密钥应存储在客户端应用程序中以及服务器中的哪些秘密?使用nacl.net/salt
这是我第一次尝试 nacl.net 在这里不利。
nuget从这里
https://wwwww.nuget.org/packages/packages/nacl.net/
我从此处获取代码使用量
https://github.com/somdoron/nacl.nacl.nacl.net
我需要准确地做这个家伙试图做的
在C#中使用尽可能小的数字签名签署消息,
他发布了一个很好的答案。但是没有代码。
从github代码中,我将其复制在一起以进行测试。 (现在一切都还好)
var rng = RandomNumberGenerator.Create();
Curve25519XSalsa20Poly1305.KeyPair(out var aliceSecretKey, out var alicePublicKey);
Curve25519XSalsa20Poly1305.KeyPair(out var bobSecretKey, out var bobPublicKey);
Curve25519XSalsa20Poly1305 aliceBox = new Curve25519XSalsa20Poly1305(aliceSecretKey, bobPublicKey);
Curve25519XSalsa20Poly1305 bobBox = new Curve25519XSalsa20Poly1305(bobSecretKey, alicePublicKey);
// Generating random nonce
byte[] nonce = new byte[Curve25519XSalsa20Poly1305.NonceLength];
rng.GetBytes(nonce);
// Plaintext message
byte[] message = Encoding.UTF8.GetBytes("Hey Bob");
// Prepare the buffer for the ciphertext, must be message length and extra 16 bytes for the authentication tag
byte[] cipher = new byte[message.Length + Curve25519XSalsa20Poly1305.TagLength];
// Encrypting using alice box
aliceBox.Encrypt(cipher, message, nonce);
// Decrypting using bob box
byte[] plain = new byte[cipher.Length - Curve25519XSalsa20Poly1305.TagLength];
bool isVerified = bobBox.TryDecrypt(plain, cipher, nonce);
var originalmessage = Encoding.UTF8.GetString(plain);
我们都知道RSA,ECC算法给定私钥,公共密钥。
安全的方法是 public-key 保留以验证签名客户端应用程序仅
在许可证服务器中保留私有键,
而现在上述库使我发疯了。它给出以下键
alicesecretkey,alicePublicKey 和 bobsecretkey,bobpublickey
我需要给予上面的许可证服务器和客户端应用程序
假设 Alice 是许可证服务器。 bob 是客户端应用程序
,因此应存储哪些密钥?
是bobsecretkey,应该存储在客户端中的AlicePublickey键 应用方?
请接受我的道歉, 我什至不知道这种奇怪的算法如何起作用!
This is first time I try NACl.NET which are desribed here well.
Nuget from here
https://www.nuget.org/packages/NaCl.Net/
I take code usage from here
https://github.com/somdoron/nacl.net
I need to exactly do what this guy was trying to do
Sign a message with as small as possible digital signature in c#
He post a very nice answer. But without code.
From Github code I copied it the same for test. (Everything is OK for now)
var rng = RandomNumberGenerator.Create();
Curve25519XSalsa20Poly1305.KeyPair(out var aliceSecretKey, out var alicePublicKey);
Curve25519XSalsa20Poly1305.KeyPair(out var bobSecretKey, out var bobPublicKey);
Curve25519XSalsa20Poly1305 aliceBox = new Curve25519XSalsa20Poly1305(aliceSecretKey, bobPublicKey);
Curve25519XSalsa20Poly1305 bobBox = new Curve25519XSalsa20Poly1305(bobSecretKey, alicePublicKey);
// Generating random nonce
byte[] nonce = new byte[Curve25519XSalsa20Poly1305.NonceLength];
rng.GetBytes(nonce);
// Plaintext message
byte[] message = Encoding.UTF8.GetBytes("Hey Bob");
// Prepare the buffer for the ciphertext, must be message length and extra 16 bytes for the authentication tag
byte[] cipher = new byte[message.Length + Curve25519XSalsa20Poly1305.TagLength];
// Encrypting using alice box
aliceBox.Encrypt(cipher, message, nonce);
// Decrypting using bob box
byte[] plain = new byte[cipher.Length - Curve25519XSalsa20Poly1305.TagLength];
bool isVerified = bobBox.TryDecrypt(plain, cipher, nonce);
var originalmessage = Encoding.UTF8.GetString(plain);
As we all know the RSA, ECC algorithms given private key, public key.
The secure way is that public-key kept for verify signature in the Client application only
While private-key kept for create signature in the License Server only
Now the above library made me mad. It give following keys
aliceSecretKey, alicePublicKey and bobSecretKey, bobPublicKey
I need to give example above for License Server and a Client Application
Assume that Alice is a License Server. Bob is a Client application
So which keys should stored in Client application?
Is it bobSecretKey, alicePublicKey keys that should stored in client
application side?
Please accept my apologies,
I don't even know how this strange algorithm works!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论