RSA:在JavaScript加密密码,但未能解密,在C# [英] RSA: Encrypt password in javascript but failed to decrypt that in C#
问题描述
我要的RSA加密应用到我的项目,但遇到一些麻烦:
I want apply the RSA encryption to my project, but encountered some troubles:
- 首先,我必须下载从$的的JavaScript库b $ b http://www.ohdave.com/rsa/ ,并添加引用到我的项目
-
二,我定义了RSA对象和代码初始化:
- First, I have download the JavaScripts library from http://www.ohdave.com/rsa/ ,and add reference to my project;
Second, I have define the RSA object and code to initialize that:
internal RSACryptoServiceProvider Rsa
{
get
{
if (HttpContext.Cache["Rsa"] != null)
{
RSACryptoServiceProvider encryptKeys = (RSACryptoServiceProvider)HttpContext.Cache["Rsa"];
return encryptKeys;
}
else
{
return new RSACryptoServiceProvider(1024);
}
}
set
{
HttpContext.Cache.Remove("Rsa");
HttpContext.Cache.Insert("Rsa", value);
}
}
public ActionResult SignUp()
{
this.Rsa = Security.GetRsa();
RSAParameters param= this.Rsa.ExportParameters(true);
//this will bind to view
TempData["exponent"] = Util.BytesToHexString(param.Exponent);
TempData["key"] = Util.BytesToHexString(param.Modulus);
UserInfo user = new UserInfo();
user.Birthday = DateTime.Now.Date;
return View(user);
}
private RSACryptoServiceProvider GetRsa()
{
RSACryptoServiceProvider Rsa = new RSACryptoServiceProvider(1024);
return Rsa;
}
3.then,JavaScript的身边,我有一些代码,它加密密码用户输入和绑定的控制权:
3.then, on JavaScript side , I have code, it encrypt the password user input and the bind it control:
var hash = document.getElementById("Pwd").value;
var exponent = document.getElementById("exponent").innerHTML;
var rsa_n = document.getElementById("key").innerHTML;
setMaxDigits(131);
var key = new RSAKeyPair(exponent, "", rsa_n);
hash = encryptedString(key, "111");
document.getElementById("Pwd").value = hash;
document.getElementById("Pwd2").value = hash;
document.getElementById("error").innerHTML = "";
document.getElementById("submit").click();
4.当用户点击提交,我的C#代码得到加密的字符串PWD并试图对其进行解密,但失败,异常:坏数据:
4.when user click submit, my C# code get the encrypted pwd string and try to decrypt it but failed with exception: bad data:
[HttpPost]
public ActionResult SignUp(UserInfo user)
{
user.UserId = user.UserId.ToLower(); //ignore case
user.UserGUID = Guid.NewGuid();
user.CreatedDate = DateTime.Now;
user.IsEnabled = false;
user.Pwd = Convert.ToBase64String(Rsa.Decrypt(Util.HexStringToBytes(user.Pwd), false));//Exception:Rsa.Decrypt throw bad data exception
谁你知道如何解决它?预先感谢您。
who do you know how to fix it? thank you in advance.
推荐答案
我在大部分基于JavaScript的RSA加密解决方案非常类似的问题不是兼容与.NET的实现。
I had a very similar problem in that most of the JavaScript based RSA encryption solutions wasn't "compatible" with .NET's implementation.
几乎所有的实现我在网上找到了导致不兼容.NET的执行下列项目中的一个或两个。
Almost all the implementations I found online had one or both of the following items causing the incompatibility with .NET's implementation.
-
在JavaScript中的字节顺序编码和.NET使用的字节顺序不同。这是因为,例如一个字符串表示顺序不同的JS字节比它在.NET所以你需要加密前和解密后转换一个大问题。我相信这是不够的,只是反转的字节顺序相匹配的.NET,但不要可以引用我这句话
The byte order encoding in JavaScript is different to the byte order that .NET used. This is a biggie as for example a string is represented with a different order of bytes in JS than it is in .NET so you'll need to convert before encrypting and after decrypting. I believe it's enough to just reverse the byte order to match .NET, but don't quote me on that.
填充有所不同:.NET使用OAEP填充默认情况下,RSA所以JS实现RSA应该支持相同的填充了。我相信OAEP填充也被称为PKCS#1 2.0填充,但不要引用我,要么。
Padding was different: .NET uses OAEP padding by default for RSA so the JS implementation of RSA should support the same padding too. I believe OAEP padding is also called PKCS#1 v2.0 padding, but don't quote me on that either.
另外:我发现了一个惊人的JS库,叫做JavaScript.NET(从jocys.com),反映吨的.NET BCL功能,包括RSA实现,这样我甚至可以用类似的类,属性和方法。看看这个。我可以证实它与.NET RSA实现。搏一搏 - 在这里是它的一些链接:
Aside: I found an amazing JS library, called JavaScript.NET (from jocys.com) that mirrors tons of the .NET BCL functionality, including the RSA implementation, such that I could even use similar classes, properties and methods. Have a look at this. I can confirm it works with .NET RSA implementation. Give it a go - here are some links for it:
- Jocys JS.NET Code Project demo
- Jocys JS.NET Download
Hth以上
这篇关于RSA:在JavaScript加密密码,但未能解密,在C#的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
