travist/jsencrypt travist/jsencrypt

  • Stars
    star
    6,537
  • Rank 5,895 (Top 0.2 %)
  • Language
    JavaScript
  • License
    Other
  • Created over 11 years ago
  • Updated 3 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
travist/jsencrypt
github

travist

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A zero-dependency Javascript library to perform OpenSSL RSA Encryption, Decryption, and Key Generation.

Website

http://travistidwell.com/jsencrypt

Introduction

When browsing the internet looking for a good solution to RSA Javascript encryption, there is a whole slew of libraries that basically take the fantastic work done by Tom Wu @ http://www-cs-students.stanford.edu/~tjw/jsbn/ and then modify that code to do what they want.

What I couldn't find, however, was a simple wrapper around this library that basically uses the library practically untouched, but adds a wrapper to provide parsing of actual Private and Public key-pairs generated with OpenSSL.

This library is the result of these efforts.

How to use this library.

This library should work hand-in-hand with openssl. With that said, here is how to use this library.

  • Within your terminal (Unix based OS) type the following.
openssl genrsa -out rsa_1024_priv.pem 1024
  • This generates a private key, which you can see by doing the following...
cat rsa_1024_priv.pem
  • You can then copy and paste this in the Private Key section of within index.html.
  • Next, you can then get the public key by executing the following command.
openssl rsa -pubout -in rsa_1024_priv.pem -out rsa_1024_pub.pem
  • You can see the public key by typing...
cat rsa_1024_pub.pem
  • Now copy and paste this in the Public key within the index.html.
  • Now you can then convert to and from encrypted text by doing the following in code.
<!doctype html>
<html>
  <head>
    <title>JavaScript RSA Encryption</title>
    <script src="http://code.jquery.com/jquery-1.8.3.min.js"></script>
    <script src="bin/jsencrypt.min.js"></script>
    <script type="text/javascript">

      // Call this code when the page is done loading.
      $(function() {

        // Run a quick encryption/decryption when they click.
        $('#testme').click(function() {

          // Encrypt with the public key...
          var encrypt = new JSEncrypt();
          encrypt.setPublicKey($('#pubkey').val());
          var encrypted = encrypt.encrypt($('#input').val());

          // Decrypt with the private key...
          var decrypt = new JSEncrypt();
          decrypt.setPrivateKey($('#privkey').val());
          var uncrypted = decrypt.decrypt(encrypted);

          // Now a simple check to see if the round-trip worked.
          if (uncrypted == $('#input').val()) {
            alert('It works!!!');
          }
          else {
            alert('Something went wrong....');
          }
        });
      });
    </script>
  </head>
  <body>
    <label for="privkey">Private Key</label><br/>
    <textarea id="privkey" rows="15" cols="65">-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDlOJu6TyygqxfWT7eLtGDwajtNFOb9I5XRb6khyfD1Yt3YiCgQ
WMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76xFxdU6jE0NQ+Z+zEdhUTooNR
aY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4gwQco1KRMDSmXSMkDwIDAQAB
AoGAfY9LpnuWK5Bs50UVep5c93SJdUi82u7yMx4iHFMc/Z2hfenfYEzu+57fI4fv
xTQ//5DbzRR/XKb8ulNv6+CHyPF31xk7YOBfkGI8qjLoq06V+FyBfDSwL8KbLyeH
m7KUZnLNQbk8yGLzB3iYKkRHlmUanQGaNMIJziWOkN+N9dECQQD0ONYRNZeuM8zd
8XJTSdcIX4a3gy3GGCJxOzv16XHxD03GW6UNLmfPwenKu+cdrQeaqEixrCejXdAF
z/7+BSMpAkEA8EaSOeP5Xr3ZrbiKzi6TGMwHMvC7HdJxaBJbVRfApFrE0/mPwmP5
rN7QwjrMY+0+AbXcm8mRQyQ1+IGEembsdwJBAN6az8Rv7QnD/YBvi52POIlRSSIM
V7SwWvSK4WSMnGb1ZBbhgdg57DXaspcwHsFV7hByQ5BvMtIduHcT14ECfcECQATe
aTgjFnqE/lQ22Rk0eGaYO80cc643BXVGafNfd9fcvwBMnk0iGX0XRsOozVt5Azil
psLBYuApa66NcVHJpCECQQDTjI2AQhFc1yRnCU/YgDnSpJVm1nASoRUnU8Jfm3Oz
uku7JUXcVpt08DFSceCEX9unCuMcT72rAQlLpdZir876
-----END RSA PRIVATE KEY-----</textarea><br/>
    <label for="pubkey">Public Key</label><br/>
    <textarea id="pubkey" rows="15" cols="65">-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlOJu6TyygqxfWT7eLtGDwajtN
FOb9I5XRb6khyfD1Yt3YiCgQWMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76
xFxdU6jE0NQ+Z+zEdhUTooNRaY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4
gwQco1KRMDSmXSMkDwIDAQAB
-----END PUBLIC KEY-----</textarea><br/>
    <label for="input">Text to encrypt:</label><br/>
    <textarea id="input" name="input" type="text" rows=4 cols=70>This is a test!</textarea><br/>
    <input id="testme" type="button" value="Test Me!!!" /><br/>
  </body>
</html>
// Sign with the private key...
var sign = new JSEncrypt();
sign.setPrivateKey($('#privkey').val());
var signature = sign.sign($('#input').val(), CryptoJS.SHA256, "sha256");

// Verify with the public key...
var verify = new JSEncrypt();
verify.setPublicKey($('#pubkey').val());
var verified = verify.verify($('#input').val(), signature, CryptoJS.SHA256);

// Now a simple check to see if the round-trip worked.
if (verified) {
  alert('It works!!!');
}
else {
  alert('Something went wrong....');
}
  • Note that you have to provide the hash function. In this example we use one from the CryptoJS library, but you can use whichever you want.
  • Also, unless you use a custom hash function, you should provide the hash type to the sign method. Possible values are: md2, md5, sha1, sha224, sha256, sha384, sha512, ripemd160.

Other Information

This library heavily utilizes the wonderful work of Tom Wu found at http://www-cs-students.stanford.edu/~tjw/jsbn/.

This jsbn library was written using the raw variables to perform encryption. This is great for encryption, but most private keys use a Private Key in the PEM format seen below.

1024 bit RSA Private Key in Base64 Format

-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDHikastc8+I81zCg/qWW8dMr8mqvXQ3qbPAmu0RjxoZVI47tvs
kYlFAXOf0sPrhO2nUuooJngnHV0639iTTEYG1vckNaW2R6U5QTdQ5Rq5u+uV3pMk
7w7Vs4n3urQ6jnqt2rTXbC1DNa/PFeAZatbf7ffBBy0IGO0zc128IshYcwIDAQAB
AoGBALTNl2JxTvq4SDW/3VH0fZkQXWH1MM10oeMbB2qO5beWb11FGaOO77nGKfWc
bYgfp5Ogrql4yhBvLAXnxH8bcqqwORtFhlyV68U1y4R+8WxDNh0aevxH8hRS/1X5
031DJm1JlU0E+vStiktN0tC3ebH5hE+1OxbIHSZ+WOWLYX7JAkEA5uigRgKp8ScG
auUijvdOLZIhHWq7y5Wz+nOHUuDw8P7wOTKU34QJAoWEe771p9Pf/GTA/kr0BQnP
QvWUDxGzJwJBAN05C6krwPeryFKrKtjOGJIniIoY72wRnoNcdEEs3HDRhf48YWFo
riRbZylzzzNFy/gmzT6XJQTfktGqq+FZD9UCQGIJaGrxHJgfmpDuAhMzGsUsYtTr
iRox0D1Iqa7dhE693t5aBG010OF6MLqdZA1CXrn5SRtuVVaCSLZEL/2J5UcCQQDA
d3MXucNnN4NPuS/L9HMYJWD7lPoosaORcgyK77bSSNgk+u9WSjbH1uYIAIPSffUZ
bti+jc1dUg5wb+aeZlgJAkEAurrpmpqj5vg087ZngKfFGR5rozDiTsK5DceTV97K
a3Y+Nzl+XWTxDBWk4YPh2ZlKv402hZEfWBYxUDn5ZkH/bw==
-----END RSA PRIVATE KEY-----

This library simply takes keys in the following format, and translates it to those variables needed to perform the encryptions used in Tom Wu's library.

Here are some good resources to investigate further.

With this information, we can translate a private key format to the variables required with the jsbn library from Tom Wu by using the following mappings.

modulus => n
public exponent => e
private exponent => d
prime1 => p
prime2 => q
exponent1 => dmp1
exponent2 => dmq1
coefficient => coeff

More Repositories

1

makemeasandwich.js

A Node.js + Phantom.js command line application that will automatically order you a sandwich from Jimmy John's. ( http://xkcd.com/149 )
JavaScript
963
star
2

seamless.js

A Javascript library for working with seamless iframes.
JavaScript
215
star
3

meanapp

An example M.E.A.N web application with full CRUD features.
ApacheConf
162
star
4

jquery.go.js

An easy-to-use web testing and automation tool that uses the jQuery interface within Node.js to interact with the Phantom.js browser.
JavaScript
150
star
5

resourcejs

An minimalistic Express.js library that will reflect a Mongoose model onto a RESTful interface with a splash of Swagger.io love.
JavaScript
115
star
6

jquery.treeselect.js

A minimalistic jQuery hierarchy select widget used for selecting hierarchy structures in a treeview format.
JavaScript
101
star
7

drupal.api.js

An object oriented JavaScript API Library for RESTful Drupal CMS.
JavaScript
55
star
8

zombie-phantom

Provides a Zombie.js shim around the Phantom.js Headless Browser.
JavaScript
51
star
9

presentations

A list of all my presentations.
JavaScript
48
star
10

minplayer

A minimalistic, plugin-based "core" media player for the web.
JavaScript
24
star
11

dartminer

A Bitcoin miner written in the Dart language.
Dart
20
star
12

drupal.go.js

A node.js package to automate and test Drupal using the Phantom.js headless browser.
JavaScript
16
star
13

mediafront_demo

A demo Drupal 7 site to show off the mediafront module.
12
star
14

zerotomean

The example application for 0 to M.E.A.N presentation
JavaScript
10
star
15

flatiron-passport

A Passport.js integration with the Flatiron.js web framework.
JavaScript
10
star
16

groupselfie

A web application that allows you to take Group Selfies
JavaScript
9
star
17

drupaltouch

A Sencha Touch application for Drupal CMS
JavaScript
8
star
18

drupal_multimedia

A Drupal 8 with multimedia support.
PHP
7
star
19

youtube_playlist

This is an example jQuery Mobile widget for showing YouTube Playlists. Go to http://www.youtube.com/watch?v=RlrJthCmmU8 to watch the presentation.
JavaScript
6
star
20

ResultTree

A PHP class that will take a flat parent-child mapping array, and build a result tree non-recursively.
PHP
6
star
21

limelight

A PHP library for integrating with Limelight CDN
PHP
5
star
22

restPHP

A couple of simple helper classes to help in writing RESTful PHP Libraries.
PHP
5
star
23

pivotalphp

This is a GPLv3 PHP-CLI script for Pivotal Tracker
PHP
5
star
24

formiomean

An example M.E.A.N app using Angular 4 + Form.io
TypeScript
5
star
25

juckstrap

Unfortunately named static site generation utilizing Nunjucks + Bootstrap + Wintersmith.js.
JavaScript
4
star
26

cliphp

An easy to use CLI ( command line interface ) PHP class that allows for user input.
PHP
4
star
27

phptoolbox

The PHP Toolbox is a convenient way to execute and manage your PHP scripts.
PHP
3
star
28

jekyll-kickstart

A starter Jekyll site using BootStrap 3
JavaScript
3
star
29

travist.github.com

My github pages site.
HTML
3
star
30

media_feature

A Drupal 7 media feature module.
PHP
3
star
31

CachedRequest

An extension to PEAR's HTTP_Request2 class that implements extensible caching mechanisms.
PHP
3
star
32

ropemaze

The rope maze puzzle solved using brute force.
JavaScript
3
star
33

minplayer-flash

An MIT licensed, minimalistic, skinnable, plugin based Flash media player
ActionScript
3
star
34

clicpp

This is a helper class to assist with creating command line applications in C++ where you can easily gather settings for your application.
C++
2
star
35

rotating_banner_pan

A plugin for Drupal's Rotating Banner module that implements panning.
JavaScript
2
star
36

CCK

Content Construction Kit Clone
PHP
2
star
37

drupal-zombie

A presentation and examples for "Automating and Testing Drupal with Zombie.js"
JavaScript
2
star
38

pdfjs-viewer

A built bower version of PDFJS
JavaScript
2
star
39

fpManager

A plugin manager for Flash applications.
ActionScript
2
star
40

moviemate

A Chrome extension that merges functionality between YouTube Trailers and IMDB.
JavaScript
2
star
41

jquery.moreorless.js

A quick way to add "more" or "less" functionality to HTML elements using jQuery.
JavaScript
2
star
42

JQImage.js

A jQuery widget and wrapper class for working with Images.
JavaScript
2
star
43

limelight.js

A node.js application for authenticating Limelight API requests.
JavaScript
1
star
44

drupal-media-module

This is the Drupal Media module with media player integration.
JavaScript
1
star
45

generator-juckstrap

A Yeoman generator for juckstrap.
JavaScript
1
star
46

async-shell

A super simple async shell for Node.js
JavaScript
1
star