堆栈内存溢出
  简体   繁体   English

在 C# 中验证 Crypto Node.JS 生成的 RSA 签名

[英]Verifying a RSA signature made by Crypto Node.JS in C#

 原文  2021-05-17 10:28:56       c#/ node.js/ rsa/ signing

问题描述

I'm trying to build a web service using Express/NodeJS which signs a piece of information.我正在尝试使用对一条信息进行签名的Express/ NodeJS 构建 web 服务。 The signed data is received and verified by a client written in C# .签名数据由用C#编写的客户端接收和验证。 You'll have to forgive my inexperience in cryptography and its associated technologies.您将不得不原谅我在密码学及其相关技术方面的经验不足。

First off, I generate a certificate for the C# client and a private key for the NodeJS application using OpenSSL ;首先,我为C# 客户端生成证书,并使用OpenSSL为 NodeJS应用程序生成私钥

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365

In the NodeJS application , I have the following code;NodeJS 应用程序中,我有以下代码;

const crypto = require('crypto')
const fs = require('fs')

var pem = fs.readFileSync('./keys/key.pem');
var key = pem.toString('ascii');
var privateKey = crypto.createPrivateKey({
    'key': key,
    'format': 'pem',
    'passphrase': '<PASSPHRASE>',
});

function sign(identifier){
    var sign = crypto.createSign('RSA-SHA256');
    sign.update(identifier);
    var sig = sign.sign(privateKey, 'base64');
    return sig;
}

exports.sign = sign;

In this case, the parameter identifier is the data to be signed.在这种情况下,参数identifier是要签名的数据。 The client will receive this, and the signature generated, sig .客户端将收到此信息以及生成的签名sig

In the C# client I have the following snippet;在 C# 客户端中,我有以下代码段;

X509Certificate2 cert = new X509Certificate2(Convert.FromBase64String(pub));
using (var sha256 = SHA256.Create())
{
    using (var rsa = cert.GetRSAPublicKey())
    {
        bool results = rsa.VerifyData(data, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
        Console.WriteLine(results.ToString());
    }
}

The pub is the generated certificate in Base64, it is stored in a const string . pub是 Base64 中生成的证书,它存储在const string中。 The data contains the same information as identifier in the NodeJS application, but it's converted to bytes using Convert.FromBase64String(...) , and likewise the signature is the data returned from sig in the NodeJS application, only converted from Base64 to byte data. data包含与 NodeJS 应用程序中的identifier相同的信息,但它使用Convert.FromBase64String(...)转换为字节,同样signature是 NodeJS 应用程序中从sig返回的数据,仅从 Base64 转换为字节数据.

When all information is inserted, VerifyData() returns false, this leads me to believe that there's some kind of missmatch between the cryptographic configurations of the web service and the client.插入所有信息后, VerifyData()返回 false,这使我相信 web 服务和客户端的加密配置之间存在某种不匹配。

Any ideas?有任何想法吗?

1 个解决方案

解决方案1
 0 已采纳  2021-05-17 11:15:53

As pointed out in the comments, the problem was that data in the C# client was converted to from Base64 when the data in the NodeJS application read from UTF-8.正如评论中所指出的,问题是当 NodeJS 应用程序中的data从 UTF-8 读取时,C# 客户端中的数据从 Base64 转换为。

The solution was to convert the string using Encoding.UTF8.GetBytes()解决方案是使用Encoding.UTF8.GetBytes()转换字符串

Thanks for the quick response!感谢您及时的回复!

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 c#中的RSA签名和使用Crypto ++的C ++验证 - RSA signature in c# and verification in C++ with Crypto++ 使用rsa验证来自c#节点的签名数据 - Verifying signed data from node in c# using rsa 验证c#中的数字签名 - verifying digital signature in c# C#验证PDF签名 - C# Verifying PDF signature 在 C# 中验证 Java 签名 - Verifying Java signature in C# C# 和 Node.js/crypto 的通用加密/解密代码示例 - Common encrypt/decrypt code example for C# and Node.js/crypto 无法解密 C# 中使用 Node.js 中的 RSA 公钥加密的字符串 - Unable to decrypt a string in C# which is encrypted with RSA public key in Node.js 在 C# 中加密时,为什么在 node.js 中 RSA 解密失败? - Why does RSA decryption fail in node.js when encrypted in C#? 使用PHP进行RSA签名并使用C#进行验证 - RSA Signing with PHP and verifying with C# 使用RSA C#签名和验证签名 - Signing and verifying signatures with RSA C#
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM