在客户端和服务器之间生成SAME JOSE令牌(PHP-C#)

时间:2018-05-10 00:22:36

标签: c# php encryption jwt jose

好吧,我正在尝试使用这两个库生成相同的密钥:

我已经实施了两个:

在C#中:

public static string CypherData<T>(T payload)
{
    return JWT.Encode(payload, pubkey, JweAlgorithm.RSA_OAEP, JweEncryption.A256GCM, JweCompression.DEF);
}

Console.WriteLine(Api.CypherData("hola"));

这是我如何加载公钥PEM字符串:

private static RSACryptoServiceProvider GetPubKey()
{
     ConnPreCheck();

     JObject obj = JsonConvert.DeserializeObject<JObject>(getPubKey.HttpGet());

     pubkeyStr = obj["data"]["pubKey"].ToString();

     return PemKeyUtils.GetRSAProviderFromPemString(pubkeyStr);
}

这就是它的回报:

  

eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.L3Teg2RSXXpp4jakLkl2PQgidJ5BIXyP5QZM2B4RaO0vs55aT22D9_dPl6d83KvXezM4YkOnyoF0JA0eLX3k8W4eWkHUhgoYqxgwQSWWhjrpDxcpNdXbDlB6zVb_BKf5upro5qm23nr_SOkkqhKJGrw_sIXvD1LjOburLolDqojrnvK5awGtiFwkPZjRh_wh4z4buEfYsWJCKhTLU6aG_DipmbAXq1o9u1-cqiQJC0JlPJRbh6JJDmVc9YqBv0W0rFEa7W5HA12TO-RtV42tEPApr3hNmD8QwzvxxZYKpMzoBAsSQcvSKk878qeOAcx3pZyoDZ6WzD-LRusWy7nJwOa6AC9NsL91mv8WsZxWar9AnzOsKleSJ7k8I477pXE_H1g7XnFBgmA4egF-721sa7SO2LtS440v1ytA4504sdjVYeOfWmRSU4UljnUqaYTd031fzCevzNEO0Q7mncn-sJACVHiwQB9c703SvYZaFOyzU-vdXUqBRTR6x0JvQd_lFNgSS9pOQC5BQbAKOME9fjdXiwRUKfyHXCUAUj88CJEMqxg3_VYYfUC04GahmoysR9QUpK3l84Z5TLOi47SvO-NKR-2wf7v4ko8bZIR3E6XFHFG9lWwdzR_JPz7fm0OFiYB0HN8XgWE4bQ2tasYsmFhWVfkeRZodnlqFvImSNjA.GIGFv4h_nYkpBiA5.1_66eMEb.BJTezaLucvfluWQ8VEzgCQ

在PHP中:

好的,PHP实现如下:

include(__DIR__ . "/../libs/jose/autoload.php");

$file = __DIR__ . '/../keys/public.key';
$contents = file_get_contents($file);

// This is the input we want to load verify.
$input = @$_GET["input"];

$key = new \Jose\KeyConverter\RSAKey($contents);

$jwe = \Jose\Factory\JWEFactory::createJWEToCompactJSON(
    $input,                    // The message to encrypt
    new \Jose\Object\JWK($key->toArray()),                        // The key of the recipient
    [
        'alg' => 'RSA-OAEP',
        'enc' => 'A256GCM',
        'zip' => 'DEF',
    ]
);

它们是相似的代码吗?

但输出结果不同:

  

eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJ6aXAiOiJERUYifQ.jbNHUCuXYcXZWrHsJrPclV-fjYmFWwwPj4t3kAOt7PahQfsz0a1GaRrODcwKce4yRtLyjv2U7CtFMxt9ah3XTwIqm1mzzPMhO4LnFIRqMRgsxEgIijRqNOOpE85M3UPBRqjYw0wdjaqfJToLVLwaHgUPCkOqsHrdOOWkxN20fZYy4Z1PQAC0rk2WqLD0x7Za1jdV6LvVtd18iFIaRqf2uNYcRePdyInRxwHGp9JfRkVCQILTfwHlxQBKrwJxhZOzdHrjjNjxNsjAsHGMix6MAbUR0YT4hlrE59eriDVxix4uQrrChuzWVz_kY9-zvB9SDZnYDdfgONYUgTMpbkMTVWsF40JmWJ6wvGs3HaaIxN17UjQLemKgrS4-bqvbnschhZTIGi5-f8Cr_SwGo411VNYhNpD4P1H2dEjmAFpn3SdW3Oi6pPgK2tvIpEwGUS-Gi29-aCCNeuyE2m5dbFW28G9HMmvZHAky4KHE4NlNJTrH0aBxQX_Gc7eTf9q00gJtKQ5CinXaUYAB0xSEbsNACZuFLPawuxj_3FGn6dHYFOkSsatCTcqV5tiGJXG6ns-wDc682-G9Mj8HCIzYzakp-yZLIaY00fg5xQdgKJrk0QbCtvbwiQGoupyMV9f3RpEBJznPrq4STypxskdh6jksB6T_1fhPqZMVt2BHR4phCBg.9380DJUDH4TQnnr7.zEuMQwRr.BfdStBMcVnVR-2ujTLjuaA

你可以在这里看到差异:

...

左边是C#,右边是PHP。你可以在那里看到它:http://qbz28b-user.freehosting.host/html/Result.html

显然,当我尝试使用PHP解密时使用C#生成的文本...

...在PHP中实现解密:

include(__DIR__ . "/../libs/jose/autoload.php");

$file = __DIR__ . '/../keys/private.key';
$contents = file_get_contents($file);

// This is the input we want to load verify.
$input = @$_GET["input"];

$jwk = new \Jose\KeyConverter\RSAKey($contents);

// We create our loader.
$loader = new Jose\Loader();
$loader->load($input);

// The payload is decrypted using our key.
$jws = $loader->loadAndDecryptUsingKey(
    $input,            // The input to load and decrypt
    new \Jose\Object\JWK($jwk->toArray()),              // The symmetric or private key
    ['RSA-OAEP'],      // A list of allowed key encryption algorithms
    ['A256GCM'],       // A list of allowed content encryption algorithms
    $recipient_index   // If decrypted, this variable will be set with the recipient index used to decrypt
);

$coreData["content"] = $jws->getPayload();

发生以下异常:

  

致命错误:未捕获InvalidArgumentException:无法解密   JWE。在C:\ xampp \ htdocs \ z3nth10n-PHP \ libs \ jose \ Decrypter.php:80 Stack   trace:#0 C:\ xampp \ htdocs \ z3nth10n-PHP \ libs \ jose \ Loader.php(95):   何\ Decrypter-&GT; decryptUsingKeySet(对象(圣何塞\对象\ JWE),   对象(Jose \ Object \ JWKSet),NULL)#1   C:\ XAMPP \ htdocs中\ z3nth10n-PHP \库\圣何塞\ Loader.php(30):   何塞\装载机&GT; loadAndDecrypt( 'eyJhbGciOiJSU0E ......',   对象(Jose \ Object \ JWKSet),Array,Array,NULL)#2   C:\ XAMPP \ htdocs中\ z3nth10n-PHP \包括\ actions.php(321):   何塞\装载机&GT; loadAndDecryptUsingKey( 'eyJhbGciOiJSU0E ......',   对象(Jose \ Object \ JWK),Array,Array,NULL)#3   C:\ XAMPP \ htdocs中\ z3nth10n-PHP \ api.php(9):   include('C:\ xampp \ htdocs ...')#4 {main}引入   第80行的C:\ xampp \ htdocs \ z3nth10n-PHP \ libs \ jose \ Decrypter.php

我一直在寻找代码这么多时间,而且我已经意识到问题不在代码中,问题在于生成的令牌。我不知道我能做什么,你可以在这里测试一下。

Encoding a word ...

...然后,decrypting it

有什么建议要看吗?

0 个答案:

没有答案