javascript Javascript加密库(客户端加密|服务器端解密)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10075971/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Javascript encryption library (client side encrypt | server side decrypt)
提问by royu
I am looking for a javascript library with I can encrypt client side and decrypt server side using C#.
我正在寻找一个 javascript 库,我可以使用 C# 加密客户端和解密服务器端。
Does such a library exist? Are there examples howto encrypt client side and howto decrypt in C# server side?
有这样的图书馆吗?是否有示例如何加密客户端以及如何在 C# 服务器端解密?
edit - extra explanation
编辑 - 额外的解释
On a site with low treshold the requirement is http. Some data (litte) will be send to the server. Idea is that the user give some data (also a key - will not be sent), data will be encrypt and send to the server (key is also known on server side). Data is not real sensitive, preference is not to send it as plain text ...
在具有低阈值的站点上,要求是 http。一些数据(小)将被发送到服务器。想法是用户提供一些数据(也是一个密钥 - 不会被发送),数据将被加密并发送到服务器(密钥在服务器端也是已知的)。数据不是真正敏感的,首选不是将其作为纯文本发送......
I tried http://code.google.com/p/crypto-js/AES. But I can't figure out how that data is encypted (client side, utf 8 or ..., etc.). If I encrypt some data client side (with same iv and private key etc) and do the same in C# I get different strings.
我试过http://code.google.com/p/crypto-js/AES。但我无法弄清楚这些数据是如何加密的(客户端、utf 8 或 ... 等)。如果我加密一些数据客户端(使用相同的 iv 和私钥等)并在 C# 中做同样的事情,我会得到不同的字符串。
回答by Hristo
What kind of encryption are you looking for... symmetric/asymmetric? Are you looking for a specific algorithm... AES, DES, 3DES?
你在寻找什么样的加密......对称/非对称?您是否正在寻找特定的算法...AES、DES、3DES?
Here's a really good JavaScript implementation of AES...
这是AES的一个非常好的JavaScript实现......
http://point-at-infinity.org/jsaes/
http://point-at-infinity.org/jsaes/
Here's some more resources (use at your own risk):
这里有更多资源(使用风险自负):
- http://crypto.stanford.edu/sjcl/
- http://www.farfarfar.com/scripts/encrypt/
- http://code.google.com/p/jscryptolib/
- https://github.com/drench/blowfish.js/blob/master/blowfish.js
- http://crypto.stanford.edu/sjcl/
- http://www.farfarfar.com/scripts/encrypt/
- http://code.google.com/p/jscryptolib/
- https://github.com/drench/blowfish.js/blob/master/blowfish.js
However, JavaScript encryption is not secure. Though you may implement an encryption algorithm correctly, JS is still client-side which means it can be changed. Also, what if JS is disabled? SSL is the way to go.
但是,JavaScript 加密并不安全。尽管您可以正确实现加密算法,但 JS 仍然是客户端,这意味着它可以更改。另外,如果JS被禁用怎么办?SSL 是必经之路。
Finally, here's an interesting article on why you should notdo client-side encryption...
最后,这是一篇关于为什么不应该进行客户端加密的有趣文章......
