问题描述
我正在使用Auth0在我的Web应用程序中处理身份验证.我正在使用ASP.NET Core v1.0.0和Angular 2 rc5,但总体上我对身份验证/安全性了解不多.
在用于ASP.NET Core Web的Auth0文档中Api ,JWT算法有两种选择:RS256和HS256.这可能是一个愚蠢的问题,但:
RS256和HS256有什么区别?有哪些用例(如果适用)?
这两种选择均指身份提供者用来对JWT进行签名的算法.签名是一种加密操作,它生成令牌的接收者可以验证以确保令牌未被篡改的签名"(JWT的一部分).
-
RS256(具有 SHA-256 的RSA签名)是非对称算法,它使用公钥/私钥对:身份提供者具有私有(秘密) )用于生成签名的密钥,JWT的使用者将获得一个公共密钥来验证签名.由于不需要保护公共密钥(相对于私有密钥)的安全性,因此大多数身份提供者都可以轻松地使它可供消费者获取和使用(通常通过元数据URL).
另一方面, -
HS256(带有SHA-256的 HMAC )涉及哈希函数和一个(秘密)密钥的组合,该密钥在两方之间共享,用于生成将用作签名的哈希.由于使用相同的密钥来生成签名和验证签名,因此必须注意确保密钥不被泄露.
如果您要开发使用JWT的应用程序,则可以安全地使用HS256,因为您可以控制谁使用秘密密钥.另一方面,如果您对客户端没有控制权,或者您无法保护密钥,那么RS256将是更好的选择,因为用户只需要知道公共(共享)密钥即可. /p>
由于通常可以从元数据端点获取公用密钥,因此可以对客户端进行编程以自动检索公用密钥.如果是这种情况(.Net Core库就是如此),您将无需进行太多配置工作(这些库将从服务器中获取公钥).另一方面,对称密钥需要进行带外交换(以确保安全的通信通道),如果存在签名密钥翻转,则需要手动更新.
Auth0为OIDC,SAML和WS-Fed协议提供元数据终结点,可以在其中检索公共密钥.您可以在客户端的高级设置"下看到这些端点.
例如,OIDC元数据端点采用https://{account domain}/.well-known/openid-configuration的形式.如果浏览到该URL,您将看到一个引用https://{account domain}/.well-known/jwks.json的JSON对象,其中包含帐户的一个或多个公共密钥.
如果查看RS256示例,您会发现不需要在任何地方配置公钥:框架会自动检索它.
I'm using Auth0 to handle authentication in my web app. I'm using ASP.NET Core v1.0.0 and Angular 2 rc5 and I don't know much about authentication/security in general.
In the Auth0 docs for ASP.NET Core Web Api, there are two choices for the JWT algorithm being RS256 and HS256. This may be a dumb question but:
What's the difference between RS256 and HS256? What are some use cases (if applicable)?
Both choices refer to what algorithm the identity provider uses to sign the JWT. Signing is a cryptographic operation that generates a "signature" (part of the JWT) that the recipient of the token can validate to ensure that the token has not been tampered with.
RS256 (RSA Signature with SHA-256) is an asymmetric algorithm, and it uses a public/private key pair: the identity provider has a private (secret) key used to generate the signature, and the consumer of the JWT gets a public key to validate the signature. Since the public key, as opposed to the private key, doesn't need to be kept secured, most identity providers make it easily available for consumers to obtain and use (usually through a metadata URL).
HS256 (HMAC with SHA-256), on the other hand, involves a combination of a hashing function and one (secret) key that is shared between the two parties used to generate the hash that will serve as the signature. Since the same key is used both to generate the signature and to validate it, care must be taken to ensure that the key is not compromised.
If you will be developing the application consuming the JWTs, you can safely use HS256, because you will have control on who uses the secret keys.If, on the other hand, you don't have control over the client, or you have no way of securing a secret key, RS256 will be a better fit, since the consumer only needs to know the public (shared) key.
Since the public key is usually made available from metadata endpoints, clients can be programmed to retrieve the public key automatically. If this is the case (as it is with the .Net Core libraries), you will have less work to do on configuration (the libraries will fetch the public key from the server). Symmetric keys, on the other hand, need to be exchanged out of band (ensuring a secure communication channel), and manually updated if there is a signing key rollover.
Auth0 provides metadata endpoints for the OIDC, SAML and WS-Fed protocols, where the public keys can be retrieved. You can see those endpoints under the "Advanced Settings" of a client.
The OIDC metadata endpoint, for example, takes the form of https://{account domain}/.well-known/openid-configuration. If you browse to that URL, you will see a JSON object with a reference to https://{account domain}/.well-known/jwks.json, which contains the public key (or keys) of the account.
If you look at the RS256 samples, you will see that you don't need to configure the public key anywhere: it's retrieved automatically by the framework.
这篇关于RS256 vs HS256:有什么区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!