[英]RSA signing with jsrsasign and C#
I'm trying to implement a licensing system using RSA. 我正在尝试使用RSA实施许可系统。
The principle is simple: backend generates and signs a license using the private key of a certificate, front end verifies the license with the provided signature to ensure integrity and origin of the license. 原理很简单:后端使用证书的私钥生成并签署许可证,前端使用提供的签名来验证许可证,以确保许可证的完整性和来源。
The backend is an asp.net mvc (classic, not core) web site. 后端是一个asp.net mvc(经典而非核心)网站。 The front end is javascript/typescript leveraging jsrsasign library. 前端是利用jsrsasign库的javascript / typescript。
Here is my signing method (backend) : 这是我的签名方法(后端):
var binarySerializedLicense = Encoding.Unicode.GetBytes(serializedLicense);
var rsaEncryptor = (RSACryptoServiceProvider)_signingCertificate.PrivateKey;
var signatureData = rsaEncryptor.SignData(binarySerializedLicense, new SHA1CryptoServiceProvider());
var signature = ByteArrayToString(signatureData);
Here is my verify method (backend) : 这是我的验证方法(后端):
var signatureData = StringToByteArray(signature);
var licenseData = Encoding.Unicode.GetBytes(serializedLicense);
var rsaEncryptor = (RSACryptoServiceProvider)_signingCertificate.PrivateKey;
var isLicenseValid = rsaEncryptor.VerifyData(licenseData, new SHA1CryptoServiceProvider(), signatureData);
I took the Hex Converting methods from this post 我从这篇文章中采用了十六进制转换方法
Now I have a frontend POC implementation of jsrsasign. 现在,我有了jsrsasign的前端POC实现。
<script type="text/javascript">
function verifyData() {
var pem = "-----BEGIN PUBLIC KEY-----\
...\
im7MVM73FyE6BFb2cv3IZWUCAwEAAQ==\
-----END PUBLIC KEY-----";
var sig = new KJUR.crypto.Signature({ "alg": "SHA1withRSA" });
sig.init(pem);
sig.updateString($("#data").val());
var isValid = sig.verify($("#signature").val());
alert(isValid);
}
function signData() {
var pem = "-----BEGIN PRIVATE KEY-----\
...\
-----END PRIVATE KEY-----";
var sig = new KJUR.crypto.Signature({ "alg": "SHA1withRSA" });
sig.init(pem);
sig.updateString($("#data").val());
$("#signature").val(sig.sign());
}
$(function () {
$("#verify").click(function () {
verifyData();
});
$("#sign").click(function () {
signData();
});
});
</script>
Signature <input type='text' id='signature' /><br />
Data <input type='text' id='data' /><br />
<button id="verify">Verify</button>
<button id="sign">Sign</button>
The problem I'm having is that the Signature generated by jsrsasign and the one generated by the asp.net mvc site are different. 我遇到的问题是jsrsasign生成的签名和asp.net mvc网站生成的签名是不同的。
Each sign/verify roundtrip works with both technologies. 每个符号/验证往返都可以使用这两种技术。
I've been playing with encoding and a bunch of things but I couln't get it to work. 我一直在玩编码和很多东西,但我无法使它工作。 So my question is: How can I get this scenario to work properly? 所以我的问题是:如何使这种情况正常工作?
As I suspected it was an encoding issue. 我怀疑这是一个编码问题。 After wondering around a few more hours I finally made it work replace Encoding.Unicode
by Encoding.UTF8
在想了几个小时之后,我终于使它工作了,用Encoding.Unicode
代替了Encoding.UTF8
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.