公私钥加密-PHP和C#
[英]Public Private Key Crypto - PHP & C#
问题描述
Can anyone point me in the right direction. 
谁能指出我正确的方向。
I am trying to encrypt a string server side (PHP) with a private key and then decrypt it client side (c#) with a public key to verify authenticity of the message sent. 我正在尝试使用私钥对字符串服务器端(PHP)进行加密,然后使用公钥对客户端(c#)进行解密,以验证所发送消息的真实性。
Thanks 谢谢
3 个解决方案
解决方案1
1 2011-11-24 20:05:39
Don't try to come up with a custom encryption scheme based on basic crypto algorithms like RSA. 不要试图提出一种基于基本加密算法(例如RSA)的自定义加密方案。 Security protocols are very hard to get right; 安全协议很难正确制定。 you don't only have to think about encrypting or signing the data, but also man in the middle attacks, replay attacks, padding oracle attacks and whatnot. 您不仅需要考虑对数据进行加密或签名,还需要考虑中间人攻击,重播攻击,填充oracle攻击等等。
I suggest you use a standardised, well-tested security protocol that is easy to use and understand: Use HTTPS. 我建议您使用易于使用和理解的标准化,经过测试的安全协议:使用HTTPS。
解决方案2
0 2011-11-24 20:09:26
.NET contains standard functions for RSA encryption/decryption. .NET包含用于RSA加密/解密的标准功能。
To use RSA in PHP, you can find a lot of implementations by Google. 要在PHP中使用RSA,您可以找到Google的许多实现。
Only problem that you will stumble in future is in transferring data between PHP and .NET programm: 您将来会遇到的唯一问题是在PHP和.NET程序之间传输数据:
- you probably have to use base64 string 您可能必须使用base64字符串
- and if you want to send data with GET or POST you have to use this solution 如果要使用GET或POST发送数据,则必须使用此解决方案
ADDED 添加
RSA is a simple algorithm that isn't hard to implementation by hand. RSA是一种简单的算法,并不难手动实现。
解决方案3
0 2011-11-24 23:56:21
What you want to do is usually called signature , not encryption . 您想要做的通常称为签名 ,而不是加密 。
Even if in textbooks RSA signature is explained as "encryption with private key, decryption with public one", in reality it uses a slightly different procedure (in the part before the actual "encryption"), and thus you have different functions for signature than for encryption. 即使在教科书中,RSA签名被解释为“用私钥加密,用公共密钥解密”,实际上它使用的程序也略有不同(在实际“加密”之前的部分),因此您的签名功能与用于加密。
For signature in PHP, it looks like you can use the openssl_sign function. 对于PHP中的签名,您似乎可以使用openssl_sign函数。
To check the signature in C#, you can use .NET's RSACryptoServiceProvider class, with it's VerifyData method. 要检查C#中的签名,您可以使用.NET的RSACryptoServiceProvider类及其VerifyData方法。
Of course, if your goal is simply an authenticated transfer between two entities in the internet (ie from server to client), use SSL/TLS, it is the standard solution. 当然,如果您的目标只是在Internet中两个实体之间进行经过身份验证的传输(即从服务器到客户端),请使用SSL / TLS,这是标准的解决方案。 You can use your own certificate (or one from your own CA) instead of an costly one from a commercial CA, if you distribute the root certificate with your application. 如果您在应用程序中分发根证书,则可以使用自己的证书(或来自您自己的CA的证书),而不是昂贵的来自商业CA的证书。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.