C# IDX10634:无法创建SignatureProvider SignatureAlgorithm:&x27;SHA256&x27;,
我尝试了以下建议,它适用于SecurityAlgorithms.HmacSha256Signature 建议代码:C# IDX10634:无法创建SignatureProvider SignatureAlgorithm:&x27;SHA256&x27;,,c#,C#,我尝试了以下建议,它适用于SecurityAlgorithms.HmacSha256Signature 建议代码: SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(symmetricKey), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature) 但它不适用于SecurityAlgorithms.rsasa256签名
SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(symmetricKey), Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature)
但它不适用于SecurityAlgorithms.rsasa256签名
Microsoft.IdentityModel.Tokens.SigningCredentials SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(_signingKey, SecurityAlgorithms.RsaSha256Signature);
我得到了下面的错误
DX10634:无法创建SignatureProvider
SignatureAlgorithm:'SHA256',SecurityKey:'Microsoft.IdentityModel.Tokens.SymmetricSecurityKey'不受支持
我需要将JWT令牌转换为Sha256。请提供带有示例代码的解决方案
请查找我的代码:
string _privateSecretKey = "MIIEogIBAAKCAQEAytYejMhaYjZwFgqP7WKh2bkf08=";
Microsoft.IdentityModel.Tokens.SymmetricSecurityKey _signingKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(Encoding.ASCII.GetBytes(_privateSecretKey));
Microsoft.IdentityModel.Tokens.SigningCredentials SigningCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(_signingKey, SecurityAlgorithms.RsaSha256Signature);
JwtHeader head = new JwtHeader();
head.Add("kid", "firstpublickey");//TBD
string sNewGuid = Guid.NewGuid().ToString("n");
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Iss, oTokenPostData.ClientID),
new Claim(JwtRegisteredClaimNames.Sub, oTokenPostData.ClientID),
new Claim(JwtRegisteredClaimNames.Aud, oTokenPostData.tokenUri),
new Claim(JwtRegisteredClaimNames.Jti, sNewGuid),
new Claim(JwtRegisteredClaimNames.Exp, ((int)DateTime.Now.AddMinutes(55).Subtract(UnixEpoch).TotalSeconds).ToString(System.Globalization.CultureInfo.InvariantCulture)),
new Claim(JwtRegisteredClaimNames.Iat, ((int)DateTime.Now.Subtract(UnixEpoch).TotalSeconds).ToString(System.Globalization.CultureInfo.InvariantCulture))
};
JwtPayload payload = new JwtPayload(claims);
JwtSecurityToken jwt = new JwtSecurityToken(head, payload);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
JWT正在使用以下代码进行转换
using Microsoft.IdentityModel.Tokens;
using System;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
namespace ConsoleApplication2
{
private class JWT
{
private bool verbose = false;
public string GenerateJWT()
{
DateTime UnixEpoch = new DateTime(1970, 1, 1, 0, 0, 0, 0, DateTimeKind.Utc);
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
// Provide proper private key
string privateSecretKey = "OfED+KgbZxtu4e4+JSQWdtSgTnuNixKy1nMVAEww8QL3IN33XusJhrz9HXmIrdyX2F41xJHG4uj5/2Dzv3xjYYvqxexm3X3X5TOf3WoM1VNloJ7UnbqUJOiEjgK8sRdJntgfomO4U8s67cpysk0h9rc0He4xRspEjOapFfDg+VG8igidcNgbNDSSaV4491Fo3sq2aGSCtYvekzs7JwXJnNAyvDSJjfK/7M8MpxSMnm1vMscBXyiYFXhGC4wqWlYBE828/5DNyw3QZW5EjD7hvDrY5OlYd4smCTa53helNnJz5NT9HQaDbE2sMwIDAQABAoIBAEs63TvT94njrPDP3A/sfCEXg1F2y0D/PjzUhM1aJGcRiOUXnGlYdViGhLnnJoNZTZm9qI1LT0NWcDA5NmBN6gcrk2EApyTt1D1i4AQ66rYoTF9iEC4Wye28v245BYESA6IIelgIxXGsVyllERsbTkaphzibbYfHmvwMxkn135Zfzd/NOXl/O32vYIomzrNEP+tN2WXhhG8c8+iZ8PErBV3CqrYogYy97d2CeQbXcpd5unPiU4TK0nnzeBAXdgeYuJHFC45YHl9UvShRoe6CHR47ceIGp6WMc5BTyyTkZpctuYJTwaChdj/QuRSkTYmn6jFL+MRfYQJ8VVwSVo5DbkECgYEA4/YIMKcwObYcSuHzgkMwH645CRDoy9M98eptAoNLdJBHYz23U5IbGL1+qHDDCPXxKs9ZG7EEqyWezq42eoFoebLA5O6/xrYXoaeIb094dbCF4D932hAkgAaAZkZVsSiWDCjYSV+JoWX4NVBcIL9yyHRhaaPVULTRbPsZQWq9+hMCgYEA48j4RGO7CaVpgUVobYasJnkGSdhkSCd1VwgvHH3vtuk7/JGUBRaZc0WZGcXkAJXnLh7QnDHOzWASdaxVgnuviaDi4CIkmTCfRqPesgDR2Iu35iQsH7P2/o1pzhpXQS/Ct6J7/GwJTqcXCvp4tfZDbFxS8oewzp4RstILj+pDyWECgYByQAbOy5xB8GGxrhjrOl1OI3V2c8EZFqA/NKy5y6/vlbgRpwbQnbNy7NYj+Y/mV80tFYqldEzQsiQrlei78Uu5YruGgZogL3ccj+izUPMgmP4f6+9XnSuN9rQ3jhy4k4zQP1BXRcim2YJSxhnGV+1hReLknTX2IwmrQxXfUW4xfQKBgAHZW8qSVK5bXWPjQFnDQhp92QM4cnfzegxe0KMWkp+VfRsrw1vXNx";
rsa = DecodeRSAPrivateKey(FromBase64Url(privateSecretKey));
//convert to csp format
var bytes = rsa.ExportCspBlob(false);
var publicKey = Convert.ToBase64String(bytes);
//
RsaSecurityKey _signingKey = new RsaSecurityKey(rsa);
Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials =
new Microsoft.IdentityModel.Tokens.SigningCredentials(_signingKey, SecurityAlgorithms.RsaSha256);
JwtHeader head = new JwtHeader(signingCredentials);
head.Add("kid", "lzo-firstpublickey");
string sNewGuid = Guid.NewGuid().ToString("n");
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Iss, "s6BhdRkqt3"),
new Claim(JwtRegisteredClaimNames.Sub, "s6BhdRkqt3"),
new Claim(JwtRegisteredClaimNames.Aud, "https://cis.ncrs/connect/token"),
new Claim(JwtRegisteredClaimNames.Jti, sNewGuid),
new Claim(JwtRegisteredClaimNames.Exp, ((Int64)DateTime.Now.AddMinutes(55).Subtract(UnixEpoch).TotalSeconds).ToString(System.Globalization.CultureInfo.InvariantCulture), ClaimValueTypes.Integer64),
new Claim(JwtRegisteredClaimNames.Iat, ((Int64)DateTime.Now.Subtract(UnixEpoch).TotalSeconds).ToString(System.Globalization.CultureInfo.InvariantCulture), ClaimValueTypes.Integer64)
};
JwtPayload payload = new JwtPayload(claims);
JwtSecurityToken jwt = new JwtSecurityToken(head, payload);
jwt.SigningKey = _signingKey;
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return encodedJwt;
}
private static byte[] FromBase64Url(string base64Url)
{
string base64 = string.Empty;
if (!string.IsNullOrEmpty(base64Url))
{
string padded = base64Url.Length % 4 == 0
? base64Url : base64Url + "====".Substring(base64Url.Length % 4);
base64 = padded.Replace("_", "/")
.Replace("-", "+");
}
return Convert.FromBase64String(base64);
}
private RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;
// --------- Set up stream to decode the asn.1 encoded RSA private key ------
System.IO.MemoryStream mem = new System.IO.MemoryStream(privkey);
System.IO.BinaryReader binr = new System.IO.BinaryReader(mem); //wrap Memory Stream with BinaryReader for easy reading
byte bt = 0;
ushort twobytes = 0;
int elems = 0;
try
{
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8230)
binr.ReadInt16(); //advance 2 bytes
else
return null;
twobytes = binr.ReadUInt16();
if (twobytes != 0x0102) //version number
return null;
bt = binr.ReadByte();
if (bt != 0x00)
return null;
//------ all private key components are Integer sequences ----
elems = GetIntegerSize(binr);
MODULUS = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
E = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
D = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
P = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
Q = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
IQ = binr.ReadBytes(elems);
Console.WriteLine("showing components ..");
if (verbose)
{
showBytes("\nModulus", MODULUS);
showBytes("\nExponent", E);
showBytes("\nD", D);
showBytes("\nP", P);
showBytes("\nQ", Q);
showBytes("\nDP", DP);
showBytes("\nDQ", DQ);
showBytes("\nIQ", IQ);
}
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAparams = new RSAParameters();
RSAparams.Modulus = MODULUS;
RSAparams.Exponent = E;
RSAparams.D = D;
RSAparams.P = P;
RSAparams.Q = Q;
RSAparams.DP = DP;
RSAparams.DQ = DQ;
RSAparams.InverseQ = IQ;
RSA.ImportParameters(RSAparams);
return RSA;
}
catch (Exception)
{
return null;
}
finally
{
binr.Close();
}
}
private void showBytes(String info, byte[] data)
{
Console.WriteLine("{0} [{1} bytes]", info, data.Length);
for (int i = 1; i <= data.Length; i++)
{
Console.Write("{0:X2} ", data[i - 1]);
if (i % 16 == 0)
Console.WriteLine();
}
Console.WriteLine("\n\n");
}
private int GetIntegerSize(System.IO.BinaryReader binr)
{
byte bt = 0;
byte lowbyte = 0x00;
byte highbyte = 0x00;
int count = 0;
bt = binr.ReadByte();
if (bt != 0x02) //expect integer
return 0;
bt = binr.ReadByte();
if (bt == 0x81)
count = binr.ReadByte(); // data size in next byte
else
if (bt == 0x82)
{
highbyte = binr.ReadByte(); // data size in next 2 bytes
lowbyte = binr.ReadByte();
byte[] modint = { lowbyte, highbyte, 0x00, 0x00 };
count = BitConverter.ToInt32(modint, 0);
}
else
{
count = bt; // we already have the data size
}
while (binr.ReadByte() == 0x00)
{ //remove high order zeros in data
count -= 1;
}
binr.BaseStream.Seek(-1, System.IO.SeekOrigin.Current); //last ReadByte wasn't a removed zero, so back up a byte
return count;
}
}
使用Microsoft.IdentityModel.Tokens;
使用制度;
使用System.IdentityModel.Tokens.Jwt;
使用System.Security.Claims;
使用System.Security.Cryptography;
使用System.Security.Cryptography.X509证书;
使用系统文本;
命名空间控制台应用程序2
{
私有类JWT
{
private bool verbose=false;
公共字符串GenerateJWT()
{
DateTime UnixEpoch=新的DateTime(1970,1,1,0,0,0,0,DateTimeKind.Utc);
RSACryptoServiceProvider rsa=新的RSACryptoServiceProvider();
//提供适当的私钥
字符串privateSecretKey="2.在这一领域中,研究者们提出了一种新的研究方法:一种新的研究方法,一种新的研究方法,一种新的X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X X 63TVT94NJRPDP3A/sfCEXg2.目前,他们已经开始了一个研究,并开始了一个研究。他们已经开始了一个研究。一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,一个研究,2 2 4 4 4 4 4 4个研究,2 4 4 4个研究,2 4 4 4个研究,2 4 4 4 4 4 4 4个研究,4 4 4 4 4 4 4个研究,4 4 4个研究,4 4 4个研究,通过的研究,4 4 4个研究,2,2,4 4个研究者们的研究者,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,HZGKMWH645CR目前,中国政府已经开始了一个新的一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年的的时间,一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年一年的的时间的时间的时间,一年一年一年一年一年一年一年一年一年一年一年一个BOY5xB8GGXRHJROL1OI3V2c8EZFqA/NKy5y6/vlbgRpwbQnbNy7NYj+Y/MV80TFYQLDEQSIQRLEI78UUU5YRUGZOGL3CJ+izUPMgmP4f6+9XNSUN9RQ3JHY4K4ZQP1BXRCIM2YJSHNGV+1HRELKNTX2IWMRQXXFUW4XFQKbGAHZW8QSVK5BXWPJQNDQ92QM4CNFZEG0KMWKKP+VfRsrw1vXNx”;
rsa=DecodeRSAPrivateKey(来自Base64URL(privateSecretKey));
//转换为csp格式
var bytes=rsa.ExportCspBlob(false);
var publicKey=Convert.ToBase64String(字节);
//
RsaSecurityKey _signingKey=新的RsaSecurityKey(rsa);
Microsoft.IdentityModel.Tokens.Signing凭据Signing凭据=
新的Microsoft.IdentityModel.Tokens.SigningCredentials(_signingKey,SecurityAlgorithms.rsasa256);
JwtHeader HEADER=新JwtHeader(签名凭证);
添加(“kid”、“lzo firstpublickey”);
字符串sNewGuid=Guid.NewGuid().ToString(“n”);
风险值索赔=新[]
{
新索赔(JwtRegisteredClaimNames.Iss,“s6BhdRkqt3”),
新的索赔(JwtRegisteredClaimNames.Sub,“s6BhdRkqt3”),
新索赔(JwtRegisteredClaimNames.Aud,“https://cis.ncrs/connect/token"),
新索赔(JwtRegisteredClaimNames.Jti,sNewGuid),
新声明(JwtRegisteredClaimNames.Exp,((Int64)DateTime.Now.AddMinutes(55)。Subtract(UnixEpoch.TotalSeconds)。ToString(System.Globalization.CultureInfo.InvariantCulture),ClaimValueTypes.Integer64),
新声明(JwtRegisteredClaimNames.Iat,((Int64)DateTime.Now.Subtract(UnixEpoch.TotalSeconds).ToString(System.Globalization.CultureInfo.InvariantCulture),ClaimValueTypes.Integer64)
};
JwtPayload有效载荷=新的JwtPayload(索赔);
JwtSecurityToken jwt=新JwtSecurityToken(头,有效负载);
jwt.SigningKey=_SigningKey;
var encodedJwt=新的JwtSecurityTokenHandler().WriteToken(jwt);
返回编码djwt;
}
base64Url的专用静态字节[](字符串base64Url)
{
string base64=string.Empty;
如果(!string.IsNullOrEmpty(base64Url))
{
字符串填充=base64Url。长度%4==0
?base64Url:base64Url+“=”。子字符串(base64Url.Length%4);
base64=填充。替换(““,“/”)
.替换(“-”、“+”);
}
返回Convert.FromBase64String(base64);
}
专用RSACryptServiceProvider DecodeRSAPrivateKey(字节[]privkey)
{
字节[]模数,E,D,P,Q,DP,DQ,IQ;
//------设置流以解码asn.1编码的RSA私钥------
System.IO.MemoryStream mem=新的System.IO.MemoryStream(私钥);
System.IO.BinaryReader binr=新的System.IO.BinaryReader(mem);//使用BinaryReader包装内存流以便于读取
字节bt=0;
ushort-twobytes=0;
整数=0;
尝试
{
twobytes=binr.ReadUInt16();
if(twobytes==0x8130)//数据以小尾端顺序读取(序列的实际数据顺序为3081)
binr.ReadByte();//前进1字节
else if(两个字节==0x8230)
binr.ReadInt16();//前进2字节
其他的
返回null;
twobytes=binr.ReadUInt16();
if(twobytes!=0x0102)//版本号
返回null;
bt=binr.ReadByte();
如果(bt!=0x00)
返回null;
//------所有私钥组件都是整数序列----
elems=getintegerize(binr);
模数=二进制读取字节(elems);
elems=getintegerize(binr);
E=二进制读取字节(elems);