与RESTful API相比,使用RSA签名JWT与SHA相比有什么优势? [英] What advantage does signing a JWT with RSA have over SHA in the contect of a RESTful API?
问题描述
我有一个后端,它公开了一个RESTful API,该API当前对所有人免费"(但使用https).
I have a backend which exposes a RESTful API which is currently 'free for all' (but uses https).
我现在想添加RBAC(基于角色的访问控制),并且JWT似乎是必去之路,并且我对JWT有了很多了解,但是看不到使用RSA而不是SHA来对令牌进行签名的优势.
I now want to add RBAC (role-based access control) and JWT seems the way to go and I read a lot about JWT, but don't see the advantage of using RSA over SHA to sign the token.
假设用户已认证并获得了密钥,可以是共享密钥,也可以是公共/私有密钥.
Assumption is that the user has authenticated and obtained a key, be it shared or public/private.
现在,在我看来,在两种情况下-SHA或RSA HMAC-双方(客户端和服务器)都必须具有共享密钥,或者在RSA情况下,它们必须具有私钥/公钥的一半.服务器必须根据JWT中的声明找到该密钥(在表或数据库中),以验证令牌的签名.一旦在JWT中确认了声称的用户,它将使用已配置的角色授权该请求.
Now, it seems to me that in both cases - SHA or RSA HMAC - both parties (client and server) must have the shared key, or their half of the private/public key in the case of RSA. And the server must find that key (in a table or database) based on a claim in the JWT in order to verify the token's signature. Once it has confirmed the purported user in the JWT it will then authorise the request using the configured roles.
那么在这种情况下RSA有什么优势?
So what are the advantages of RSA in that scenario ?
推荐答案
我假设您在这里谈论的是RSxxx(例如RSA256)和HSxxx(例如HS256(HMAC-SHA256))算法.主要区别在于HS256是对称算法,而RS256是非对称算法.对称算法仅使用一个密钥(或秘密)进行签名和验证,而非对称算法则使用私钥进行签名和公钥来验证令牌.
I assume you're talking about RSxxx (e.g. RSA256) and HSxxx (e.g. HS256 (HMAC-SHA256)) algorithms here. The main difference is that HS256 is an symmetric algorithm while RS256 is an asymmetric algorithm. Symmetric algorithms just use one key (or secret) for signing and verifying, whereas asymmetric algorithms use the private key to sign and the public key to verify the token.
如果您共享用于HS256的机密,那么知道该机密的每个人都可以发布或修改并重新签名令牌.如果您与客户共享机密,那将破坏签名的目的.如果使用RS256或任何其他非对称算法,则只有身份验证服务器才能知道私钥,并且需要验证令牌的任何人都可以使用公钥来做到这一点.匹配密钥通常由令牌标题中的 KID (密钥ID)声明标识.
If you share the secret used for HS256, everyone knowing the secret could issue or modify and re-sign a token. That would defeat the purpose of the signature if you share the secret with the client. In case of RS256 or any other asymmetric algorithm, only the authentication server knows the private key and anyone who need to verify the token can use the public key to do so. The matching key is usually identified by the KID (Key Id) claim in the header of the token.
但是通常,签名和验证仅在服务器端完成,客户端不需要验证令牌,因此根本不需要知道密钥或机密.因此,在简单服务的情况下,当身份验证和资源服务器相同时,仍可以依靠对称算法.但是,一旦为多个资源服务器使用一台单独的身份验证服务器,就应该使用非对称算法.
But usually, signing and verifying is only done on server side, the client does not need to verify the token and thus does not need to know the key or secret at all. Therefore you can in case of a simple service, when authentication and resource server are the same, still rely on a symmetric algorithms. But once you have one separate authentication server for several resource servers, asymmetric algotrithms should be used.
这篇关于与RESTful API相比,使用RSA签名JWT与SHA相比有什么优势?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
