我有什么: .Net客户端应用程序和Nodejs Server应用程序。
我想要实现的目标: .Net客户端应用程序使用客户端私钥对请求数据进行签名,并且应使用客户端公钥在服务器上验证签名。
问题:验证始终失败。
客户端代码(使用BouncyCastle):
var encoder = new UTF8Encoding();
var inputData = encoder.GetBytes(plainText);
var signer = SignerUtilities.GetSigner("SHA256WITHRSA");
signer.Init(true, privateKey);
signer.BlockUpdate(inputData, 0, inputData.Length);
var sign = signer.GenerateSignature();
var signmsg = Convert.ToBase64String(sign); //This signature is sent to server
服务器代码使用(' ursa'):
var isauthentic=pubkeyClient.hashAndVerify('sha256', plainText, signmsg, 'base64');
// this is always false. plainText is the same request message in the
// client and signmsg is the signature sent by the client
服务器代码使用(' node-rsa'):
var b = new Buffer(signmsg, 'base64');
var auth=pubkeyClient.verify(plainText, b); // This returns false too
编辑:添加了使用node-rsa模块的代码。结果几乎相同。
我在这里做错了什么?有没有其他方法可以达到我的要求?
答案 0 :(得分:3)
它对我有用。我测试了以下C#代码和节点(使用节点v5.10.0测试)内置crypto
模块:
<强> C#:强>
using System;
using System.Text;
using System.IO;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.OpenSsl;
public class Program
{
public static void Main()
{
var plainText = "Hello world";
var privatePEM = @"-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAwTOUkBeDyeEiacGyW5UwNCg73GuIMaUNMXZwnCSjQYpMqxzr
q3UdwFxM9Ln6rXCDJgUALvrbI6TK6HwKG/EPbC277IWvJ0WbqGpn47th70JMFyss
LqNEREot3H9CFCmn7SM8jjQOYAQ+4M5BqPEd6gwprtP+/GxZ0nP46vSrA7qlyyp2
MO2yTovWH5QfYB1bQvjAChEydqAP1Alqo5i2QnZ50FD6QFr2KG3+f7xmvL3K/gSs
+ayjDNYjrKoJwY6xJ/U4103Xddr5zP0g6WL+zyjTW9M0CCXsQ7wCrPWxEXmVQeg7
BbSwx6ATbP2pbuWHfp2GrO6PIw2wMzOwNa/O0QIDAQABAoIBAQCMxA4sZlWpU5WF
RJG1VJ/IgMAMu3SB52YTcd5ehftFF4UA75NuW2iP7TBM5uyUTfPgUahukmv0Lm+A
sE+VSDAae7/+dvDFRlxBezWyoaabcsyJ3PTWDjMBJqL/kuEMW8V0bEYEvjzzDGTb
2qvQcc1/59i+/ss8E53mToVAe3/WuHVAkHU2No6jF5X9oo2O1vpTlsdYNGgl/XOa
v1w4hL8albgQ9dvg9eZc4F1Cf8ljVejwbrllhcp+dUNAXgn3ZvOFJjGZaAgw/TuP
L35b9cFb9c/8XyS1vVonxnosTbY8rChcjTm/TxtYNgMn4HCQCXgjDuWvjY2/Gnny
Jk1xUOGBAoGBAOQ0HDbYur/RG36SvyDuhV92K7Zid67sFQJSjaC74SGf9QI1gEie
9bzftIgVyGt9QVtyu4uDGegV0bh2BpdniE2MS8GpLlCj8phZmCPG255n5paaEJoj
fUI7NGaWfojOhTPs5tZJmsQfGcsMKDnqde1yBydgelbFd/nekbxKvs7pAoGBANi8
B0ds+wDZbROYUtkvrfVfyjkxat53SaXJLgjY0X+6vrMyY5k4u/C7PKxX7wG9ZMJJ
sqbh0DlOlB+caN4op1F/R/C2FisE3/tkQmaCCJui06VHaQT8JAx4faYWcdNF2PqI
EXnE/FOplCv5k/5nKc7YEB9WITiQ1lTI14ZQcx+pAoGBAK8VtBf4jL+ixf+Ew5OW
rUmitsMGJWFVzICtqfAKdh6ARVDej4AoRc4VrMNEQzMFNOHe0zmk6nmAVBm8pC4B
xzgITg9VqC1CvFxbUTkR12pfuTEPH3HDjNUF65xSFt8L5HMEbc83RcD3Q6jfuPVG
iBgXhpmVkgeFFhnlw9a9WkwRAoGALDILefErLf0oVPqWylsCqiqiXg9Jr5u7lOb1
UDCGZ/l4sanwzWnYSTqlIK+9uSkZxtSobYdWopj3c4q9h6/ajq/Zx6gZ1SPlWKoV
MDoL71DAv89UBwQzhad8V8Xz6BUyLcRZa+9TVOwbnuwB1brLt7Yvc3RoydQfIKLj
8CuvjiECgYEAih5s8esQa1EFbKBYbgsEHDDpmnO5izAPx5XwN9KQG1XtYwrWCthQ
WO2MV6esw+M1AYlGkHltQQzpC8m3Uwkw/nhPvAkrnnrn/xRemMC7IHMHTVRv6MC8
r/dHqv+4wm3v5IojDotDYlprlXU0iIkYuNxfs14GygU3LedQFzjakaw=
-----END RSA PRIVATE KEY-----";
PemReader pr = new PemReader(new StringReader(privatePEM));
AsymmetricCipherKeyPair keys = (AsymmetricCipherKeyPair)pr.ReadObject();
var encoder = new UTF8Encoding();
var inputData = encoder.GetBytes(plainText);
var signer = SignerUtilities.GetSigner("SHA256WITHRSA");
signer.Init(true, keys.Private);
signer.BlockUpdate(inputData, 0, inputData.Length);
var sign = signer.GenerateSignature();
var signmsg = Convert.ToBase64String(sign);
Console.WriteLine(signmsg);
}
}
<强>的node.js:强>
var crypto = require('crypto');
var fs = require('fs');
// `signmsg` displayed by the above C# program
var sig = 'ivMHsoMoXc61wcJpvelTonBkd5fqDD+aNJpo0DiamisAT5uXiTcGm56C+MIc5dd+ELTG54YRb2MzETRnBlsh6Tm9fHbCwSdZJ0GxqnKb56VKZvccQ+740Q3vw7GYfspidyUuonOA+tDLc73fhSRfTlG7c4EuzZzUvMy+2epMA7HC2drWmMXARhY1jeAPz3ofUX7$
// Public key derived from `privatePEM` in the above C# program
var pubKey = `-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTOUkBeDyeEiacGyW5Uw
NCg73GuIMaUNMXZwnCSjQYpMqxzrq3UdwFxM9Ln6rXCDJgUALvrbI6TK6HwKG/EP
bC277IWvJ0WbqGpn47th70JMFyssLqNEREot3H9CFCmn7SM8jjQOYAQ+4M5BqPEd
6gwprtP+/GxZ0nP46vSrA7qlyyp2MO2yTovWH5QfYB1bQvjAChEydqAP1Alqo5i2
QnZ50FD6QFr2KG3+f7xmvL3K/gSs+ayjDNYjrKoJwY6xJ/U4103Xddr5zP0g6WL+
zyjTW9M0CCXsQ7wCrPWxEXmVQeg7BbSwx6ATbP2pbuWHfp2GrO6PIw2wMzOwNa/O
0QIDAQAB
-----END PUBLIC KEY-----`;
var verify = crypto.createVerify('RSA-SHA256');
verify.update('Hello world');
console.log(verify.verify(pubKey, new Buffer(sig, 'base64')));
// Outputs:
// true