English
English
In modern web development, the combination of PHP and JavaScript is increasingly common. The jsrsasign library is a powerful JavaScript cryptography tool that supports digital signatures, encryption, and decryption. Although jsrsasign mainly runs on the client side, it can be effectively integrated with PHP on the server side to handle complex cryptographic operations, enhancing application security.
jsrsasign is a JavaScript library focused on cryptographic operations. It supports RSA public key encryption, signature generation and verification, digital certificate handling, and more. It provides developers with comprehensive encryption APIs to facilitate secure front-end and back-end cooperation.
Using jsrsasign is straightforward. You can either include it via a CDN or download the source code into your project. Here is an example of including it through CDN:
<span class="fun"><script src="https://cdn.jsdelivr.net/npm/jsrsasign@latest/lib/jsrsasign-all-min.js"></script></span>
After including jsrsasign, PHP and JavaScript can exchange data through REST APIs or AJAX. The example below shows how to generate an RSA key pair in PHP and pass it to the front end:
// Generate RSA key pair
$privateKey = "your-private-key";
$publicKey = "your-public-key";
echo json_encode(['privateKey' => $privateKey, 'publicKey' => $publicKey]);
?>Digital signatures ensure message integrity and authenticity. Using jsrsasign, you can easily create signatures on the client side. The example below demonstrates how to sign content using a private key in JavaScript:
// JavaScript code
var key = KEYUTIL.getKey("your-private-key");
var sig = new KJUR.crypto.Signature({alg: "SHA1withRSA"});
sig.init(key);
sig.updateString("Content to be signed");
var signature = sig.sign();
console.log(signature);After generating a signature, server-side verification is necessary to ensure data integrity. The PHP code below shows how to verify a signature with a public key:
$publicKey = "your-public-key";
$message = "Content to be signed";
$signature = "Obtained signature";
$verified = openssl_verify($message, base64_decode($signature), $publicKey, OPENSSL_ALGO_SHA1);
if ($verified === 1) {
echo "Verification successful";
} else {
echo "Verification failed";
}
?>This article introduced the basic usage of integrating the jsrsasign library within a PHP environment, explaining installation, digital signature creation, and server-side verification. Combining PHP with jsrsasign enables more secure and flexible encryption solutions for web applications. Developers are encouraged to explore official documentation to fully utilize the library's powerful features.
