Login password RSA encrypt/decrypt

This commit is contained in:
RainLoop Team 2014-09-19 17:31:14 +04:00
parent dfb3a07536
commit 1066af98d4
10 changed files with 4695 additions and 94 deletions

13
build/rsa.php Normal file
View file

@ -0,0 +1,13 @@
<?php
if (!\class_exists('Crypt_RSA'))
{
\set_include_path(\get_include_path().PATH_SEPARATOR.\dirname(__FILE__).'/../rainloop/v/0.0.0/app/libraries/phpseclib');
include_once 'Crypt/RSA.php';
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
}
$rsa = new Crypt_RSA();
$key = $rsa->createKey(1024);
var_dump($key);

View file

@ -4,6 +4,8 @@
'use strict';
var
oEncryptObject = null,
Utils = {},
window = require('window'),
@ -170,30 +172,55 @@
};
/**
* @param {string} sValue
* @param {string} sHash
* @param {string} sKey
* @param {string} sLongKey
* @return {string|boolean}
* @param {string} sPublicKey
* @return {JSEncrypt}
*/
Utils.rsaEncode = function (sValue, sHash, sKey, sLongKey)
Utils.rsaObject = function (sPublicKey)
{
if (window.crypto && window.crypto.getRandomValues && window.RSAKey && sHash && sKey && sLongKey)
if (sPublicKey && (null === oEncryptObject || (oEncryptObject && oEncryptObject.__sPublicKey !== sPublicKey)) &&
window.crypto && window.crypto.getRandomValues && window.JSEncrypt)
{
var oRsa = new window.RSAKey();
oRsa.setPublic(sLongKey, sKey);
oEncryptObject = new JSEncrypt();
oEncryptObject.setPublicKey(sPublicKey);
oEncryptObject.__sPublicKey = sPublicKey;
}
else
{
oEncryptObject = false;
}
sValue = oRsa.encrypt(Utils.fakeMd5() + ':' + sValue + ':' + Utils.fakeMd5());
if (false !== sValue)
return oEncryptObject;
};
/**
* @param {string} sValue
* @param {string} sPublicKey
* @return {string}
*/
Utils.rsaEncode = function (sValue, sPublicKey)
{
if (window.crypto && window.crypto.getRandomValues && window.JSEncrypt && sPublicKey)
{
var
sResultValue = false,
oEncrypt = Utils.rsaObject(sPublicKey);
;
if (oEncrypt)
{
return 'rsa:' + sHash + ':' + sValue;
sResultValue = oEncrypt.encrypt(Utils.fakeMd5() + ':' + sValue + ':' + Utils.fakeMd5())
}
if (false !== sResultValue && Utils.isNormal(sResultValue))
{
return 'rsa:xxx:' + sResultValue;
}
}
return false;
return sValue;
};
Utils.rsaEncode.supported = !!(window.crypto && window.crypto.getRandomValues && window.RSAKey);
Utils.rsaEncode.supported = !!(window.crypto && window.crypto.getRandomValues && window.JSEncrypt);
/**
* @param {string} sText

View file

@ -163,29 +163,10 @@
}, this)
;
if (!!Settings.settingsGet('UseRsaEncryption') && Utils.rsaEncode.supported)
if (!!Settings.settingsGet('UseRsaEncryption') && Utils.rsaEncode.supported &&
Settings.settingsGet('RsaPublicKey'))
{
Remote.getPublicKey(_.bind(function (sResult, oData) {
var bRequest = false;
if (Enums.StorageResultType.Success === sResult && oData && oData.Result &&
Utils.isArray(oData.Result) && oData.Result[0] && oData.Result[1] && oData.Result[2])
{
var sEncryptedPassword = Utils.rsaEncode(sPassword, oData.Result[0], oData.Result[1], oData.Result[2]);
if (sEncryptedPassword)
{
fLoginRequest(sEncryptedPassword);
bRequest = true;
}
}
if (!bRequest)
{
this.submitRequest(false);
this.submitError(Utils.getNotification(Enums.Notification.UnknownError));
}
}, this));
fLoginRequest(Utils.rsaEncode(sPassword, Settings.settingsGet('RsaPublicKey')));
}
else
{

View file

@ -147,7 +147,6 @@ cfg.paths.js = {
'vendors/jquery-lazyload/jquery.lazyload.min.js',
'vendors/jquery-nanoscroller/jquery.nanoscroller-0.7.min.js',
'vendors/jquery-wakeup/jquery.wakeup.min.js',
// 'vendors/jquery-linkify/jquery.linkify.min.js',
'vendors/inputosaurus/inputosaurus.min.js',
'vendors/moment/min/moment.min.js ',
'vendors/routes/signals.min.js',
@ -158,7 +157,7 @@ cfg.paths.js = {
'vendors/ssm/ssm.min.js',
'vendors/jua/jua.min.js',
'vendors/Autolinker/Autolinker.min.js',
'vendors/jsbn/bundle.js',
'vendors/jsencrypt/jsencrypt.min.js',
'vendors/keymaster/keymaster.min.js',
'vendors/ifvisible/ifvisible.min.js',
'vendors/jquery-magnific-popup/jquery.magnific-popup.min.js',
@ -241,7 +240,7 @@ gulp.task('js:openpgp', function() {
.pipe(gulp.dest(cfg.paths.staticMinJS));
});
gulp.task('js:libs', ['js:encrypt'], function() {
gulp.task('js:libs', function() {
return gulp.src(cfg.paths.js.libs.src)
.pipe(concat(cfg.paths.js.libs.name, {separator: '\n\n'}))
.pipe(eol('\n', true))
@ -481,7 +480,7 @@ gulp.task('rainloop:owncloud:clean', ['rainloop:owncloud:copy', 'rainloop:ownclo
});
// MAIN
gulp.task('default', ['js:libs', 'js:boot', 'js:encrypt', 'js:openpgp', 'js:min', 'css:main:min']);
gulp.task('default', ['js:libs', 'js:boot', 'js:openpgp', 'js:min', 'css:main:min']);
gulp.task('fast', ['js:app', 'js:admin', 'js:chunks', 'css:main']);
gulp.task('rainloop', ['js:lint', 'rainloop:copy', 'rainloop:setup', 'rainloop:zip', 'rainloop:md5', 'rainloop:clean']);

View file

@ -956,6 +956,7 @@ class Actions
'AllowAdminPanel' => (bool) $oConfig->Get('security', 'allow_admin_panel', true),
'AllowHtmlEditorSourceButton' => (bool) $oConfig->Get('labs', 'allow_html_editor_source_button', false),
'UseRsaEncryption' => (bool) $oConfig->Get('security', 'use_rsa_encryption', false),
'RsaPublicKey' => '',
'HideDangerousActions' => $oConfig->Get('labs', 'hide_dangerous_actions', false),
'CustomLoginLink' => $oConfig->Get('labs', 'custom_login_link', ''),
'CustomLogoutLink' => $oConfig->Get('labs', 'custom_logout_link', ''),
@ -972,6 +973,23 @@ class Actions
'Plugins' => array()
);
if ($aResult['UseRsaEncryption'] &&
\file_exists(APP_PRIVATE_DATA.'rsa/public') && \file_exists(APP_PRIVATE_DATA.'rsa/private'))
{
$aResult['RsaPublicKey'] = \file_get_contents(APP_PRIVATE_DATA.'rsa/public');
$aResult['RsaPublicKey'] = $aResult['RsaPublicKey'] ? $aResult['RsaPublicKey'] : '';
if (false === \strpos($aResult['RsaPublicKey'], 'PUBLIC KEY'))
{
$aResult['RsaPublicKey'] = '';
}
}
if (0 === strlen($aResult['RsaPublicKey']))
{
$aResult['UseRsaEncryption'] = false;
}
if (0 < \strlen($sAuthAccountHash))
{
$aResult['AuthAccountHash'] = $sAuthAccountHash;
@ -1540,22 +1558,23 @@ class Actions
private function clientRsaDecryptHelper($sEncryptedData)
{
$aMatch = array();
if (\preg_match('/^rsa:([a-z0-9]{32}):/', $sEncryptedData, $aMatch) && !empty($aMatch[1]) &&
$this->Config()->Get('security', 'use_rsa_encryption', false))
if ('rsa:xxx:' === substr($sEncryptedData, 0, 8) && $this->Config()->Get('security', 'use_rsa_encryption', false))
{
$oLogger = $this->Logger();
$oLogger->Write('Trying to decode encrypted data', \MailSo\Log\Enumerations\Type::INFO, 'RSA');
$sPrivateKey = $this->Cacher()->Get(\RainLoop\KeyPathHelper::RsaCacherKey($aMatch[1]), true);
$sPrivateKey = file_exists(APP_PRIVATE_DATA.'rsa/private') ?
\file_get_contents(APP_PRIVATE_DATA.'rsa/private') : '';
if (!empty($sPrivateKey))
{
$sData = \trim(\substr($sEncryptedData, 37));
$sData = \trim(\substr($sEncryptedData, 8));
if (!\class_exists('Crypt_RSA'))
{
\set_include_path(\get_include_path().PATH_SEPARATOR.APP_VERSION_ROOT_PATH.'app/libraries/phpseclib');
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
include_once 'Crypt/RSA.php';
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
}
$oLogger->HideErrorNotices(true);
@ -1566,9 +1585,7 @@ class Actions
$oRsa->setPrivateKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_PKCS1);
$oRsa->loadKey($sPrivateKey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1);
$oMsg = new \Math_BigInteger($sData, 16);
$sData = $oRsa->decrypt($oMsg->toBytes());
$sData = $oRsa->decrypt(\base64_decode($sData));
if (\preg_match('/^[a-z0-9]{32}:(.+):[a-z0-9]{32}$/', $sData, $aMatch) && isset($aMatch[1]))
{
$sEncryptedData = $aMatch[1];
@ -1589,46 +1606,6 @@ class Actions
return $sEncryptedData;
}
/**
* @return array
*/
public function DoGetPublicKey()
{
$oLogger = $this->Logger();
if ($this->Config()->Get('security', 'use_rsa_encryption', false))
{
$oLogger->HideErrorNotices(true);
if (!\class_exists('Crypt_RSA'))
{
\set_include_path(\get_include_path().PATH_SEPARATOR.APP_VERSION_ROOT_PATH.'app/libraries/phpseclib');
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
include_once 'Crypt/RSA.php';
}
$oRsa = new \Crypt_RSA();
$oRsa->setPublicKeyFormat(CRYPT_RSA_PUBLIC_FORMAT_RAW);
$aKeys = $oRsa->createKey(1024);
if (!empty($aKeys['privatekey']) && !empty($aKeys['publickey']['e']) && !empty($aKeys['publickey']['n']))
{
$e = new \Math_BigInteger($aKeys['publickey']['e'], 10);
$n = new \Math_BigInteger($aKeys['publickey']['n'], 10);
$sHash = \md5($e->toHex().$n->toHex());
$oLogger->HideErrorNotices(false);
return $this->DefaultResponse(__FUNCTION__,
$this->Cacher()->Set(\RainLoop\KeyPathHelper::RsaCacherKey($sHash), $aKeys['privatekey']) ?
array($sHash, $e->toHex(), $n->toHex()) : false);
}
}
$oLogger->HideErrorNotices(false);
return $this->FalseResponse(__FUNCTION__);
}
/**
* @return array
*

View file

@ -7,6 +7,11 @@
@ini_set('magic_quotes_gpc', 0);
@ini_set('magic_quotes_runtime', 0);
define('APP_DEFAULT_DENY_ALL_HTACCESS', 'Deny from all
<IfModule mod_autoindex.c>
Options -Indexes
</ifModule>');
if (isset($_ENV['RAINLOOP_INCLUDE_AS_VERSION']) && $_ENV['RAINLOOP_INCLUDE_AS_VERSION'])
{
$_ENV['RAINLOOP_INCLUDE_AS_VERSION'] = false;
@ -150,12 +155,7 @@
@file_put_contents(APP_DATA_FOLDER_PATH.'INSTALLED', APP_VERSION);
@file_put_contents(APP_DATA_FOLDER_PATH.'index.html', 'Forbidden');
@file_put_contents(APP_DATA_FOLDER_PATH.'index.php', 'Forbidden');
@file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess',
'Deny from all
<IfModule mod_autoindex.c>
Options -Indexes
</ifModule>');
@file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess', APP_DEFAULT_DENY_ALL_HTACCESS);
if (!@is_dir(APP_PRIVATE_DATA))
{

112
vendors/jsencrypt/LICENSE.txt vendored Normal file
View file

@ -0,0 +1,112 @@
File: src/LICENSE.txt
The MIT License (MIT)
Copyright (c) 2013 AllPlayers.com
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in the
Software without restriction, including without limitation the rights to use,
copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the
Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
File: lib/jsrsasign/LICENSE.txt
CONTAINS CODE FROM YUI LIBRARY SEE LICENSE @ http://yuilibrary.com/license/
The 'jsrsasign'(RSA-Sign JavaScript Library) License
Copyright (c) 2010-2013 Kenji Urushima
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
File: lib/jsbn/LICENSE.txt
Licensing
---------
This software is covered under the following copyright:
/*
* Copyright (c) 2003-2005 Tom Wu
* All Rights Reserved.
*
* Permission is hereby granted, free of charge, to any person obtaining
* a copy of this software and associated documentation files (the
* "Software"), to deal in the Software without restriction, including
* without limitation the rights to use, copy, modify, merge, publish,
* distribute, sublicense, and/or sell copies of the Software, and to
* permit persons to whom the Software is furnished to do so, subject to
* the following conditions:
*
* The above copyright notice and this permission notice shall be
* included in all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
* EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
* WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
*
* IN NO EVENT SHALL TOM WU BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
* INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
* RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
* THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
* OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*
* In addition, the following condition applies:
*
* All redistributions must retain an intact copy of this copyright notice
* and disclaimer.
*/
Address all questions regarding this license to:
Tom Wu
tjw@cs.Stanford.EDU
File: lib/asn1js/LICENSE.txt
ASN.1 JavaScript decoder
Copyright (c) 2008-2013 Lapo Luchini <lapo@lapo.it>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

167
vendors/jsencrypt/README.md vendored Normal file
View file

@ -0,0 +1,167 @@
Website
======================
http://travistidwell.com/jsencrypt
Introduction
======================
When browsing the internet looking for a good solution to RSA Javascript
encryption, there is a whole slew of libraries that basically take the fantastic
work done by Tom Wu @ http://www-cs-students.stanford.edu/~tjw/jsbn/ and then
modify that code to do what they want.
What I couldn't find, however, was a simple wrapper around this library that
basically uses the library <a href="https://github.com/travist/jsencrypt/pull/6">practically</a> untouched, but adds a wrapper to provide parsing of
actual Private and Public key-pairs generated with OpenSSL.
This library is the result of these efforts.
How to use this library.
=======================
This library should work hand-in-hand with openssl. With that said, here is how to use this library.
- Within your terminal (Unix based OS) type the following.
```
openssl genrsa -out rsa_1024_priv.pem 1024
```
- This generates a private key, which you can see by doing the following...
```
cat rsa_1024_priv.pem
```
- You can then copy and paste this in the Private Key section of within index.html.
- Next, you can then get the public key by executing the following command.
```
openssl rsa -pubout -in rsa_1024_priv.pem -out rsa_1024_pub.pem
```
- You can see the public key by typing...
```
cat rsa_1024_pub.pem
```
- Now copy and paste this in the Public key within the index.html.
- Now you can then convert to and from encrypted text by doing the following in code.
```html
<!doctype html>
<html>
<head>
<title>JavaScript RSA Encryption</title>
<script src="http://code.jquery.com/jquery-1.8.3.min.js"></script>
<script src="bin/jsencrypt.min.js"></script>
<script type="text/javascript">
// Call this code when the page is done loading.
$(function() {
// Run a quick encryption/decryption when they click.
$('#testme').click(function() {
// Encrypt with the public key...
var encrypt = new JSEncrypt();
encrypt.setPublicKey($('#pubkey').val());
var encrypted = encrypt.encrypt($('#input').val());
// Decrypt with the private key...
var decrypt = new JSEncrypt();
decrypt.setPrivateKey($('#privkey').val());
var uncrypted = decrypt.decrypt(encrypted);
// Now a simple check to see if the round-trip worked.
if (uncrypted == $('#input').val()) {
alert('It works!!!');
}
else {
alert('Something went wrong....');
}
});
});
</script>
</head>
<body>
<label for="privkey">Private Key</label><br/>
<textarea id="privkey" rows="15" cols="65">-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDlOJu6TyygqxfWT7eLtGDwajtNFOb9I5XRb6khyfD1Yt3YiCgQ
WMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76xFxdU6jE0NQ+Z+zEdhUTooNR
aY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4gwQco1KRMDSmXSMkDwIDAQAB
AoGAfY9LpnuWK5Bs50UVep5c93SJdUi82u7yMx4iHFMc/Z2hfenfYEzu+57fI4fv
xTQ//5DbzRR/XKb8ulNv6+CHyPF31xk7YOBfkGI8qjLoq06V+FyBfDSwL8KbLyeH
m7KUZnLNQbk8yGLzB3iYKkRHlmUanQGaNMIJziWOkN+N9dECQQD0ONYRNZeuM8zd
8XJTSdcIX4a3gy3GGCJxOzv16XHxD03GW6UNLmfPwenKu+cdrQeaqEixrCejXdAF
z/7+BSMpAkEA8EaSOeP5Xr3ZrbiKzi6TGMwHMvC7HdJxaBJbVRfApFrE0/mPwmP5
rN7QwjrMY+0+AbXcm8mRQyQ1+IGEembsdwJBAN6az8Rv7QnD/YBvi52POIlRSSIM
V7SwWvSK4WSMnGb1ZBbhgdg57DXaspcwHsFV7hByQ5BvMtIduHcT14ECfcECQATe
aTgjFnqE/lQ22Rk0eGaYO80cc643BXVGafNfd9fcvwBMnk0iGX0XRsOozVt5Azil
psLBYuApa66NcVHJpCECQQDTjI2AQhFc1yRnCU/YgDnSpJVm1nASoRUnU8Jfm3Oz
uku7JUXcVpt08DFSceCEX9unCuMcT72rAQlLpdZir876
-----END RSA PRIVATE KEY-----</textarea><br/>
<label for="pubkey">Public Key</label><br/>
<textarea id="pubkey" rows="15" cols="65">-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlOJu6TyygqxfWT7eLtGDwajtN
FOb9I5XRb6khyfD1Yt3YiCgQWMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76
xFxdU6jE0NQ+Z+zEdhUTooNRaY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4
gwQco1KRMDSmXSMkDwIDAQAB
-----END PUBLIC KEY-----</textarea><br/>
<label for="input">Text to encrypt:</label><br/>
<textarea id="input" name="input" type="text" rows=4 cols=70>This is a test!</textarea><br/>
<input id="testme" type="button" value="Test Me!!!" /><br/>
</body>
</html>
```
- Look at how http://www.travistidwell.com/jsencrypt/example.html works to get a better idea.
Other Information
========================
This library heavily utilizes the wonderful work of Tom Wu found at http://www-cs-students.stanford.edu/~tjw/jsbn/.
This jsbn library was written using the raw variables to perform encryption. This is great for encryption, but most private keys use a Private Key in the PEM format seen below.
1024 bit RSA Private Key in Base64 Format
-----------------------------------------
```
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
-----END RSA PRIVATE KEY-----
```
This library simply takes keys in the following format, and translates it to those variables needed to perform the encryptions used in Tom Wu's library.
Here are some good resources to investigate further.
- http://etherhack.co.uk/asymmetric/docs/rsa_key_breakdown.html
- http://www.di-mgt.com.au/rsa_alg.html
- https://polarssl.org/kb/cryptography/asn1-key-structures-in-der-and-pem
With this information, we can translate a private key format to the variables
required with the jsbn library from Tom Wu by using the following mappings.
```
modulus => n
public exponent => e
private exponent => d
prime1 => p
prime2 => q
exponent1 => dmp1
exponent2 => dmq1
coefficient => coeff
```

4319
vendors/jsencrypt/jsencrypt.js vendored Normal file

File diff suppressed because it is too large Load diff

6
vendors/jsencrypt/jsencrypt.min.js vendored Normal file

File diff suppressed because one or more lines are too long