The reason why you need encryption at all is probably to protect against a man-in-the-middle. There are scenarios where an attacker is able to sniff at the traffic without being able to change it. This solution would protect against that threat, but it would provide no protection at all against a man-in-the-middle that is able to modify the traffic.

您完全需要加密的原因可能是为了防止中间人。在某些情况下，攻击者能够嗅探流量而无法更改它。该解决方案可以防范这种威胁，但它根本无法防范能够修改流量的中间人。

If the attacker can change the traffic, then he will also be able to change the script that does the encryption. The easiest attack would be to just remove the encryption completely from the script. If you don't have https, and a man-in-the-middle is possible (which is the case in almost every scenario) then you don't have any control at all over the html or javascript that is presented to the end user. The attacker may rewrite your html code and javascript completely, disablign encryption, creating new form fields in your form etc. Https is a prerequisite for secure communication in the web-channel.

如果攻击者可以更改流量，那么他也可以更改进行加密的脚本。最简单的攻击是从脚本中完全删除加密。如果您没有 https，并且可能存在中间人（几乎在所有情况下都是这种情况），那么您根本无法控制呈现到最后的 html 或 javascript用户。攻击者可能会完全重写您的 html 代码和 javascript，禁用加密，在您的表单中创建新的表单字段等。Https 是网络通道中安全通信的先决条件。

I've done it. I use this JavaScript client-side asymetric RSA encryption to prevent the login credentials to be send in plain text over HTTP.

我已经做到了。我使用此 JavaScript 客户端非对称 RSA 加密来防止通过 HTTP 以纯文本形式发送登录凭据。

The goal is to prevent login request replay attacks based on network sniffing. Of course, this is not as secure as HTTPS since it would not resist to man-in-the-middle attacks, but it can be sufficient for local networks.

目标是防止基于网络嗅探的登录请求重放攻击。当然，这不如HTTPS安全，因为它无法抵抗中间人攻击，但对于本地网络来说已经足够了。

The client-side encryption uses Travis Tridwell's excellent workwhich is based on JSBN. Travis' web page can also generate the private and public RSA keys (if you are too lazy to use openssl). The keys are generated in PKCS#1 PEM format. I encrypt username+password+timeInMs+timezoneso that the encrypted content changes at each login.

客户端加密使用特拉维斯Tridwell的出色工作，这是基于JSBN。Travis 的网页还可以生成私有和公共 RSA 密钥（如果您懒得使用openssl）。密钥以 PKCS#1 PEM 格式生成。我进行加密，username+password+timeInMs+timezone以便每次登录时加密内容都会更改。

On the server-side, my Java code read read the PKCS#1 PEM file using Apache JMeter's org.apache.jmeter.protocol.oauth.sampler.PrivateKeyReader:

在服务器端，我的 Java 代码读取使用Apache JMeter 的org.apache.jmeter.protocol.oauth.sampler.PrivateKeyReaderPKCS#1 PEM 文件：

PrivateKey pk = (new PrivateKeyReader("myPrivateKeyFile.pem")).getPrivateKey();

Then I decrypt the encrypted content using

然后我使用解密加密的内容

byte[] enc = DatatypeConverter.parseBase64Binary(clientData);
Cipher rsa = Cipher.getInstance("RSA");
rsa.init(Cipher.DECRYPT_MODE, pk);
byte[] dec = rsa.doFinal(enc);
String out = new String(dec, "UTF8");

Then I check if the client-side timestamp/timezone match the server-side timestamp/timezone. If the delay is less than a few seconds, the login process continues. Otherwise the request is considered a replay attack and the login fails.

然后我检查客户端时间戳/时区是否与服务器端时间戳/时区匹配。如果延迟小于几秒钟，登录过程将继续。否则该请求被认为是重放攻击并且登录失败。

asymmetric public key/ private key is the only way to do this. To protect against MIM attacks the server can hash the public key with the users password, then the user (in the browser) re-computes the hash - if they match then the user can be confident that the public key sent from the server has not been tampered with - this relies on the fact that only the server and the user know the users password.

非对称公钥/私钥是唯一的方法。为了防止 MIM 攻击，服务器可以使用用户密码散列公钥，然后用户（在浏览器中）重新计算散列 - 如果它们匹配，则用户可以确信从服务器发送的公钥没有被篡改 - 这依赖于只有服务器和用户知道用户密码的事实。

PS I wanted to write this as a comment as that would be more appropiate than an answer, but I don't have enough points :)

PS我想把它写成评论，因为这比答案更合适，但我没有足够的分数:)

This question seems to have what you're after, Javascript cryptography library to sign form data in browserThe PGP link: http://www.hanewin.net/encrypt/has RSA

这个问题似乎有你想要的，Javascript 加密库在浏览器中签署表单数据PGP 链接：http: //www.hanewin.net/encrypt/有 RSA

Are the Server > JavaScript messages sent over HTTPS?

服务器 > JavaScript 消息是否通过 HTTPS 发送？

If not, nothing prevents a man in the middle from changing the scripts. Any encryption will be useless if the code that has access to the unencrypted data is compromised.

如果没有，没有什么可以阻止中间人更改脚本。如果可以访问未加密数据的代码遭到破坏，则任何加密都将毫无用处。