Question

好吧，我正在尝试使用这两个库生成相同的密钥：

https://github.com/dvsekhvalnov/jose-jwt这适用于C＃
https://github.com/Spomky-Labs/jose这适用于PHP

我已经实施了两个：

在C＃中：

public static string CypherData<T>(T payload)
{
    return JWT.Encode(payload, pubkey, JweAlgorithm.RSA_OAEP, JweEncryption.A256GCM, JweCompression.DEF);
}

Console.WriteLine(Api.CypherData("hola"));

这是我如何加载公钥PEM字符串：

private static RSACryptoServiceProvider GetPubKey()
{
     ConnPreCheck();

     JObject obj = JsonConvert.DeserializeObject<JObject>(getPubKey.HttpGet());

     pubkeyStr = obj["data"]["pubKey"].ToString();

     return PemKeyUtils.GetRSAProviderFromPemString(pubkeyStr);
}

这就是它的回报：

eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.L3Teg2RSXXpp4jakLkl2PQgidJ5BIXyP5QZM2B4RaO0vs55aT22D9_dPl6d83KvXezM4YkOnyoF0JA0eLX3k8W4eWkHUhgoYqxgwQSWWhjrpDxcpNdXbDlB6zVb_BKf5upro5qm23nr_SOkkqhKJGrw_sIXvD1LjOburLolDqojrnvK5awGtiFwkPZjRh_wh4z4buEfYsWJCKhTLU6aG_DipmbAXq1o9u1-cqiQJC0JlPJRbh6JJDmVc9YqBv0W0rFEa7W5HA12TO-RtV42tEPApr3hNmD8QwzvxxZYKpMzoBAsSQcvSKk878qeOAcx3pZyoDZ6WzD-LRusWy7nJwOa6AC9NsL91mv8WsZxWar9AnzOsKleSJ7k8I477pXE_H1g7XnFBgmA4egF-721sa7SO2LtS440v1ytA4504sdjVYeOfWmRSU4UljnUqaYTd031fzCevzNEO0Q7mncn-sJACVHiwQB9c703SvYZaFOyzU-vdXUqBRTR6x0JvQd_lFNgSS9pOQC5BQbAKOME9fjdXiwRUKfyHXCUAUj88CJEMqxg3_VYYfUC04GahmoysR9QUpK3l84Z5TLOi47SvO-NKR-2wf7v4ko8bZIR3E6XFHFG9lWwdzR_JPz7fm0OFiYB0HN8XgWE4bQ2tasYsmFhWVfkeRZodnlqFvImSNjA.GIGFv4h_nYkpBiA5.1_66eMEb.BJTezaLucvfluWQ8VEzgCQ

在PHP中：

好的，PHP实现如下：

include(__DIR__ . "/../libs/jose/autoload.php");

$file = __DIR__ . '/../keys/public.key';
$contents = file_get_contents($file);

// This is the input we want to load verify.
$input = @$_GET["input"];

$key = new \Jose\KeyConverter\RSAKey($contents);

$jwe = \Jose\Factory\JWEFactory::createJWEToCompactJSON(
    $input,                    // The message to encrypt
    new \Jose\Object\JWK($key->toArray()),                        // The key of the recipient
    [
        'alg' => 'RSA-OAEP',
        'enc' => 'A256GCM',
        'zip' => 'DEF',
    ]
);

它们是相似的代码吗？

但输出结果不同：

eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.jbNHUCuXYcXZWrHsJrPclV-fjYmFWwwPj4t3kAOt7PahQfsz0a1GaRrODcwKce4yRtLyjv2U7CtFMxt9ah3XTwIqm1mzzPMhO4LnFIRqMRgsxEgIijRqNOOpE85M3UPBRqjYw0wdjaqfJToLVLwaHgUPCkOqsHrdOOWkxN20fZYy4Z1PQAC0rk2WqLD0x7Za1jdV6LvVtd18iFIaRqf2uNYcRePdyInRxwHGp9JfRkVCQILTfwHlxQBKrwJxhZOzdHrjjNjxNsjAsHGMix6MAbUR0YT4hlrE59eriDVxix4uQrrChuzWVz_kY9-zvB9SDZnYDdfgONYUgTMpbkMTVWsF40JmWJ6wvGs3HaaIxN17UjQLemKgrS4-bqvbnschhZTIGi5-f8Cr_SwGo411VNYhNpD4P1H2dEjmAFpn3SdW3Oi6pPgK2tvIpEwGUS-Gi29-aCCNeuyE2m5dbFW28G9HMmvZHAky4KHE4NlNJTrH0aBxQX_Gc7eTf9q00gJtKQ5CinXaUYAB0xSEbsNACZuFLPawuxj_3FGn6dHYFOkSsatCTcqV5tiGJXG6ns-wDc682-G9Mj8HCIzYzakp-yZLIaY00fg5xQdgKJrk0QbCtvbwiQGoupyMV9f3RpEBJznPrq4STypxskdh6jksB6T_1fhPqZMVt2BHR4phCBg.9380DJUDH4TQnnr7.zEuMQwRr.BfdStBMcVnVR-2ujTLjuaA

你可以在这里看到差异：

左边是C＃，右边是PHP。你可以在那里看到它：http://qbz28b-user.freehosting.host/html/Result.html

显然，当我尝试使用PHP解密时使用C＃生成的文本...

...在PHP中实现解密：

include(__DIR__ . "/../libs/jose/autoload.php");

$file = __DIR__ . '/../keys/private.key';
$contents = file_get_contents($file);

// This is the input we want to load verify.
$input = @$_GET["input"];

$jwk = new \Jose\KeyConverter\RSAKey($contents);

// We create our loader.
$loader = new Jose\Loader();
$loader->load($input);

// The payload is decrypted using our key.
$jws = $loader->loadAndDecryptUsingKey(
    $input,            // The input to load and decrypt
    new \Jose\Object\JWK($jwk->toArray()),              // The symmetric or private key
    ['RSA-OAEP'],      // A list of allowed key encryption algorithms
    ['A256GCM'],       // A list of allowed content encryption algorithms
    $recipient_index   // If decrypted, this variable will be set with the recipient index used to decrypt
);

$coreData["content"] = $jws->getPayload();

发生以下异常：

致命错误：未捕获InvalidArgumentException：无法解密 JWE。在C：\ xampp \ htdocs \ z3nth10n-PHP \ libs \ jose \ Decrypter.php：80 Stack trace：＃0 C：\ xampp \ htdocs \ z3nth10n-PHP \ libs \ jose \ Loader.php（95）：何\ Decrypter-＆GT; decryptUsingKeySet（对象（圣何塞\对象\ JWE），对象（Jose \ Object \ JWKSet），NULL）＃1 C：\ XAMPP \ htdocs中\ z3nth10n-PHP \库\圣何塞\ Loader.php（30）：何塞\装载机＆GT; loadAndDecrypt（ 'eyJhbGciOiJSU0E ......'，对象（Jose \ Object \ JWKSet），Array，Array，NULL）＃2 C：\ XAMPP \ htdocs中\ z3nth10n-PHP \包括\ actions.php（321）：何塞\装载机＆GT; loadAndDecryptUsingKey（ 'eyJhbGciOiJSU0E ......'，对象（Jose \ Object \ JWK），Array，Array，NULL）＃3 C：\ XAMPP \ htdocs中\ z3nth10n-PHP \ api.php（9）： include（'C：\ xampp \ htdocs ...'）＃4 {main}引入第80行的C：\ xampp \ htdocs \ z3nth10n-PHP \ libs \ jose \ Decrypter.php

我一直在寻找代码这么多时间，而且我已经意识到问题不在代码中，问题在于生成的令牌。我不知道我能做什么，你可以在这里测试一下。

Encoding a word ...

...然后，decrypting it。

有什么建议要看吗？

在客户端和服务器之间生成SAME JOSE令牌（PHP-C＃）

在C＃中：

在PHP中：

0 个答案: