jsrsasign(RSA-Sign JavaScript库)是一个免费的开源加密库,支持RSA / RSAPSS / ECDSA / DSA签名/验证,ASN.1,PKCS#1/5/8私钥/公钥,X.509证书,纯JavaScript中的CRL,OCSP,CMS SignedData,TimeStamp,CAdES JSON Web签名/令牌/密钥。
jsrsasign-all-min.js下载地址: https://cdnjs.cloudflare.com/ajax/libs/jsrsasign/8.0.20/jsrsasign-all-min.js (jsrsasign文件也可以自己下载,目前下载链接可用。)
公钥、私钥生成:https://uutool.cn/rsa-generate/
加密/解密、加签/验签代码样例:
<html> <script src="./jsrsasign-all-min.js"></script> <script> var keyPri = "-----BEGIN PRIVATE KEY-----\n" + "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANgoMoiwPKSdMfrx\n" + "AvqBIMF8e2GMx1NLc7PBC3hZIPloekW8xEKcxk+uB/v3VHxDfOPNVqX9cW3uxJLG\n" + "nOle1gvRi2+sY5jXa1nlkvnIAp5pccCQXxjqsPqIZGNCORbILZkzY0SiC34WZg3c\n" + "jhXkyagwpzjNUsbx4cTrai5UjQznAgMBAAECgYBU0ilKVAXn/rtfInYtwMAOzP9J\n" + "f0m0WNZVQjpzBl6XIDVi6jkFfqmfGMaPTDW98WmvpqMKzdJV9izy/7cRKKLLFdTd\n" + "AY9LwPtAWGz9Mv6AFclfFso/U8N9HpyY3B91M7tmTqaUyw+xdMazh4sqBQKrBOP3\n" + "XjF4SY3PSz3W87KMeQJBAO3jsESxbVlt0TorEkab44sKpddB7rYqanOLKmnPE8UY\n" + "ogwXJwfY4UrX2rkQZ/XD1I162I1G5uSLxZHTOW775s0CQQDonPVnbyShd9oARk/E\n" + "5VSfiRceMtWr4cl88hLhtV03xmn/hS4uHebm2WISWjIq5veqyedIDSodBfRt6lqB\n" + "ybqDAkEAlDxbbJK7NwzNYdfRDZq6UbwS123IWE9aAiHoDgLxqNHOuIX81lD5InAb\n" + "ZVKp1WVwH7E7G93gpu3J8TKUCWqCyQJATsGdwPh7cYPvtnoX1fVDcoRq5FmXyIs4\n" + "ueoIBI1wU0sFZnMEEK8lF3HwZ4BMTgRHRHb5rIZwhMUYXgKjxB+12wJBAM+pf/DG\n" + "Qr8fYKubE0444Hz/RTeQgcpxpp7xWbKutFap6tIZAZnKlyYjDKAbNCbDMLjg/zii\n" + "kDgsl2WXNRUK4hE=\n" + "-----END PRIVATE KEY-----"; var keyPub = "-----BEGIN PUBLIC KEY-----\n" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYKDKIsDyknTH68QL6gSDBfHth\n" + "jMdTS3OzwQt4WSD5aHpFvMRCnMZPrgf791R8Q3zjzVal/XFt7sSSxpzpXtYL0Ytv\n" + "rGOY12tZ5ZL5yAKeaXHAkF8Y6rD6iGRjQjkWyC2ZM2NEogt+FmYN3I4V5MmoMKc4\n" + "zVLG8eHE62ouVI0M5wIDAQAB\n" + "-----END PUBLIC KEY-----"; let data = "abcdefg"; console.log("原始数据:" + data); //私钥加签 let sign = signature(data); console.log("私钥加签:" + sign); //公钥验签 let verifyResult = verifySignature(sign, data); console.log("公钥验签:" + verifyResult); //公钥加密 let encryptDataBase64 = encryptToBase64(data); console.log("公钥加密:" + encryptDataBase64); //私钥解密 let decryptDataStr = decryptData(encryptDataBase64); console.log("私钥解密:" + decryptDataStr); // 私钥加签 function signature(data) { // data: 原始数据 // 创建秘钥实例 const key = KEYUTIL.getKey(keyPri); // 指定签名算法 sha1对原文哈希 let signature = new KJUR.crypto.Signature({alg: "SHA1withRSA"}); // 传入秘钥实例, 初始化 signature.init(key); // 传入待签明文 signature.updateString(data); // 签名, 得到16进制字符结果 let signResult = signature.sign(); // 签名hex转base64 return hextob64(signResult); } // 公钥验签 function verifySignature(signBase64, data) { // signBase64: 签名(已转base64) // data: 原始数据 try { // 公钥验签 let signatureVf = new KJUR.crypto.Signature({alg: "SHA1withRSA", prvkeypem: keyPub}); signatureVf.updateString(data); return signatureVf.verify(b64tohex(signBase64)); } catch (e) { console.error(e); } } // 公钥加密 function encryptToBase64(data) { // 读取解析pem格式的秘钥, 生成秘钥实例 (RSAKey) const pub = KEYUTIL.getKey(keyPub); const enc = KJUR.crypto.Cipher.encrypt(data, pub); return hextob64(enc); } //私钥解密 function decryptData(dataBase64) { const prv = KEYUTIL.getKey(keyPri); return KJUR.crypto.Cipher.decrypt(b64utohex(dataBase64), prv); } </script> </html>
执行结果图:
参考文档:
https://www.ngui.cc/el/1940009.html?action=onClick
https://uutool.cn/rsa-generate/