当前位置:
首页 > temp > 简明python教程 >
-
JWT 使用加密算法RS256 非对称加密解密
参考文档:
https://gist.github.com/ssippe/8fc11c4d7e766e66f06db0431dba3f0a
https://github.com/dvsekhvalnov/jose-jwt
https://mac-blog.org.ua/dotnet-core-firebase-jwt/
需要引用如下包: jose-jwt (version=2.5.0)、BouncyCastle 版本不限
加密和解密方式为:私钥加密、公钥解密
生成私钥、公钥可以利用openssl工具、也可以通过在线上工具生成
私钥:
-----BEGIN PRIVATE KEY----- MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAMu4IDG1XU6a7bXo 4V1jSnbKk9Eum2WguAyq+maCRcP9JoHlE/HmhPOjl91aN5gDHw3pgB7QMMkPkuyY 0aG9UiIo7PbBgjXsNBErprKa8G7GKhDN4B3m8jxEi1NLtCk2H8AEf8H/deGFXCde fjQx0NDEDcTbJ8STfbsqrLhOq2xzAgMBAAECgYEAg1kZMNOd8IOFxqb7P2o4ZbUh b1rciL8CS/CleBiAgOgkvtWDcZFOoYQV83sqoxFIIYEuwS88dTZcZb32U5EsdYEx JvJwAAYnzpch/YAz0llvXSHzZwNfGGvs4qt0d74bFpPfveli82wSKMlykeajP2Ro RQpOniTYOWrJ01UHdUECQQDt1KTj/Xs5BNmEZAkJVmGekQROADk+ztceAe9UMj/J s5xECdXVwuFh2Rm62MMQNNoW2Pjz4Y5NqhjRu0MMZnlTAkEA20hZsgA78aqTO7s+ +y/CLgP3Cd7uG/5RkcmjBWq2eXkt6wmazZl0BMYb7vshblnMjFXJwuOmfBJl7rTr 1fg8YQJAEo4Jg0QObgdj1QFc9x6HJTDZLiC0VqMag1vRSTdWZK0fnutJhJDctp6S dFJe/Y+yCCBLY/OP/50qrIo4k+oWwwJAIn8hTTVoOL6C5xSv9cgvnhmVlYHyp4i8 wFieQs3k4vtDVARwzANmExIvdssfGUMbQMCGOxihKkeirYjcyQ6CQQJAbsbpzCjD wd9JCogmTu/xYqtL898ek7LeNkhgIY2KhYtlptxlHfzgLBUgiSTNTcD1YWtSSp6u A5ImxrryDYPmfg== -----END PRIVATE KEY-----
公钥:
-----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLuCAxtV1Omu216OFdY0p2ypPR LptloLgMqvpmgkXD/SaB5RPx5oTzo5fdWjeYAx8N6YAe0DDJD5LsmNGhvVIiKOz2 wYI17DQRK6aymvBuxioQzeAd5vI8RItTS7QpNh/ABH/B/3XhhVwnXn40MdDQxA3E 2yfEk327Kqy4TqtscwIDAQAB -----END PUBLIC KEY-----
核心代码:
/// <summary> /// JWT-RS256 加密 /// 私钥加密,公钥解密 /// </summary> /// <param name="payload">负荷部分,存储使用的信息</param> /// <param name="privateKey">私钥</param> /// <returns></returns> public static string JwtEncryptRS256(IDictionary<string, object> payload, string privateKey) { //可以扩展header //var headers = new Dictionary<string, object>() //{ // { "typ", "JWT" }, // { "cty", "JWT" }, // { "keyid", "111-222-333"} //}; using (var rsa = GetRSACryptoServiceProvider(privateKey, true)) //读取私钥 { var token = Jose.JWT.Encode(payload, rsa, Jose.JwsAlgorithm.RS256); //var token = Jose.JWT.Encode(payload, rsa, Jose.JwsAlgorithm.RS256, headers); //带header return token; } } /// <summary> /// JWT-RS256 解密 /// </summary> /// <param name="token">要解密的token</param> /// <param name="publicKey">公钥</param> /// <returns></returns> public static Dictionary<string, object> JwtDecryptRS256(string token, string publicKey) { try { using (var rsa = GetRSACryptoServiceProvider(publicKey, false)) //读取公钥 { var payload = Jose.JWT.Decode<Dictionary<string, object>>(token, rsa); return payload; } } catch (Exception ex) { return null; } } /// <summary> /// 根据 私钥 or 公钥 返回参数 /// </summary> /// <param name="key">私钥 or 公钥</param> /// <returns></returns> private static RSACryptoServiceProvider GetRSACryptoServiceProvider(string key, bool isprivate) { try { RSAParameters rsaParams; if (isprivate) { using (var sr = new StringReader(key)) { // use BouncyCastle to convert the key to RSA parameters //需要引用包 BouncyCastle var pemReader = new PemReader(sr); var keyPair = pemReader.ReadObject() as RsaPrivateCrtKeyParameters; if (keyPair == null) { //没有读到Privatekey } rsaParams = DotNetUtilities.ToRSAParameters(keyPair); } } else { using (var sr = new StringReader(key)) { var pemReader = new PemReader(sr); var keyPair = pemReader.ReadObject() as RsaKeyParameters; if (keyPair == null) { //没有读到Publickey } rsaParams = DotNetUtilities.ToRSAParameters(keyPair); } } var rsa = new RSACryptoServiceProvider(); rsa.ImportParameters(rsaParams); return rsa; } catch (Exception ex) { throw; } }
测试:
static void Main(string[] args) { string publicKey = File.ReadAllText(@"D:\Square\openssl\bin\rsa_public_key.pem"); string privateKey = File.ReadAllText(@"D:\Square\openssl\bin\rsa_private_key.pem"); int timestamp = TimeHelper.GetTimeStamp(DateTime.UtcNow.AddSeconds(5)); //时间戳 var payload = new Dictionary<string, object> { {"iss","123456"}, {"exp",timestamp} //5s }; var gettoken = JosejwtHelper.JwtEncryptRS256(payload, privateKey); //私钥加密 Console.WriteLine("加密结果:" + gettoken); Console.WriteLine("...."); var getvalue = JosejwtHelper.JwtDecryptRS256(gettoken, publicKey); //公钥解密 Console.WriteLine("解密结果:" + JsonConvert.SerializeObject(getvalue)); }
测试结果:
栏目列表
最新更新
nodejs爬虫
Python正则表达式完全指南
爬取豆瓣Top250图书数据
shp 地图文件批量添加字段
爬虫小试牛刀(爬取学校通知公告)
【python基础】函数-初识函数
【python基础】函数-返回值
HTTP请求:requests模块基础使用必知必会
Python初学者友好丨详解参数传递类型
如何有效管理爬虫流量?
2个场景实例讲解GaussDB(DWS)基表统计信息估
常用的 SQL Server 关键字及其含义
动手分析SQL Server中的事务中使用的锁
openGauss内核分析:SQL by pass & 经典执行
一招教你如何高效批量导入与更新数据
天天写SQL,这些神奇的特性你知道吗?
openGauss内核分析:执行计划生成
[IM002]Navicat ODBC驱动器管理器 未发现数据
初入Sql Server 之 存储过程的简单使用
SQL Server -- 解决存储过程传入参数作为s
关于JS定时器的整理
JS中使用Promise.all控制所有的异步请求都完
js中字符串的方法
import-local执行流程与node模块路径解析流程
检测数据类型的四种方法
js中数组的方法,32种方法
前端操作方法
数据类型
window.localStorage.setItem 和 localStorage.setIte
如何完美解决前端数字计算精度丢失与数