0

我可以这样做:使用来自后端的公钥(PHP 钠)在前端(sodium-plus.js)上加密

但我想做相反的事情(用php加密,用javascript解密),我有一个问题。

我可以从我的 html 页面(使用 php 生成)作为十六进制字符串 ( ) 获取我的私钥sodium_bin2hex(sodium_crypto_secretbox_keygen()),但我不能将它与钠加一起使用。

我知道这段代码来获取公钥:

let key = X25519PublicKey.from('...', "hex");

但在我的情况下,这不起作用,我在传递这个变量时出错

await sodium.crypto_secretbox_open(text, nonce, key);

我已经尝试将十六进制字符串转换为 bin ( await sodium.sodium_hex2bin(key)),但它也不起作用。

这是我的代码:

define(function (require) {
    const { SodiumPlus } = require("sodium-plus");
});

let sodium;

(async function () {
    if (!sodium) sodium = await SodiumPlus.auto();
    let text = "...";//my text + nonce (at the end) in hex

    let nonce = text.substr(-48);
    text = text.substr(0, text.length - 48);
    let key = X25519PublicKey.from($("#key").text(), "hex");//get my private key in hex, on my html page

    text = await sodium.sodium_hex2bin(text);
    nonce = await sodium.sodium_hex2bin(nonce);

    let output = await sodium.crypto_secretbox_open(text, nonce, key);    

    console.log(output.toString());

})();

谢谢你

4

1 回答 1

0

这是我使用 crypto_box 和 secret 和 public 两次的解决方案:

define(function (require) {
    const { SodiumPlus } = require("sodium-plus");
});

let sodium;

(async function () {
    if (!sodium) sodium = await SodiumPlus.auto();
    let text = ""; //string in hex to be decrypted (see below for my php code server side)

    let nonce = text.substring(text.length -48); //nonce at the end of the  string
    nonce = await sodium.sodium_hex2bin(nonce); //nonce hex to bin

    text = text.substring(0, text.length - 48); //text without nonce
    text = await sodium.sodium_hex2bin(text); //text hex to bin

    let publicKey = $("#key").text(); //to get my key in hex from my html page (key = secret key + public key), see below my php code $decryption_key

    let secretKey = publicKey.substring(0, 64);//to get the public key in hex
    secretKey = X25519SecretKey.from(secretKey, "hex"); //public key hex to array bin

    publicKey = publicKey.substring(publicKey.length -64); //same for public key
    publicKey = X25519PublicKey.from(publicKey, "hex");

    let output = await sodium.crypto_box_open(text, nonce, secretKey, publicKey);
    output = output.toString(); // bin to string

    console.log(output);

})();

这是我要加密的 php 代码,例如:

$text = '...'; //text to encrypt
$key = sodium_hex2bin( '...' ); //key in hex (got from an other code, see below $encryption_key)
$nonce = random_bytes(SODIUM_CRYPTO_SECRETBOX_NONCEBYTES);
$text_encrypt = sodium_crypto_box($text, $nonce, $key);
$text_encrypt = sodium_bin2hex($text_encrypt.$nonce);
return $text_encrypt;

我的 php 代码用于 php 中的加密密钥,以及我的 html 页面上的解密密钥(然后由 javascript 获取)

$keypair1 = sodium_crypto_box_keypair();
$keypair1_secret = sodium_crypto_box_secretkey($keypair1);
$keypair1_public = sodium_crypto_box_publickey($keypair1);
$keypair2 = sodium_crypto_box_keypair();
$keypair2_secret = sodium_crypto_box_secretkey($keypair2);
$keypair2_public = sodium_crypto_box_publickey($keypair2);

$encryption_key = sodium_crypto_box_keypair_from_secretkey_and_publickey($keypair1_secret, $keypair2_public);
$encryption_key = sodium_bin2hex( $encryption_key ); //for my php encrypt code

$decryption_key = sodium_crypto_box_keypair_from_secretkey_and_publickey($keypair2_secret, $keypair1_public);
$decryption_key = sodium_bin2hex( $decryption_key ); //for my html page, then got by javascript
于 2022-02-19T03:59:25.477 回答