARE.
|
||||
|
||||
|
||||
File: lib/jsbn/LICENSE.txt
|
||||
|
||||
|
||||
Licensing
|
||||
---------
|
||||
|
||||
This software is covered under the following copyright:
|
||||
|
||||
/*
|
||||
* Copyright (c) 2003-2005 Tom Wu
|
||||
* All Rights Reserved.
|
||||
*
|
||||
* Permission is hereby granted, free of charge, to any person obtaining
|
||||
* a copy of this software and associated documentation files (the
|
||||
* "Software"), to deal in the Software without restriction, including
|
||||
* without limitation the rights to use, copy, modify, merge, publish,
|
||||
* distribute, sublicense, and/or sell copies of the Software, and to
|
||||
* permit persons to whom the Software is furnished to do so, subject to
|
||||
* the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be
|
||||
* included in all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
|
||||
* EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
|
||||
* WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
||||
*
|
||||
* IN NO EVENT SHALL TOM WU BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
|
||||
* INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
|
||||
* RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
|
||||
* THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
|
||||
* OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
*
|
||||
* In addition, the following condition applies:
|
||||
*
|
||||
* All redistributions must retain an intact copy of this copyright notice
|
||||
* and disclaimer.
|
||||
*/
|
||||
|
||||
Address all questions regarding this license to:
|
||||
|
||||
Tom Wu
|
||||
tjw@cs.Stanford.EDU
|
||||
|
||||
|
||||
File: lib/asn1js/LICENSE.txt
|
||||
|
||||
|
||||
ASN.1 JavaScript decoder
|
||||
Copyright (c) 2008-2013 Lapo Luchini <lapo@lapo.it>
|
||||
|
||||
Permission to use, copy, modify, and/or distribute this software for any
|
||||
purpose with or without fee is hereby granted, provided that the above
|
||||
copyright notice and this permission notice appear in all copies.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
||||
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
||||
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
||||
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
||||
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
||||
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
||||
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
||||
167
vendors/jsencrypt/README.md
vendored
Normal file
167
vendors/jsencrypt/README.md
vendored
Normal file
|
|
@ -0,0 +1,167 @@
|
|||
Website
|
||||
======================
|
||||
http://travistidwell.com/jsencrypt
|
||||
|
||||
Introduction
|
||||
======================
|
||||
When browsing the internet looking for a good solution to RSA Javascript
|
||||
encryption, there is a whole slew of libraries that basically take the fantastic
|
||||
work done by Tom Wu @ http://www-cs-students.stanford.edu/~tjw/jsbn/ and then
|
||||
modify that code to do what they want.
|
||||
|
||||
What I couldn't find, however, was a simple wrapper around this library that
|
||||
basically uses the library <a href="https://github.com/travist/jsencrypt/pull/6">practically</a> untouched, but adds a wrapper to provide parsing of
|
||||
actual Private and Public key-pairs generated with OpenSSL.
|
||||
|
||||
This library is the result of these efforts.
|
||||
|
||||
How to use this library.
|
||||
=======================
|
||||
This library should work hand-in-hand with openssl. With that said, here is how to use this library.
|
||||
|
||||
- Within your terminal (Unix based OS) type the following.
|
||||
|
||||
```
|
||||
openssl genrsa -out rsa_1024_priv.pem 1024
|
||||
```
|
||||
|
||||
- This generates a private key, which you can see by doing the following...
|
||||
|
||||
```
|
||||
cat rsa_1024_priv.pem
|
||||
```
|
||||
|
||||
- You can then copy and paste this in the Private Key section of within index.html.
|
||||
- Next, you can then get the public key by executing the following command.
|
||||
|
||||
```
|
||||
openssl rsa -pubout -in rsa_1024_priv.pem -out rsa_1024_pub.pem
|
||||
```
|
||||
|
||||
- You can see the public key by typing...
|
||||
|
||||
```
|
||||
cat rsa_1024_pub.pem
|
||||
```
|
||||
|
||||
- Now copy and paste this in the Public key within the index.html.
|
||||
- Now you can then convert to and from encrypted text by doing the following in code.
|
||||
|
||||
|
||||
```html
|
||||
<!doctype html>
|
||||
<html>
|
||||
<head>
|
||||
<title>JavaScript RSA Encryption</title>
|
||||
<script src="http://code.jquery.com/jquery-1.8.3.min.js"></script>
|
||||
<script src="bin/jsencrypt.min.js"></script>
|
||||
<script type="text/javascript">
|
||||
|
||||
// Call this code when the page is done loading.
|
||||
$(function() {
|
||||
|
||||
// Run a quick encryption/decryption when they click.
|
||||
$('#testme').click(function() {
|
||||
|
||||
// Encrypt with the public key...
|
||||
var encrypt = new JSEncrypt();
|
||||
encrypt.setPublicKey($('#pubkey').val());
|
||||
var encrypted = encrypt.encrypt($('#input').val());
|
||||
|
||||
// Decrypt with the private key...
|
||||
var decrypt = new JSEncrypt();
|
||||
decrypt.setPrivateKey($('#privkey').val());
|
||||
var uncrypted = decrypt.decrypt(encrypted);
|
||||
|
||||
// Now a simple check to see if the round-trip worked.
|
||||
if (uncrypted == $('#input').val()) {
|
||||
alert('It works!!!');
|
||||
}
|
||||
else {
|
||||
alert('Something went wrong....');
|
||||
}
|
||||
});
|
||||
});
|
||||
</script>
|
||||
</head>
|
||||
<body>
|
||||
<label for="privkey">Private Key</label><br/>
|
||||
<textarea id="privkey" rows="15" cols="65">-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICXQIBAAKBgQDlOJu6TyygqxfWT7eLtGDwajtNFOb9I5XRb6khyfD1Yt3YiCgQ
|
||||
WMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76xFxdU6jE0NQ+Z+zEdhUTooNR
|
||||
aY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4gwQco1KRMDSmXSMkDwIDAQAB
|
||||
AoGAfY9LpnuWK5Bs50UVep5c93SJdUi82u7yMx4iHFMc/Z2hfenfYEzu+57fI4fv
|
||||
xTQ//5DbzRR/XKb8ulNv6+CHyPF31xk7YOBfkGI8qjLoq06V+FyBfDSwL8KbLyeH
|
||||
m7KUZnLNQbk8yGLzB3iYKkRHlmUanQGaNMIJziWOkN+N9dECQQD0ONYRNZeuM8zd
|
||||
8XJTSdcIX4a3gy3GGCJxOzv16XHxD03GW6UNLmfPwenKu+cdrQeaqEixrCejXdAF
|
||||
z/7+BSMpAkEA8EaSOeP5Xr3ZrbiKzi6TGMwHMvC7HdJxaBJbVRfApFrE0/mPwmP5
|
||||
rN7QwjrMY+0+AbXcm8mRQyQ1+IGEembsdwJBAN6az8Rv7QnD/YBvi52POIlRSSIM
|
||||
V7SwWvSK4WSMnGb1ZBbhgdg57DXaspcwHsFV7hByQ5BvMtIduHcT14ECfcECQATe
|
||||
aTgjFnqE/lQ22Rk0eGaYO80cc643BXVGafNfd9fcvwBMnk0iGX0XRsOozVt5Azil
|
||||
psLBYuApa66NcVHJpCECQQDTjI2AQhFc1yRnCU/YgDnSpJVm1nASoRUnU8Jfm3Oz
|
||||
uku7JUXcVpt08DFSceCEX9unCuMcT72rAQlLpdZir876
|
||||
-----END RSA PRIVATE KEY-----</textarea><br/>
|
||||
<label for="pubkey">Public Key</label><br/>
|
||||
<textarea id="pubkey" rows="15" cols="65">-----BEGIN PUBLIC KEY-----
|
||||
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlOJu6TyygqxfWT7eLtGDwajtN
|
||||
FOb9I5XRb6khyfD1Yt3YiCgQWMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76
|
||||
xFxdU6jE0NQ+Z+zEdhUTooNRaY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4
|
||||
gwQco1KRMDSmXSMkDwIDAQAB
|
||||
-----END PUBLIC KEY-----</textarea><br/>
|
||||
<label for="input">Text to encrypt:</label><br/>
|
||||
<textarea id="input" name="input" type="text" rows=4 cols=70>This is a test!</textarea><br/>
|
||||
<input id="testme" type="button" value="Test Me!!!" /><br/>
|
||||
</body>
|
||||
</html>
|
||||
```
|
||||
|
||||
- Look at how http://www.travistidwell.com/jsencrypt/example.html works to get a better idea.
|
||||
|
||||
Other Information
|
||||
========================
|
||||
|
||||
This library heavily utilizes the wonderful work of Tom Wu found at http://www-cs-students.stanford.edu/~tjw/jsbn/.
|
||||
|
||||
This jsbn library was written using the raw variables to perform encryption. This is great for encryption, but most private keys use a Private Key in the PEM format seen below.
|
||||
|
||||
1024 bit RSA Private Key in Base64 Format
|
||||
-----------------------------------------
|
||||
```
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
|
||||
kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
|
||||
7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
|
||||
AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
|
||||
bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
|
||||
031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
|
||||
auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
|
||||
QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
|
||||
riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
|
||||
iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
|
||||
d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
|
||||
bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
|
||||
a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
```
|
||||
|
||||
This library simply takes keys in the following format, and translates it to those variables needed to perform the encryptions used in Tom Wu's library.
|
||||
|
||||
Here are some good resources to investigate further.
|
||||
- http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html
|
||||
- http://www.di-mgt.com.au/rsa_alg.html
|
||||
- https://polarssl.org/kb/cryptography/asn1-key-structures-in-der-and-pem
|
||||
|
||||
With this information, we can translate a private key format to the variables
|
||||
required with the jsbn library from Tom Wu by using the following mappings.
|
||||
|
||||
```
|
||||
modulus => n
|
||||
public exponent => e
|
||||
private exponent => d
|
||||
prime1 => p
|
||||
prime2 => q
|
||||
exponent1 => dmp1
|
||||
exponent2 => dmq1
|
||||
coefficient => coeff
|
||||
```
|
||||
|
||||
4319
vendors/jsencrypt/jsencrypt.js
vendored
Normal file
4319
vendors/jsencrypt/jsencrypt.js
vendored
Normal file
File diff suppressed because it is too large
Load diff
6
vendors/jsencrypt/jsencrypt.min.js
vendored
Normal file
6
vendors/jsencrypt/jsencrypt.min.js
vendored
Normal file
File diff suppressed because one or more lines are too long
Loading…
Add table
Add a link
Reference in a new issue