Laravel笔记-用户登录时密码进行RSA加密(提高系统安全性)
前段时间写了一篇提高Laravel用户登录,登录失败5次后,锁帐号的功能。
但后面发现,Laravel提供的安全还是不行,数据都是在裸奔,如下图所示:
万一中途xx路由器被入侵了。被人抓到这个包,本来就是http的,又是明文,太不安全了。所以这里做一个加密。
这里知识点比较多,涉及C/C++,OpenSSL、Qt等语言和框架,这里就简单说下思路和贴一些伪代码:
这里我用Qt将OpenSSL库封装成插件,提供下面的API功能:
Get请求:
CJson *RSACipher::getResponse(QMap<QString, QVariant> parament)
{
CJson *json = new CJson;
if(parament.contains("cmd")){
QString cmd = parament.value("cmd").toString();
RSASecret *rsa = RSASecret::getInstance();
QList<QVariant> retVec;
if(cmd == "publicKeys"){
retVec = rsa->getAllPublicKeys();
}
else if(cmd == "privateKeys"){
retVec = rsa->getAllPrivateKeys();
}
else if(cmd == "allKeys"){
retVec = rsa->getAllKeys();
}
json->insertValue("data", retVec);
}
return json;
}Post请求:
CJson *RSACipher::postResponse(QString body)
{
CJson *json = new CJson;
QMap<QString, QVariant> map = CJson::JsonToMap(body);
if(map.contains("cmd") && map.contains("data")){
RSASecret *rsa = RSASecret::getInstance();
int type;
QString data = map.value("data").toString();
if(map.contains("type")){
type = map.value("type").toInt();
}
else{
type = rsa->getLatestType();
}
//返回值都是Base64
QString ret;
if(map.value("cmd").toString() == "publicEncryption"){
ret = rsa->publicEncrypt(type, data);
}
else if(map.value("cmd").toString() == "privateDecryption"){
ret = rsa->privateDecrypt(type, data);
}
else if(map.value("cmd").toString() == "privateEncryption"){
ret = rsa->privateEncrypt(type, data);
}
else if(map.value("cmd").toString() == "publicDecryption"){
ret = rsa->publicDecrypt(type, data);
}
json->insertValue("type", type);
json->insertValue("data", ret);
}
return json;
}Qt每小时生成RSA公钥和私钥,并且提供加解密的HTTP接口。
如下RSA公钥:
{
"data": [
{
"createTime": "2022-06-07 00:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAph3ndB3WFpMTxxS3OHYl\ns6gZeSVxQt6ToVTYjIhPyb7PVoonTd+NQxx/iMn9txWlyxlnWqWNsDnuosScjcmY\nM4HiCyyk7bgECrs9MpuDK6EWuN97dpd95fA5iz+0N+yN5lVNM4fPNKseBpoFSF5Y\nWf3ee6uG7V7lwp2uJfh5RKKZ2c0qYGAZxE1HqBwAp64xatVKf3kB18g7TonWQFee\nPTEU/fKVXxklnL1U8DYUfuuPBUeLm92rq46Pi4xFTbri0mUZExKA9gTb9oMZi+xi\nivr0xx8KolbxBgoblqIgo+QfvwrFiJD0WTuzetCPfqkHFZwF/kPvpIS2eOwrpgfV\nnwIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 31444,
"type": 0
},
{
"createTime": "2022-06-07 01:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5sHN780gMrXPOClxj74X\nVOovl8+BWIfPwkfFIDUUWYZCuZZozvsqSZ40l6qYh/Rd5BjZ3NqlHup+xR+u/9Jr\njEofvzJTOxHRIIP5UNRRhlw+BY7VpfOVBAtaaF5O9Ql3ujj/Uy2ApO6LGwsy6ONl\naVZ8UsIc42uGoVpGWDvt2r4NK27tSvW6R/yauggK/tnZsGefdf+nyudvS3wfPZ8Q\nhdgD4dwOO2DS7PX930pjqsUthf0lWsb+YmwNZSqWSOi03pZPYWlMnmgC/huONQZL\nz0hAFG12eAzdYmCAc8xh6Y10pJWL4LQEvfd6VJCel9ON1FQjeW2AVoDBOaEPivHQ\nzwIDAQAB\n-----END PUBLIC KEY-----\n\u0005\ufffd\u0001?\u0005E\r",
"ttl": 35044,
"type": 1
},
{
"createTime": "2022-06-07 02:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUuaYHIblkeQvlyZnolx\nmhE08h9kSyrMuufB9KEj4Jy2dBy/qTJNhWcBEWNpGnzKimoTGd7RyMAbL0J5Nl1p\nBNv11J1WZiiE3+xRcbubUmjsDbr92o7m/HBhmPMtgxMKZ9S1dBU0kejxXrej2guG\n/nB3rlQ4CSjXnlWtx3s2DBB9ToxQLVkrLksqhnswFa85YFZVOCvCGvTGA4KD+djH\n3+YlLMSNNVyDJI3LtHtnhdi0Olp6eGVh8FDuMBXdJFX+9JCvTa5wsfNzKJD/xCPT\nSg9sEw3s60qZj0nP5s+UYWBElWjRytaxkM7CK5A3JQ8yJ2dM5JC4FP2mkc8xYs2/\nSQIDAQAB\n-----END PUBLIC KEY-----\n\ufffdg\u007f",
"ttl": 38644,
"type": 2
},
{
"createTime": "2022-06-07 03:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SwuqUZPTcIwN2tNGhNX\nGg9Ks+xcWsjjxKwmRuIr/XeInSuzOmtzCfwVxYaqGixO3iLygq853oCtAxlyNQmj\nVrA9Meep4aGFu7TWvEDm1yRpf43vHRgIbnqYoIpWuUtWLgdNnBNS6utZOgt5RMlJ\n/RfHohFFIvM8fgzTD34iZ0IhtClqST0UX9ZLGZQwrTgLVOkxzszbUB8wbDxCFnVn\n7XUIxBVptyZC83/EZ4zwY6sN8GUXhhscfcLeu8rgjVVOANy7NtaYrzzhAy/aygg+\nB+y4ISIzNTq/LM5SsTX2EXhc+g9H0Ax865wt4uS6Aj75F67R/zOIP08vxudKjhsq\nMQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 42244,
"type": 3
},
{
"createTime": "2022-06-07 04:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEG2hZu0/83P2UdTf4fv\nVtSoWXUgQlngMlWUXe59jW+hbvjv+fUfjlLz3USkBTrPRbFW9WXATuUNwMGn/zA8\n6W0D9EE8zhfd9Zt14St8xGIgBHR9Ptcg5FqKQbraG5wBxBdL0zWDXI7LL5zxSz9Q\niUKVrR4vgPj3FT/whuqLlGoEWf0ouCHAF7NDY89+X3InKhMROxea/hAAVCqqviLk\n9HvgpE/bGgiIY56pjJYGrThEyyCq1Rqf79lnAFRm1ukaoHzpvpwT+iNWu4pM6mQl\ncdVeQWFM/2HJuMM2YB8UeU4jBEfxOCUeFX5k2z2DsJoVFhBF4ArFE8o+LWWi2pQb\nkwIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 45844,
"type": 4
},
{
"createTime": "2022-06-07 05:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki1pPjj42LND2zu7M0CY\nDEx+iZrUrzRFb8AbRyORYOOzkeELR3Mo2AVfASp6kThZFn7QsAku0drDW/ikCH4G\n3l2PkQ0VQWHnrqbFnAX89E1Q97wqGkeukWZTiD34RcFdktMzhMul/2BYMtsKkHx+\nkwpm28wa9jCDrXQVy43gHBlujttWej0kQG3xaL21bxJyMieFMwSezN6JHxayUXYt\nzPl0phQ7Y4eUSIUyI9PDJL/aUgDfGvZ6sZWcy4h7xJ4SfJ0zrr2ljJOKBDTJQ8i6\ndWP4Ld7nSMSDnZ8u7Xt1q4hpS0ivNZUlPtBSuwA85wDN6JAyIGavKUXB7yopSsaF\nnwIDAQAB\n-----END PUBLIC KEY-----\n\ufffdg\u007f",
"ttl": 49444,
"type": 5
},
{
"createTime": "2022-06-07 06:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsokRVcyM+AJ6PiojFgHJ\nk4OUC0s597IqFQ/xviYUnldsWdI4h2zKdF2uWG/44jEia+YVX7XZNpOYBolLqILT\n+8kxuyvrcXFkIdZaPkhNVhZi3BEXT+kS3bpyrKXcovyZZtt8X4NAYp88E8oqvirl\nKNmd3p1ooSmALn5kER42VB4tfimaU5a4HK2RQpiiSQgIg0IE5u5jfuyZqjROG2On\nw5IUYx7UHhhlpD9VnQsfzd2vMJIwl+dDgX4qAFtqocWBxUxIHzwnJOKZhFo7z6ym\nVIjxy0TPAAVXQox14RYRAK/l+T2aywgz01E84wbtjNoCr+zOAZF09rkm5eri2CaU\noQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 53044,
"type": 6
},
{
"createTime": "2022-06-07 07:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1px/bv3imFjq6T1jsb6C\nqbRX8x7Q57yoGfQlE/d5QTb/AUtnSD/Lafp2fqk5U+vxiXnQmuGPGFO9n5ZPVw4H\nDF7kq565tv4tmkmYbtjJGzRt8EZG9jlT/vjUv2zG/xJFeTdZaz8E3MjkltOyC6A9\n0bpBo54m4nk7XH+H5gmtMIYEGiv1s8LnYvYSKfXncv/qCanEtz3QdcBSvgijUPEa\nBrLD0Mx3tEn0rXc14UACQuu5S+38GimN0dq5kGyLv+mjl0ykVPaQbAhTJ6APgoXd\nQAn2/PNSJzwIJ0RoPDs+2L0Yv1fTlfiifaf/sJ/RtfWemgtv/6/Tq81p7RoxCOiP\niQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 56644,
"type": 7
},
{
"createTime": "2022-06-07 08:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+Q727M1Orqy/b+r2ZFr\n/Ychj9dy3vEY5U6UaLvCQmOqHwDq2qVGuB/A8uexxdOExKtOzJWn6SfRZfBDK7d4\n7itvAXAM6tYr52/MVaLbiiy1CNpqydx6I9Wgvs6n4BlAXz+oJUgzj4UpH9rUKpqp\nqm6idez2snpvFFghWsL7LqtgRjojxEYgECnhuIyuxd/Eq7OFM5i8FIGQYpvffD+Q\nbVcyJEYsdK967pC6hXJpQQ0egGhRT5FHlPt2oVBQhxYnBqVUHVNNdfWP2kDaRyhE\nChu1FdPn0nyOgq/G1eUGk3juhn5N5fQ/3NVQDKpFlLynjtUmmKugbrJ7XB6JP3jf\n6wIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 60244,
"type": 8
},
{
"createTime": "2022-06-07 09:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg8LztdfcF9jnK2vhpDi\ncBr+PdsDb49aIUaWoMO+5PqWWpEfp6PMJXNGOWRvFhHYQ3imDhahjPQAiYmTkoKr\nHpD3SaAEMKBqXN+m5hPqgsT1h/nZ563Dn9pxOI4bcbDFfITR1lWBBVQ1WKgqQaFp\nUkNrMBFDNLRby97xx4KKYPsAUqwK1uOx3qheV5rnfY7HjNFZqRUT6G1EhBzvwuRH\nqWBtuR1pOzH+6M9jkHnVNKdbBWpB/G8gmDj3PdZJ9LJPnkaCn6yYIOs5nL05aF6X\nga85m4+1t/ykqsgvbvzN62mFa79w0ZZ0JvybhBuDsGupknbktl5sFKbR1DEGNHgZ\n+QIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 63844,
"type": 9
},
{
"createTime": "2022-06-07 10:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02cdaXR/KqFejIOHpiln\ne9cmjXm+E17skWwIq5ACh315x2utx0fFbGM8ZOODLdpbVeCiULM5j9dKWb9iOdFD\nzYEUPm0bELGKKoS92pL66lUiaE6qedyasYsmUq29wtEIxjGzuBsJ/YIPyoldhr0S\nsBXV7YW0B42v0KZh6Z+kZqDNr4mRV/NUS58wjOgyJhs8ObMgGRHeo+vpK3C5tup1\n476pOK7YFyZpTaGv1eM1dTz148vUNDXiVK9CSrUFaEnqglcStG6RWxX0k8a9K4eC\nQhSEpNJOepUoPgS26psISKFE2NSeP6fKibBN56bvgCt8QNYmejh2l87nhPJgAftu\nRQIDAQAB\n-----END PUBLIC KEY-----\n\ufffdg\u007f",
"ttl": 67444,
"type": 10
},
{
"createTime": "2022-06-07 11:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGbNy7XESflug6u3Hbw+\nq78DGOIcaolJoPFWdzWGsV5zmrJ5teYw/ammzHcseBemAHYhWpzmnbHPfxHT7EK9\nkQ4G5stBOcPS4vqr9ztwFGI4NPZsncF3jYMV+nIhfApx9rwKIaThUlpqyN+ySV/z\nMSjN1sCrwFr97xLUfX1YkRtHvMw4dmVdK9mmti19fVZ6lOtBnc5IKxK9rceS01PW\nO/tD60oc1GqaAmWGcSwnUZH1z91EhZiNSE7StwCrnYf7I9PnU44aCJVcMibs8mF/\n4WPxiWxHtB9kzItUSGi/Fq566kd4yOLPpJu15XxcUglRCSvYOYY18HIPxHv6fSF4\nwQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 71044,
"type": 11
},
{
"createTime": "2022-06-07 12:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NJo7HIxs40HDNVn5DCT\nhSpVu8pFYesJTBmRzR4B0ZtOydJzm91gYKZKKdWUnPBeZJryrxV8YhpUj+Hc7sse\n/2MfK8GOQxjvRLbhFQxlYkof9/t5VHioTLg5TZW8MUgw9xGruWUE2vwRZBMoy2pb\nVNlCCGm/kR+dq3g03fya2tYneAYUYL1zWKWsZ1sQSIsb7LCwUYAkLwsDNP1zQnIp\neIVuYfNEvOTqBHPMqBhovW9PIBzzlGCE8suUc4/Lff9cQz9Z2pWlECAY501y/NwX\nfF+qdR6rRrlurB+zBGLZ5BSWppU387+KnAPt3bzvF5mb4BF7jpqRpfpkxfh4mJBe\nnQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 74644,
"type": 12
},
{
"createTime": "2022-06-07 13:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VCM9Hmrak8E3xr7jPTA\nIB2kujXvvo8G/hvChDJmrqfZcJ3XP+1hwe5dW9VMnQQe1ehHKUn5m8x1Mtb2SLEX\njR/kd4/Bt2JShfHD3FNochNhA2L/fS/fj8HbL4jYQ9l7vPCw+w8PeIXpRy50ebJG\nMAj2W97H4b795pY6eHrdlVddNADppYleyMBGbQho3M+5UUHrTnH5AIuvYZ3j+wSf\nJFsG1Zd369wbknleufxOrYbMNJ6mZcRWWJL6yq5a3A7w+hoq2xC4Zr+XplW9STTd\n3qliT+NXJ8uo2GfADFZJ1Pcvh4tWOscV9RPPLnYLTHETYXUtXlG0D2EyBCnYfrDA\n+QIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 78244,
"type": 13
},
{
"createTime": "2022-06-07 14:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7N7X/lrW3O7T5aB26HM\nbZAFJEpEBQ366YRQcvWb9hezFX/tpNjS7qA5sUl2MqYr+4CnBik+7+tkGVTQxK96\nfQBtLQA9IMrNOv1db/ImG3jFShTO2aVWmrAHoeB5xp6USSvMVqeXpkdBs1PChxQq\nTrx498AGqHBU3oz9sTwVn0NjBNm2mfo8rol3rmf/bGNjamEzla3bjlqG1D/KG7RD\ntKeR4f/IVQzwY9KIa33ZIn1jhS/Gd6K19WzcB5rVBJpVDVatc82l4gA+xVk9liDQ\nMgIH+8Xqc8STwenwFqF3bDz28xNZ2YH9a19lFFavywlLTg09B1umKFZqs/WABTfZ\nrwIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 81844,
"type": 14
},
{
"createTime": "2022-06-07 15:00:04",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBP3pLhH89m+42avbnKm\nVdIv1mfqyUo/gND3Mrk/OIRtq5IXToNWmNDnjC4F51xY+Vms6By+Bii5hp8yUaZZ\nxBwOjVDfn4Sf7EyIHfaW3eWBhxN+wqJmE5iYg6aTjg71FynyzUelq0c/iTiYd9ZW\n5iDVZ+J4OueVoEKnDJx09IP1NFrL3EhidRrZRkoZHVHYuYz7IsdmzCNyg45aJilb\n07jKTteiazObp2ir4/Y/lGZc8d43hbXOf9Dyx+raARXO52BBGTWfnTvaTNhoUl2N\nZlga1N9RlHtxHKh3Uh8UGchSw4nEhpgSsGAE907ZXbL9QWpBiRdDCgvyRzgvYgzq\nIQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 85444,
"type": 15
},
{
"createTime": "2022-06-06 16:00:03",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8OJAB89e7U3VDjtv9t5r\nOu/iqSDHl9HxKwWDWEoapL7iwXJFAfabwP8wiSbByzH+munl4QW49MZSgbu+8fTG\nG54Kn2MZA1gr+wJWeYzmcKD+aNxS+VHypOJkN6vr/lYPP8gIQ15rjApijt48VHAA\nf5BiQhNh5a5ovTidfIz4v0yj6qAVJWzUWuDSUbtB4SHzxdT62sYTVEUytCBX7EGO\nIzQwL8D7MebPw4eTuwnf9RrWgKCXmRlwLSdmO6tbkM79uG3HLvRIPv+04IYQo2Tr\nXtn5bhDzLLA6qqkSyrblTF140WJKJ4rrH41OAMicpP8bK6ZKVdG/1DDUnyhmiKyW\nGQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 2643,
"type": 16
},
{
"createTime": "2022-06-06 17:00:03",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAMZsMHw7CPYPW25w6Wk\n9A6XTwVjo+YxWPPYcrA/z87TJQ2CC6daOL1ptU8Xa/fFcHb4hQTtRzdTbgZN/YOL\nNaOmzLSVInbQbvRu5MZVfAjM9Ih/G3sYyi+hra1mrRaYq/ltSABCu2sh8xN+5Xmf\nm0BLdOMyjrxBWwB+VSPMqMrWZ5cQfvl7HBRh2ikFKsmp34VCv/zVpEA0LphkX6QV\nQpls3kfTxP41XCT0hL4x/iLjxh1VkWmlJ0CRPLtP3K4+AiEj9dszYsNzty56bm1Y\nYKni2qCoWa45k7CdUjXxKmUOC3wEejlDjXSFVjYa+Y/hqA1AQOGm6VAwOb7wmVsG\n/QIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 6243,
"type": 17
},
{
"createTime": "2022-06-06 18:00:03",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArit0fosZTOg8PHAlhE7Z\n9WkCXhRAWcnw5NxG8elMYkYANoQGszP9MJrUn8eX1i/3oDlfRcwh7L3jlCPX/sZ7\ndGMmA0zgJdWHmjUut7nAD0QBExtvdDoXYORTbR4Epwa6SVkOS3CIE5evJxltcKyI\njFUUTe58ZqX8dM+JisekOpVcaKcORUXjJ6bJoaOhpsNFUXvFaNmwpodKo6w6LD/Y\nry1TGIT+hQN6DabWhnpAH2cw+KfxNtemPKNcrYiZHjZa3pr3k8nqEgmDnqLSKOdv\nss1KCODl9KWLH2wDCt6uJkBJDA0uV3Eo5oChhOk0NH1uf4zcE3TaNvDzj6YGO+SC\nkQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 9843,
"type": 18
},
{
"createTime": "2022-06-06 19:00:03",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVLbhs8twS/gk7Ojjb4d\nDBuDEFtyOP58jOF27N9eFTAbpRyeU6aBETlCVADUlVZvJ54Dj3+xBbOHYlvAsE3R\nvdWnEF778o/5cTiokEwiEbtO2pVlLn9u38UDvoIHQo0dmgpsw4sKUD1Z4KfH+wy4\n07km0xbxx5YGnmUaPUu0PGPKTAur5StjKE2h6M3rh4bcjH6s0cz1QozfjdBHmRdq\nAe1M+Lo9acrgNK4BrYyGp7iVVcqqS4nYZejDVk1gZON1rWEmoEj20cFLud9ctcCN\nVo5cBYYgOyA913WVlwRN4744AtXygfTVlsvPg1ju8Cao5P2LqcLL+ycarb+mJiBV\nrwIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 13443,
"type": 19
},
{
"createTime": "2022-06-06 20:00:03",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NxSo/ZB1cWANdKJZqwl\nvUMNEi9LrZhJaLNP3vExKR8nHdTA91AufL5+w+k8kHO2EpP6jnrGj94S6N6rOobt\nVhEHOBxzL4qn3PY4t23AcAbxGKQ2t8uujonV2cAgmhrP8CtOPzaSqF0iCtz6bqDV\n1tOdNcyvIli9ACywcQB7wFX+latT0iCTq7mY5EI26WV5tz+94hXTRG69wwO8Tzag\nltNhURrgC4DLSjY2Ow8GlxN+BbbYwuXwZF/JBFg4UesIOwa2eNs+ln5lmYYTlogb\n0kArp4rGee1buxEbWq9On58DK9bYXXuhp3E9TJrqiZFftNH5Ji9OCg8693SOe+mG\nvQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 17043,
"type": 20
},
{
"createTime": "2022-06-06 21:00:03",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JsrGtvJK3aVIx/Fpk/B\n61mLi2ZgnxIK2SBehaKMCdbNqjP6KaRHY5GgA+lVqUHK9oJTKwBm3hAIEilA0hPe\n18dJvhhVR+YM1EaeyFudABwhF9sacNugduz9ciUi2iqsPeb5NVuj9dnNtz11A8c1\nf96wYbXnxDDrpdkSaFqs8/ZqIePw7JgZwckkgR8QMCjnl65DXOIsnsEX3eRYhfaJ\nD1o7nUL5JhaGCpQFBXHd0OcphB6TO9UzD9KxGsjF9briQcNXnML2iD9aEutC8ngA\n7dlPLV+8evcXH9lBIf2LVXsqlmd2nprpHkJpd1pRIilrEOHCEKS0/XTqlOKGov6f\nSQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 20643,
"type": 21
},
{
"createTime": "2022-06-06 22:00:03",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U/tTGCeU+eCNx4uBD6x\nEoUos52SxQvDpOL3uCFqoslrWQs15MVdvc45f8okvIEwdoSk+L4A5b9NMzL4pvzG\nFxaZ31QRAHIOLqJzCFB7GwoeMbi39ey6TdIkr1zUzPT5+efYMFdoeaEEnQv6dThL\nUNwyIOQd0/ZAlj8BoECQ5acLYm2k2P9HVc007eq///AVDxHS26k34V8c5WyNYt/S\n/gkTh8nuVx681zvTlGL2RtHaymtH7TX3dh1vAXQfSps4jblctx1Il26xXrgpnJd5\npC3RIhi27IgV+OovFci/6DK2GsarMb0h33fngo7tsHeqphxjLkFyI5q4iaSb4o1A\nawIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 24243,
"type": 22
},
{
"createTime": "2022-06-06 23:00:01",
"publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOw8KDJO9NYLp3TQ/cPU\nqSo0R9hAK+t0287l33ztBwD+gGAG/UBOoYTM8ouulZ5h2DaB0ehTPGk0PAJ3Tx+y\nSLwCxG2KQxqoGxnKNHGjUCS4edVGuxkGCO4zeHLXSD7eZEN2297kvAKsLZdvrUz8\nQJXQe6Qth9JIF9ghdpcDu/1qpVU1ilIBB1dHwbagzc4JkW4Q2/B+K7orzaqKJgq9\nqlyWRbXyaNBFOQX5DNLlOtlO38sdcGTdJTTwJ3EgJar1A++OknGguMIcSewxfVqX\nV+MXyL/zvifNsaY3tWE1tw7DkHJjRssLCiKj/E/zCxC43EpUS01AFwW+xf/GrFfK\nsQIDAQAB\n-----END PUBLIC KEY-----\n",
"ttl": 27841,
"type": 23
}
],
"time": "2022-06-07 15:16:00"
}然后将这个type和publicKey传给登录前端:
php代码:
$client = new Client();
$data = '';
try{
$res = $client->request('GET', 'http://127.0.0.1:8080/RSACipher?cmd=publicKeys');
$data = json_decode($res->getBody()->getContents());
}
catch (GuzzleException $e){
return response()->json("{}");
}
date_default_timezone_set('Asia/Shanghai');
//拿前一个小时的数据
$sub = date('H') - 1;
return view('auth.login')->with('RSAModel', $data->data[$sub]);前端代码:
<input type="hidden" id="RSAType" name="type" value="{{$RSAModel->type}}" />
<input type="hidden" id="RSAPublicKey" value="{{$RSAModel->publicKey}}" />在提交数据前调用JS对其进行RSA加密:
<script src="https://cdn.bootcss.com/jsencrypt/3.0.0-beta.1/jsencrypt.js"></script>
<script type="text/javascript">
//用户登录
function userLogin(){
let password = $('#password').val();
let publicKey = $('#RSAPublicKey').val();
let encryptRSA = new JSEncrypt();
encryptRSA.setPublicKey(publicKey);
let RSAEncrypted = encryptRSA.encrypt(password);
$('#password').val(RSAEncrypted);
return true;
}
</script>对应的HTML代码如下:
<form method="POST" action="{{ route('login.custom') }}" onsubmit="return userLogin()">提交时只要带上加密好的password和对应的type。因为C++端是跑马灯的形式,有24个公钥私钥。需要指定是哪一个,才能解密。
后台验证时,当格式验证成功后,对password进行RSA解密。
//密码RSA解密
$rsaClient = new Client();
$rsaDeData = '';
try{
$data = [
'data' => $request['password'],
'type' => $request['type'],
'cmd' => 'privateDecryption'
];
$res = $rsaClient->request('POST', 'http:/127.0.0.1:8080/RSACipher', [
'body' => json_encode($data)
]);
$rsaDeData = json_decode($res->getBody()->getContents());
}
catch (GuzzleException $e){
return response()->json("{}");
}
$passwordDeBase64 = base64_decode($rsaDeData->data);
$request['password'] = $passwordDeBase64;然后就调用Laravel原始的用户认证就可以了:
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
......
......
}
......现在来抓下包来看看:
版权说明 : 本文为转载文章, 版权归原作者所有 版权申明
原文链接 : https://it1995.blog.csdn.net/article/details/125955725
内容来源于网络,如有侵权,请联系作者删除!
