问题描述
RSACryptoServiceProvider尚未在.NET Core中实现,所以当我设法生成密钥时,我无法使用Encrypt或Decrpyt来工作,所以我需要自己的替代方案。
我找不到有用的东西来指导我。
我想实现的逻辑是
1.客户端呼叫RSA公钥API
2. API提供公钥
4 。客户端使用RSA公钥加密AES密钥
5.客户端使用AES密钥加密凭证
6.客户端调用JWT的API,提供加密的AES密钥和加密的凭证
7. API使用RSA私钥解密AES密钥
8. API使用AES密钥解密凭证
9. API使用凭证进行验证客户
10.如果有效,API问题JWT
我尝试过:
我尝试过直接使用RSACryptoServiceProvider我的代码,我已经尝试过Netcore.Encrypt(我可能太快了,不能把它放在一边)。我也在线进行了大量的搜索。
上面的逻辑在第7步失败。为避免疑问,客户端不是.NET核心模块(它的。 NET 4.7.2)这是允许我通过第5步的原因。
生成的消息是:
此平台不支持操作。
和堆栈跟踪是:
在System.Security.Cryptography.RSA.FromXmlString(String xmlString)
在CMDS.Infrastructure.Cryptography.CryptoEngine.DecryptData(String privateKey,Byte [] dataToDecrypt)中的D:\OneDrive \SBSB \ project] \ CentralMessageDistributionService_CoreAPI \ CentralMessageDistributionService_CoreAPI \Infrastructure \Cryptography \CryptoEngine。 cs:第77行
at CMDS.Controllers.KeyController.GetJWTalt(String symmetricKeyEncryptedAsJson)在D:\ OneDrive \SBSB \ project] \ CentralMessageDistributionService_CoreAPI \ CentralMessageDistributionService_CoreA PI\Controllers\KeyController.cs:第196行
这是代码片段:
The RSACryptoServiceProvider is not implemented in .NET Core yet so while I have managed to generate keys I cannot get Encrypt or Decrpyt to work so I need my own alternatives.
I cant find anything useful on line to guide me.
The logic I want to implement is
1. Client calls API for RSA public key
2. API supplies public key
3. Client generates one off AES Key
4. Client encrypts AES key using RSA public key
5. Client encrypts credentials using AES Key
6. Client calls API for JWT supplying the encrypted AES Key and the encrypted credentials
7. API uses RSA private key to decrypt AES Key
8. API uses AES key to decrypt credentials
9. API uses credentials to validate client
10. If valid, API issues JWT
What I have tried:
I've tried using RSACryptoServiceProvider directly my code and I've experimented with Netcore.Encrypt (I may have been too quick to set that aside). I've also done extensive searching online.
Logic above fails at step 7. For the avoidance of doubt, the client is not a .NET Core module (its .NET 4.7.2) which is what allows me past step 5.
The message generated is:
Operation is not supported on this platform.
and the stack trace is:
at System.Security.Cryptography.RSA.FromXmlString(String xmlString)
at CMDS.Infrastructure.Cryptography.CryptoEngine.DecryptData(String privateKey, Byte[] dataToDecrypt) in D:\OneDrive\SBSB\projects\CentralMessageDistributionService_CoreAPI\CentralMessageDistributionService_CoreAPI\Infrastructure\Cryptography\CryptoEngine.cs:line 77
at CMDS.Controllers.KeyController.GetJWTalt(String symmetricKeyEncryptedAsJson) in D:\OneDrive\SBSB\projects\CentralMessageDistributionService_CoreAPI\CentralMessageDistributionService_CoreAPI\Controllers\KeyController.cs:line 196
and this is the code snippet:
// Create an array to store the decrypted data in it
byte[] decryptedData;
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
// Set the private key of the algorithm
rsa.FromXmlString(privateKey);
decryptedData = rsa.Decrypt(dataToDecrypt, false);
}
当我为此编辑提取它时,我意识到它正在抛出的FromXmlString例外。我已经不得不为密钥生成替换它,这就是已知问题所在,所以如果我能想出一个我自己的方法的重载来设置私钥,那么我应该完成它。
When I extracted it for this edit, I realized its the FromXmlString that is throwing out the exception. I already had to replace it for key generation, this is where the known issue is, so if I can come up with an overload of my own method that will set private key then I should get it done.
推荐答案
这篇关于.net核心不对称密码学的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!