腾讯云通信UserSig生成.Net实现
程序员文章站
2022-04-28 13:41:15
腾讯云通信后台生成usersig只有java实现代码。以下是根据java代码转换为net实现,java版GitHub地址:https://github.com/TencentVideoCloudMLVBDev/usersig_server_source/blob/master/java/WebRTC ......
腾讯云通信后台生成usersig只有java实现代码。以下是根据java代码转换为net实现,java版github地址:https://github.com/tencentvideocloudmlvbdev/usersig_server_source/blob/master/java/webrtcsigapi.java。
需要使用类库:portable.bouncycastle,sharpziplib,直接从nuget下载安装即可。
另外我正在实现腾讯云im服务端sdk .netcore版本,github地址:https://github.com/yangxuilyx/qcloudim.aspnetcore
public class tlssignature
{
/// <summary>
/// 获取用户sign
/// </summary>
/// <param name="appid">appid</param>
/// <param name="privatekey">私钥</param>
/// <param name="userid">用户名</param>
/// <param name="expire">usersig有效期,出于安全考虑建议为300秒,您可以根据您的业务场景设置其他值。</param>
/// <returns>生成的usersig</returns>
public static string genusersig(string appid, string privatekey, string userid, int expire)
{
var time = datetime.now.ticks / 1000;
string serialstring =
"tls.appid_at_3rd:" + 0 + "\n" +
"tls.account_type:" + 0 + "\n" +
"tls.identifier:" + userid + "\n" +
"tls.sdk_appid:" + appid + "\n" +
"tls.time:" + time + "\n" +
"tls.expire_after:" + expire + "\n";
var sign = convert.tobase64string(sign(privatekey, encoding.utf8.getbytes(serialstring)));
string jsonstring = "{"
+ "\"tls.account_type\":\"" + 0 + "\","
+ "\"tls.identifier\":\"" + userid + "\","
+ "\"tls.appid_at_3rd\":\"" + 0 + "\","
+ "\"tls.sdk_appid\":\"" + appid + "\","
+ "\"tls.expire_after\":\"" + expire + "\","
+ "\"tls.sig\":\"" + sign + "\","
+ "\"tls.time\":\"" + time + "\","
+ "\"tls.version\": \"201512300000\""
+ "}";
var compressbytes = compress(encoding.utf8.getbytes(jsonstring));
var usersign = base64urlencode(compressbytes);
return usersign;
}
private static byte[] compress(byte[] data)
{
deflater mdeflater = new deflater();
mdeflater.setinput(data);
mdeflater.finish();
byte[] compressbytes = new byte[512];
int compressbyteslength = mdeflater.deflate(compressbytes);
mdeflater.flush();
return compressbytes.take(compressbyteslength).toarray();
}
/// <summary>
/// ecdsa-sha256签名
/// </summary>
/// <param name="privatekey">私钥</param>
/// <param name="data">需要签名的数据</param>
/// <returns></returns>
private static byte[] sign(string privatekey, byte[] data)
{
ecprivatekeyparameters privatekeyparam = (ecprivatekeyparameters)privatekeyfactory.createkey(convert.frombase64string(privatekey));
var signer = signerutilities.getsigner("sha256withecdsa");
signer.init(true, privatekeyparam);
signer.blockupdate(data, 0, data.length);
return signer.generatesignature();
}
/// <summary>
/// 验证ecdsa-sha256签名
/// </summary>
/// <param name="publickey">公钥</param>
/// <param name="data">需要验证的数据原文</param>
/// <param name="sig">需要验证的签名</param>
/// <returns>true:验证成功 false:验证失败</returns>
public static bool verify(string publickey, byte[] data, byte[] sig)
{
ecpublickeyparameters publickeyparam = (ecpublickeyparameters)publickeyfactory.createkey(convert.frombase64string(publickey));
var signer = signerutilities.getsigner("sha256withecdsa");
signer.init(false, publickeyparam);
signer.blockupdate(data, 0, data.length);
return signer.verifysignature(sig);
}
private static string base64urlencode(byte[] data)
{
return convert.tobase64string(data).replace('+', '*').replace('/', '-')
.replace('=', '_');
}
private static string base64urldecode(byte[] data)
{
return convert.tobase64string(data).replace('*', '+').replace('-', '/')
.replace('_', '=');
}
}