Examples
In short words jCryption is a javascript HTML-Form encryption plugin, which encrypts the POST/GET-Data that will be sent when you submit a form.
No long talking, take a look at some Examples.
Please look in the FAQ or Documentation section for more detailed information.
Simple demo »
This is the standard setup.
Like in older versions it’s still posible with one simple call to encrypt your form.
Just call jCryption on your form.
$("#normal").jCryption();
Feedback demo »
To give your user some kind of feedback that the encryption is still in progress you can show a loader.
var $status = $('<div id="status" style="margin-top:15px;"><img src="loading.gif" alt="Loading..." title="Loading..." style="margin-right:15px;" /><span>Encrypting</span></div>').hide(); $("#submitButton").parent().append($status); $("#callbackForm").jCryption({ beforeEncryption:function() { $status.show(); return true; } });
Bi-Directional communication »
With jCryption 2.0 you can communicate encrypted with the server, you are no longer bound to just encrypting forms.
This example is a litte more complicated than the other,
but if you want to use jCryption for bidirectional communication just look at the source code … you will understand it with ease.
Just a short explaination what is going on …
1) Client chooses a Password … (in the example a weak one, you should use a good random number in production e.g. mousemovement coordinates)
2) Client requests RSA Public key from Server
3) Client encrypts Password with RSA Public key
4) Server decrypts Password and stores it in the session
5) Server Encrypts the Password with AES and sends it back to the Client
6) Client decrypts it with AES with the Password
7) Both have now the same “secret” key which is used for communication
Here is a litte example how it works.
var $loader = $('<img src="loading.gif" alt="Loading..." title="Loading..." style="margin-right:15px;" />'); $(function() { var hashObj = new jsSHA("mySuperPassword", "ASCII"); var password = hashObj.getHash("SHA-512", "HEX"); $.jCryption.authenticate(password, "encrypt.php?generateKeypair=true", "encrypt.php?handshake=true", function(AESKey) { $("#text,#encrypt,#decrypt,#serverChallenge").attr("disabled",false); $("#status").html('<span style="font-size: 16px;">Let\'s Rock!</span>'); }, function() { // Authentication failed }); $("#encrypt").click(function() { var encryptedString = $.jCryption.encrypt($("#text").val(), password); $("#log").prepend("\n").prepend("----------"); $("#log").prepend("\n").prepend("String: " + $("#text").val()); $("#log").prepend("\n").prepend("Encrypted: " + encryptedString); $.ajax({ url: "encrypt.php", dataType: "json", type: "POST", data: { jCryption: encryptedString }, success: function(response) { $("#log").prepend("\n").prepend("Server decrypted: " + response.data); } }); }); $("#serverChallenge").click(function() { $.ajax({ url: "encrypt.php?decrypttest=true", dataType: "json", type: "POST", success: function(response) { $("#log").prepend("\n").prepend("----------"); $("#log").prepend("\n").prepend("Server original: " + response.unencrypted); $("#log").prepend("\n").prepend("Server sent: " + response.encrypted); var decryptedString = $.jCryption.decrypt(response.encrypted, password); $("#log").prepend("\n").prepend("Decrypted: " + decryptedString); } }); }); $("#decrypt").click(function() { var decryptedString = $.jCryption.decrypt($("#text").val(), password); $("#log").prepend("\n").prepend("----------"); $("#log").prepend("\n").prepend("Decrypted: " + decryptedString); }); });
HTML 5 Session Storage »
Frederik Lassen added an excellent example of how to use the “new” HTML5 Session Storage so the script is not required to request the key everytime from the server instead the “key” is stored in the session.
If you want to see the old examples here is the link.
January 27th, 2012
Why you dont use GMP not at all?
It will complete speed up it.
January 26th, 2012
Looks like a great lib. Just wondering about the client sending the RSA encrypted password over the network. Can’t it be intercepted and decoded with the public RSA key? and consequently the AES encoded password from the server could be decoded as well while in transit or what am I missing?
December 26th, 2011
i’ll use it )
December 16th, 2011
Hey,
@Performance: I noticed that the handschake takes several seconds due to the bcpowmod function in the decrypt method. I tried GMP instead – changing the $dec declaration to
$dec = gmp_strval(gmp_powm($dec, $dec_key, $enc_mod));
That speeds thing up quit a lot. Unfortunately GMP is not used as widely as BC.
December 22nd, 2011
Thanks for pointing that out … it will be considered in furture versions.
January 20th, 2012
Thanks for the idea! It’s now implemented!
December 6th, 2011
Hi, is their any Java implementation for release 2.2.
I’ve tried to convert the javascript but didn’t succeed.
Any help would be appreciated.
Thanks in advance
Below is the code:
Codepad
November 30th, 2011
I’ve found jcryption4J which is an ok Java implementation using servlet filters https://github.com/novoj/jCryption4J
However, it is based upon jCryption version 1.1. Anybody aware of an upgrade of JCryption4J for jCryption 2.0? JCryption4J does not handle handshake requests which means the library cannot be used as such.
Besides that, I’ve stumbled upon this hacking specialists forum flaming JCryption:
http://news.ycombinator.com/item?id=748430
For sure I wouldn’t use client-side encryption mechanisms to protect credit card data or the likes due to MITM but I still believe this API has a great future for those not willing to buy SSL certificates or with hosting providers who do not support it. Btw in version 2.0, ASE is a real plus. Used with java.security APIs it brings solid encryption.
Long live to JCryption and congratulations to Daniel Griesser for coming up with this.
December 22nd, 2011
Thanks
Just for clarification … If you are not using jCryption for bidirectional communication there is no real advantage in using the new 2.0 version.
October 29th, 2011
In Michal Franc’s page, the jc.jsp is not found. anybody help please?
http://www.michalfranc.com/articles/jcryption.html
September 30th, 2011
Hi. Can anybody help me. How can i break decrypted string which is being displayed by following code on example1 page main.php
print_r($result);
I want to break the data of this array and want to store in different varibales to be stored in database.
I have applied $result[0] to get the data saved in this position but it shows only first letter of the first form field.
I have also applied explode function, but no result. Can anybody please help me how can i use this array to input data into database by breaking it into parts and storing data into different variables.
September 24th, 2011
Still no word on validating the form before submitting and subsequently encrypting.. How shall I validate if the user input before submitting and encrypting my form.
thanks
September 26th, 2011
Solved.
Create a validation function wherein you do all the field validation and finally the function returns either true or false.
Call the function in beforeEncryption function and VOILA!!
Example:
$.fn.kValidate = function() {
var fname = $(“#Firstname”).val();
if(fname==”"){
$(“#errfname”).fadeTo(200,0.1,function() {
$(this).html(‘First name required.’).fadeTo(200,1);
$(“input#Firstname”).focus();
return false;
});
}else{
return true;
}
}
Now call this function:
$(“#normal”).jCryption({
beforeEncryption:function() {
if($.fn.kValidate() === true){
$status.show();
return true;
}else{
return false;
}
}
});
September 13th, 2011
does this work for file upload also?
September 24th, 2011
No sry … for file upload it doesn’t work
July 29th, 2011
I’m trying to find out how to include it into my web page…
I have no idea where to place the simple one line of code so as to encrypt data from my form…
So please give an example that shows the code in the html form.
And then also please give a SIMPLE example that shows the code that is used to decrypt the form data
August 29th, 2011
like turi (but my apps is under development)
I’m trying to find out how to include it into my web page…
I have no idea where to place the simple one line of code so as to encrypt data from my form…
So please give an example that shows the code in the html form.
And then also please give a SIMPLE example that shows the code that is used to decrypt the form data
June 28th, 2011
Hi,
I am an enthusiast of jCryption and am trying to set it up but am a relative newbie. I know HTML and CSS well but am just getting started with jQuery. I am trying to setup “Example 1″ which is included in the jCryption-1.2 download. It doesn’t work for me “stock” with no alterations and I’m trying to figure out what I need to make the encryption and decryption work. I will then study the example and model it in order to use my own form that I want to get up and running as well. Can anyone help me out as I try and get this up and running? Thank you!
June 24th, 2011
Hi there, Can anyone provide a example of field validation being performed before encryption takes place (using “beforeEncryption”) please?
Many thanks.
May 18th, 2011
really amazing encryption just as i need to run this
http://bit.ly/scriptmethis
May 14th, 2011
I tried with japanese language for example String encryption but can’t Decrypted.
May 17th, 2011
Did you set the charset to UTF8 ?
Try and example on this page … it works here.
You must have forgotten something.
March 15th, 2011
it give me Error:
Like that :-
$(“#frmLogin”).jCryption is not a function
not a function kindly help me what i needs to install or include Please Urgent.
Thanks
Jagdish
March 7th, 2011
The current version seems to skip runs of space characters and trim them to just one space. Is this a bug? I would have liked to allow for any combination of ASCII characters at all. Any suggestions for a quick code mod in the plug-in?
January 14th, 2011
I downloaded the examples and tried them unchanged, same directory structure, on my university server. I get 500 internal server error. I checked permissions – no problem. Any ideas?
January 14th, 2011
Did you check the webserver and php logs ?
There must be something …
January 20th, 2011
Run phpinfo() and see if you have bcmath installed. I had the same issue and it was fixed pretty easily.
December 21st, 2010
Hi, I really thank you for your great work!
I’m trying to apply jCryption to my website.
I want to validate input values before submit, so I tried to use ‘onsubmit’ event. using onsubmit, submit is supposed to be stopped when it returns false.
But, With jCryption, when it returns false, submit is not stopped.
How can I validate input, then?
September 9th, 2010
I’m having problems with UTF-8. I tried the string example, with a string like fé. The decrypted string isn’t the correct one… So I modified the encrypt.php to save the string to a file. If I use a char like é as the last one of the string, it doesn’t get saved correctly. If it is in the middle of the string, it is OK.
Any thoughts on that?
Thanks.
October 30th, 2010
after few hours dig, i found a solution for your problem, with the help of JSON lib, im not good at either javascript or English, but hope it helps ^_^
$.jCryption.encrypt($(“#toEncrypt”).val(),keys,function(encrypted) {
change to:
$.jCryption.encrypt(JSON.stringify($(“#toEncrypt”).val()),keys,function(encrypted) {
and
$(“#result”).html(data);
change to:
$(“#result”).html(JSON.parse(data));
July 30th, 2010
very good library.
for function biMultiplyDigit() at line 463/464, you need to modify:
var result = new BigInt();
without the ‘var’, IE won’t work properly for the string encryption
June 21st, 2010
GJ!But,can it be used in jquery ajax method?like “$.ajax({});” thank you!
July 1st, 2010
Now with version 1.1 it’s possible
August 12th, 2010
good jobe!! thanks for your efforts!!:)
May 6th, 2010
I tried it, but it’s not working for me for whatever reason. It starts up, it collects the input, then it stops… I used both the demo code and tried to create my own with the same result. Even the examples that were provided with the pack dont complete all the way. Am I missing something? jQuery is installed already and properly referenced because the form fades in using jQuery before hand. Any idea what’s going on?
April 18th, 2010
Very nice!Thanks.
April 9th, 2010
Ye!!
nice one..
April 1st, 2010
It would be interesting if we can define wish fields should be encrypted instead of all fields… or have I missed something
March 26th, 2010
Hi,
I am using the java version. In which, for every form submit in browsers – Firefox/Opera/Chrome, new key pair is generated. Whereas in browser IE 7.0, it is generated only once. In other word, ajax call for generating the key pair is done only once in IE 7.0 browser session. if close the browser/clear session, new key pair is generated, that too only once. Is there any way to fix this?
thank you
February 2nd, 2010
Hi, I tried this java version.
It is working well.
But when i enter a user id of length more than 49, then the password value becomes null & the user id is showing only a 49 length value.
How to solve this?
March 10th, 2010
I had a similar issue; when a certain length is reached the encrypted string is split into multiple “blocks”. The Java code just put the blocks together in the wrong order, i.e. second block before first.
It’s simple to fix.
In the decrypt method, the loop should be running backwards, like so:
for ( int i = blocks.length-1; i>=0; i– ) {
byte[] data = hexStringToByteArray(blocks[i]);
byte[] decryptedBlock = dec.doFinal(data);
result.append( new String(decryptedBlock) );
}
March 26th, 2010
thank you!
January 20th, 2010
Hello amr gawish,
Can u pl provide the java implimentation for the same.
January 20th, 2010
Check this
http://www.michalfranc.com/articles/jcryption.html
November 22nd, 2009
The big problem of jCryption is that it want to do everything himself : to get encryption keys, it must be with an ajax request and JSON result, it cannot be a user function. The same thing for encrypted result: some users may want to get the result without sending the form.
That’s why a extremly modify the jCryption’s architecture in my project which is using it.
However, jCryption is an extremly interresting library and can help everybody to secure some data.
November 13th, 2009
Can i use this library to encrypt any custom string ???
Some method like
var encryptedString = jcryption.encrypt(“custom”);
????
It would be really helpful if any one provides me with such a solution ???
December 27th, 2009
You can see jCryption2 at http://www.d-sites.com/projets/jcryption2/ which is not the version 2 of jCryption but is more complex and allow to do something with the encrypted string.
November 2nd, 2009
I have working java (JDK1.4) implementation if anyone is interested.
November 9th, 2009
Hi Frac,
Can you provide me java version of backend
Thanks
Ashwin
December 18th, 2009
Hi Frc,
Could you provide me the Java implementation?
Thanks,
FX
December 21st, 2009
Check this
http://www.michalfranc.com/articles/jcryption.html
October 30th, 2009
I have determined, that the XML request for the keys slows down everything a lot. Maybe the keys should be generated by JavaScript when encrypting and PHP when decrypting. I believe this would dramatically speed it up.
Unless the reason that PHP does it is because JavaScript can’t do it. If this is the case, maybe you could modify jCryption so it can.
November 2nd, 2009
Sorry this isn’t possible because with this request the keys are generated on the server.
Theoretically it is possible to eliminate this request but this would increase page load times because the keys must be written to javascript in advance.
I am working on an alternative to deliver precalculated prime arrays so key generation will be much faster.
October 28th, 2009
nice one
October 22nd, 2009
Very nice! One thing that I’m trying to solve is that it not work with this submit code:
but works with this:
October 22nd, 2009
it seems that I cannot post html code here.
it not work with this submit code:
input type=”submit” name=”submit” id=”submit” value=”"
but works with this:
input type=”submit” name=”submitButton” value=”"
October 22nd, 2009
Sorry my bad, I had two of these elements… but the strange thing is that it stucks on “Encrypting Status: Completed! submitting Form” on my case…
October 12th, 2009
WOW!!!! Very Very Very Helpful Topics. I like it and i will also use this
Thanks
Mehedi Hasan
October 3rd, 2009
Thanks !
You can replace split function (depreciated from the version 5.3.0) on line 590 in the php file by explode…
September 18th, 2009
That’s a great security library.
August 16th, 2009
Thank you!
August 15th, 2009
Really Good
August 15th, 2009
that’s really nice… thank you.
August 11th, 2009
Thanks about this program
usefull Library
some trouble about public-key algorithm of RSA
How can I change some key for make the Encryption by myself?
Do not understand about RSA
Thanks again.
August 11th, 2009
Good library. I will try as soon.
August 10th, 2009
I’m almost finished the Java Library, remaining some bugs here and there, and Oh I found a bug in your js, you declared main.php hard coded in the JS, I changed it in my JS to take it from the action attribute.
August 10th, 2009
You can change the URL where you want to receive the keys … look in the documentation under the option “getKeysURL”.
$(“#normal”).jCryption({
getKeysURL:”yourdomain.com/getkeys”
});
Now the keys will be requested from “yourdomain.com/getkeys”. The action of the form is used to submit the form.
August 10th, 2009
hot stuff
August 9th, 2009
That’s a great Library, I’m currently making it possible for Java instead of PHP.
Thanks again.
August 9th, 2009
That’s a great idea, please contact me when you are finshed.
We can add it to the library if you want.
July 27th, 2009
nice 1