[英]PKCE with RSA both ways
Can PKCE be implemented with both server and client generating public and private keys? PKCE 可以通过服务器和客户端生成公钥和私钥来实现吗? Is it worth it?
这值得么? What I think is this flow:
我认为是这样的流程:
Am I missing something?我错过了什么吗? Is this bad approach?
这是不好的方法吗? Is this encryprtion/decryption/generating keys heavy to compute?
这种加密/解密/生成密钥计算量大吗?
Your algorithm seems to be as secure as the PKCE standard.您的算法似乎与 PKCE 标准一样安全。 I don't think there's any additional value in encrypting the random strings.
我认为加密随机字符串没有任何附加价值。 You also add one roundtrip to the server, as in PKCE it is the client who generates the initial random string.
您还向服务器添加了一次往返,因为在 PKCE 中,生成初始随机字符串的是客户端。
Encrypting consumes resources and it's simple to implement it wrong.加密会消耗资源,而且很容易实现错误。 You also need support for encryption algorithms on both the server and the client side.
您还需要在服务器端和客户端都支持加密算法。 Thus, I think it's just redundant to try to add that encryption to a proven standard.
因此,我认为尝试将加密添加到经过验证的标准中只是多余的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.