腾讯云通信UserSig生成.Net实现
程序员文章站
2022-12-13 20:50:42
腾讯云通信后台生成usersig只有java实现代码。以下是根据java代码转换为net实现,java版GitHub地址:https://github.com/TencentVideoCloudMLVBDev/usersig_server_source/blob/master/java/WebRTC ......
腾讯云通信后台生成usersig只有java实现代码。以下是根据java代码转换为net实现,java版github地址:https://github.com/tencentvideocloudmlvbdev/usersig_server_source/blob/master/java/webrtcsigapi.java。
需要使用类库:portable.bouncycastle,sharpziplib,直接从nuget下载安装即可。
另外我正在实现腾讯云im服务端sdk .netcore版本,github地址:https://github.com/yangxuilyx/qcloudim.aspnetcore
public class tlssignature { /// <summary> /// 获取用户sign /// </summary> /// <param name="appid">appid</param> /// <param name="privatekey">私钥</param> /// <param name="userid">用户名</param> /// <param name="expire">usersig有效期,出于安全考虑建议为300秒,您可以根据您的业务场景设置其他值。</param> /// <returns>生成的usersig</returns> public static string genusersig(string appid, string privatekey, string userid, int expire) { var time = datetime.now.ticks / 1000; string serialstring = "tls.appid_at_3rd:" + 0 + "\n" + "tls.account_type:" + 0 + "\n" + "tls.identifier:" + userid + "\n" + "tls.sdk_appid:" + appid + "\n" + "tls.time:" + time + "\n" + "tls.expire_after:" + expire + "\n"; var sign = convert.tobase64string(sign(privatekey, encoding.utf8.getbytes(serialstring))); string jsonstring = "{" + "\"tls.account_type\":\"" + 0 + "\"," + "\"tls.identifier\":\"" + userid + "\"," + "\"tls.appid_at_3rd\":\"" + 0 + "\"," + "\"tls.sdk_appid\":\"" + appid + "\"," + "\"tls.expire_after\":\"" + expire + "\"," + "\"tls.sig\":\"" + sign + "\"," + "\"tls.time\":\"" + time + "\"," + "\"tls.version\": \"201512300000\"" + "}"; var compressbytes = compress(encoding.utf8.getbytes(jsonstring)); var usersign = base64urlencode(compressbytes); return usersign; } private static byte[] compress(byte[] data) { deflater mdeflater = new deflater(); mdeflater.setinput(data); mdeflater.finish(); byte[] compressbytes = new byte[512]; int compressbyteslength = mdeflater.deflate(compressbytes); mdeflater.flush(); return compressbytes.take(compressbyteslength).toarray(); } /// <summary> /// ecdsa-sha256签名 /// </summary> /// <param name="privatekey">私钥</param> /// <param name="data">需要签名的数据</param> /// <returns></returns> private static byte[] sign(string privatekey, byte[] data) { ecprivatekeyparameters privatekeyparam = (ecprivatekeyparameters)privatekeyfactory.createkey(convert.frombase64string(privatekey)); var signer = signerutilities.getsigner("sha256withecdsa"); signer.init(true, privatekeyparam); signer.blockupdate(data, 0, data.length); return signer.generatesignature(); } /// <summary> /// 验证ecdsa-sha256签名 /// </summary> /// <param name="publickey">公钥</param> /// <param name="data">需要验证的数据原文</param> /// <param name="sig">需要验证的签名</param> /// <returns>true:验证成功 false:验证失败</returns> public static bool verify(string publickey, byte[] data, byte[] sig) { ecpublickeyparameters publickeyparam = (ecpublickeyparameters)publickeyfactory.createkey(convert.frombase64string(publickey)); var signer = signerutilities.getsigner("sha256withecdsa"); signer.init(false, publickeyparam); signer.blockupdate(data, 0, data.length); return signer.verifysignature(sig); } private static string base64urlencode(byte[] data) { return convert.tobase64string(data).replace('+', '*').replace('/', '-') .replace('=', '_'); } private static string base64urldecode(byte[] data) { return convert.tobase64string(data).replace('*', '+').replace('-', '/') .replace('_', '='); } }