RSA前后端加密方案 - wiki.busyhe.com

资料

生成密钥

生成密钥文件为解决负载均衡部署服务RSA验证统一。

generateRsa.js


const forge = require('node-forge');
const path = require('path')
const fs = require('fs-extra')
const {rsa, publicKeyToPem, privateKeyToPem} = forge.pki;

const rsaFilePath = path.join(__dirname, '../config/rsa.js')
rsa.generateKeyPair({bits: 2048, workers: 2}, function (err, keypair) {
    if (err) {
        return;
    }
    const rsaKey = {
        RSAPublicKey: publicKeyToPem(keypair.publicKey).replace(/\r/g, ''),
        RSAPrivateKey: privateKeyToPem(keypair.privateKey).replace(/\r/g, ''),
    }
    console.log(rsaKey);
    fs.outputFileSync(rsaFilePath, 'module.exports = ' + JSON.stringify(rsaKey))
});

前端配置


const RSA_PUBLIC_KEY = '';
const publicK = forge.pki.publicKeyFromPem(RSA_PUBLIC_KEY);
const encrypted = publicK.encrypt(str, 'RSA-OAEP')
window.btoa(unescape(encodeURIComponent(encrypted)))

后端配置


function decode(app, str) {
    const RSA_PRIVATE_KEY = '';
    const privateK = forge.pki.privateKeyFromPem(RSA_PRIVATE_KEY);
    const encrypted = Buffer.from(str, 'base64').toString();
    const decrypted = privateK.decrypt(encrypted, 'RSA-OAEP');
    return decodeURIComponent(decrypted);
}