Introduction to RSA Encryption
In today's digital landscape, securing sensitive data is crucial for individuals and organizations alike. RSA (Rivest-Shamir-Adleman) encryption stands out as a robust solution for protecting data. It is an asymmetric encryption algorithm, which means that it uses a pair of keys: a public key for encryption and a private key for decryption. One of the main benefits of RSA encryption is that the private key never needs to be shared, which minimizes the risk of it being compromised.
This article explores how to use RSA encryption across three popular programming languages—JavaScript, Python, and PHP—making it easier to secure data in cross-platform applications.
Cross-Platform Encryption and Decryption: The Scenario
Imagine you're building a web application where sensitive information (like authentication data or personal details) must be securely transmitted between the client (front end) and the server (back end). For instance, you might encrypt a message on the client side in JavaScript and then decrypt it on the server using either Python or PHP.
RSA is well-suited for this scenario because it provides the flexibility of encryption in one language and decryption in another, ensuring cross-platform compatibility.
RSA Implementation: JavaScript, Python, and PHP
JavaScript (Next.js with JSEncrypt)
Encryption:
import JSEncrypt from 'jsencrypt'; // Function to encrypt a message using a public key const encryptWithPublicKey = (message) => { const encryptor = new JSEncrypt(); const publicKey = process.env.NEXT_PUBLIC_PUBLIC_KEY.replace(/\\n/g, "\n"); encryptor.setPublicKey(publicKey); const encryptedMessage = encryptor.encrypt(message); return encryptedMessage; };
Decryption:
import JSEncrypt from 'jsencrypt'; // Function to decrypt a message using a private key const decryptWithPrivateKey = (encryptedMessage) => { const decryptor = new JSEncrypt(); const privateKey = process.env.PRIVATE_KEY.replace(/\\n/g, "\n"); decryptor.setPrivateKey(privateKey); const decryptedMessage = decryptor.decrypt(encryptedMessage); return decryptedMessage; };
Explanation:
Public Key Encryption: The JSEncrypt library encrypts the message using the public key. This ensures that only the corresponding private key can decrypt it.
Private Key Decryption: The message is decrypted with the private key, which is securely stored in an environment variable.
Security Consideration: By using RSA, we ensure that the data sent from the client is encrypted and secure.
Python (using rsa library)
Encryption:
import rsa import base64 def encrypt_with_public_key(message: str, public_key_str: str) -> str: public_key = rsa.PublicKey.load_pkcs1_openssl_pem(public_key_str.encode()) encrypted_message = rsa.encrypt(message.encode(), public_key) return base64.b64encode(encrypted_message).decode()
Decryption:
import rsa import base64 def decrypt_with_private_key(encrypted_message: str, private_key_str: str) -> str: private_key = rsa.PrivateKey.load_pkcs1(private_key_str.encode()) encrypted_bytes = base64.b64decode(encrypted_message.encode()) decrypted_message = rsa.decrypt(encrypted_bytes, private_key) return decrypted_message.decode()
Explanation:
Public Key Encryption: The message is encrypted using a public key, ensuring that only the intended private key holder can decrypt it.
Base64 Encoding: After encryption, the message is Base64 encoded to ensure compatibility with text transmission.
Private Key Decryption: The private key is used to decrypt the Base64-encoded encrypted message, ensuring confidentiality.
PHP (using OpenSSL)
Encryption:
function encrypt_with_public_key($message) { $publicKey = getenv('PUBLIC_KEY'); openssl_public_encrypt($message, $encrypted, $publicKey); return base64_encode($encrypted); }
Decryption:
function decrypt_with_private_key($encryptedMessage) { $privateKey = getenv('PRIVATE_KEY'); $encryptedData = base64_decode($encryptedMessage); openssl_private_decrypt($encryptedData, $decrypted, $privateKey); return $decrypted; }
Explanation:
Public Key Encryption: The openssl_public_encrypt function encrypts the message using the public key, ensuring that only the private key can decrypt it.
Private Key Decryption: The openssl_private_decrypt function decrypts the message using the private key, ensuring that sensitive information remains secure.
Environment Variables: Both the public and private keys are securely stored in environment variables, enhancing security.
Best Practices for Encryption
Use Environment Variables: Always store your keys in environment variables instead of hard-coding them into your application. This reduces the risk of exposing sensitive information.
Encrypt Sensitive Data: Encrypt personal and sensitive data such as passwords, financial details, or personally identifiable information (PII) to prevent unauthorized access.
Use HTTPS: Ensure your application communicates over HTTPS to safeguard data in transit.
Secure Key Management: Regularly rotate encryption keys and ensure they are stored securely.
Why Choose RSA Encryption?
Enhanced Data Security: RSA encryption ensures that sensitive data is kept secure during transmission, preventing unauthorized access.
Asymmetric Encryption: RSA uses a public key for encryption and a private key for decryption, which ensures the private key never needs to be shared.
Cross-Platform Compatibility: RSA works seamlessly across different platforms and programming languages, making it ideal for web applications where different technologies are used on the client and server sides.
結論
RSA 加密提供了一種跨多個程式設計環境保護敏感資料的可靠方法。透過在 JavaScript、Python 和 PHP 中實現 RSA 加解密,您可以保護敏感資訊、增強安全性並確保跨平台相容性。無論是為了保護 API 呼叫、保護使用者資料或確保訊息的機密性,RSA 都提供了強大的加密解決方案。
如果您發現本指南有幫助,請考慮與其他開發人員分享,並繼續關注有關加密和資料安全的更多見解!
加密 #RSA #CyberSecurity #DataSecurity #WebDevelopment #CrossPlatformSecurity #JavaScript #Python #PHP
以上是跨平台使用 RSA 加密和解密保護數據的詳細內容。更多資訊請關注PHP中文網其他相關文章!

長URL(通常用關鍵字和跟踪參數都混亂)可以阻止訪問者。 URL縮短腳本提供了解決方案,創建了簡潔的鏈接,非常適合社交媒體和其他平台。 這些腳本對於單個網站很有價值

在Facebook在2012年通過Facebook備受矚目的收購之後,Instagram採用了兩套API供第三方使用。這些是Instagram Graph API和Instagram Basic Display API。作為開發人員建立一個需要信息的應用程序

Laravel使用其直觀的閃存方法簡化了處理臨時會話數據。這非常適合在您的應用程序中顯示簡短的消息,警報或通知。 默認情況下,數據僅針對後續請求: $請求 -

這是有關用Laravel後端構建React應用程序的系列的第二個也是最後一部分。在該系列的第一部分中,我們使用Laravel為基本的產品上市應用程序創建了一個RESTFUL API。在本教程中,我們將成為開發人員

Laravel 提供简洁的 HTTP 响应模拟语法,简化了 HTTP 交互测试。这种方法显著减少了代码冗余,同时使您的测试模拟更直观。 基本实现提供了多种响应类型快捷方式: use Illuminate\Support\Facades\Http; Http::fake([ 'google.com' => 'Hello World', 'github.com' => ['foo' => 'bar'], 'forge.laravel.com' =>

PHP客戶端URL(curl)擴展是開發人員的強大工具,可以與遠程服務器和REST API無縫交互。通過利用Libcurl(備受尊敬的多協議文件傳輸庫),PHP curl促進了有效的執行

您是否想為客戶最緊迫的問題提供實時的即時解決方案? 實時聊天使您可以與客戶進行實時對話,並立即解決他們的問題。它允許您為您的自定義提供更快的服務

2025年的PHP景觀調查調查了當前的PHP發展趨勢。 它探討了框架用法,部署方法和挑戰,旨在為開發人員和企業提供見解。 該調查預計現代PHP Versio的增長


熱AI工具

Undresser.AI Undress
人工智慧驅動的應用程序,用於創建逼真的裸體照片

AI Clothes Remover
用於從照片中去除衣服的線上人工智慧工具。

Undress AI Tool
免費脫衣圖片

Clothoff.io
AI脫衣器

AI Hentai Generator
免費產生 AI 無盡。

熱門文章

熱工具

SublimeText3 Linux新版
SublimeText3 Linux最新版

EditPlus 中文破解版
體積小,語法高亮,不支援程式碼提示功能

SublimeText3漢化版
中文版,非常好用

記事本++7.3.1
好用且免費的程式碼編輯器

Dreamweaver Mac版
視覺化網頁開發工具