问题
i'm trying to create a WS for make soap request. In the body of the message there is a field that contains an encrypted text. I have the public key to encrypt the text but the only result that i obtain is that the text is not recognized. I use crypto module of node for making request and the text is crypted but i don't know why is not correclty encrypted.
Ps i made the same thing on php with openssl_public_encrypt function and working. But i have to do it in node.js.
Any idea or suggestion? What is different openssl_public_encrypt from crypto.publicEncrypt function?
Here is the encrypt part in node.js:
var crypto = require("crypto");
var fs = require('fs');
fs.readFile("./certificate.pem", 'utf8', function (err, data) {
var bufferToEncrypt = new Buffer("textToEncrypt");
var encrypted = crypto.publicEncrypt({"key":data, padding:crypto.RSA_NO_PADDING}, bufferToEncrypt).toString("base64");
console.log(encrypted); // length 128
}
The same thing in php:
<?php
$publicKey = "./certificate.pem";
$plaintext = "textToEncrypt";
openssl_public_encrypt($plaintext, $encrypted, $publicKey);
echo base64_encode($encrypted); //encrypted string length 128
?>
I don't have the private key for decrypting the text, i only have the public key.
Also notice that the length of the encrypted text (in base64) is the same in php and in node.js.
回答1:
I guess the padding is your problem. In node.js you specify padding:crypto.RSA_NO_PADDING. When looking up the doc of openssl_public_encrypt() it says that it uses OPENSSL_PKCS1_PADDING by default. Try the following:
var constants = require("constants");
var encrypted = crypto.publicEncrypt({"key":data,
padding:constants.RSA_PKCS1_PADDING}, bufferToEncrypt).toString("base64");
I have prepared an online demo:
- Encrypt using node.js
- copy the resulting string
- and paste it to
$encrypted_encodedon PHP decryption example
Advise: As a rule of thumb, don't use asymmetric encryption for actual messages. Use it to protect a symmetric key instead. However, your use case might be valid, I just want to state this every time someone talks RSA encryption.
来源:https://stackoverflow.com/questions/34953732/node-js-correct-way-to-make-rsa-encrypt