/// <summary>
/// Determines whether two specified <see cref="KeyManagementAlgorithm"/> objects have the same value.
/// </summary>
/// <param name="other"></param>
/// <returns></returns>
public bool Equals(KeyManagementAlgorithm?other)
{
if (other is null)
{
return(false);
}
return(_id == other._id);
}
/// <summary>
/// Initializes a new instance of <see cref="KeyManagementAlgorithm"/>.
/// </summary>
/// <param name="id"></param>
/// <param name="name"></param>
/// <param name="keyType"></param>
/// <param name="requiredKeySizeInBits"></param>
/// <param name="wrappedAlgorithm"></param>
/// <param name="produceEncryptedKey"></param>
public KeyManagementAlgorithm(byte id, string name, AlgorithmCategory keyType, ushort requiredKeySizeInBits, KeyManagementAlgorithm?wrappedAlgorithm, bool produceEncryptedKey)
{
_id = id;
_utf8Name = Utf8.GetBytes(name);
_category = keyType;
_requiredKeySizeInBits = requiredKeySizeInBits;
_wrappedAlgorithm = wrappedAlgorithm;
_produceEncryptionKey = produceEncryptedKey;
}
/// <summary>Initializes a new instance of <see cref="KeyManagementAlgorithm"/>. </summary>
public KeyManagementAlgorithm(AlgorithmId id, string name, AlgorithmCategory keyType, ushort requiredKeySizeInBits, KeyManagementAlgorithm?wrappedAlgorithm, Sha2?sha2, bool produceEncryptedKey)
{
_id = id;
_utf8Name = JsonEncodedText.Encode(name, JsonSerializationBehavior.JsonEncoder);
_category = keyType;
_requiredKeySizeInBits = requiredKeySizeInBits;
_wrappedAlgorithm = wrappedAlgorithm;
_produceEncryptionKey = produceEncryptedKey;
_sha2 = sha2;
}
/// <summary>Parses the current value of the <see cref="Utf8JsonReader"/> into its <see cref="KeyManagementAlgorithm"/> representation.</summary>
public static bool TryParse(ref Utf8JsonReader reader, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
var value = reader.ValueSpan;
if (TryParse(value, out algorithm))
{
return(true);
}
return(TryParseSlow(ref reader, out algorithm));
}
/// <summary>Parses the current value of the <see cref="Utf8JsonReader"/> into its <see cref="KeyManagementAlgorithm"/> representation.</summary>
public static bool TryParseSlow(ref Utf8JsonReader reader, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
var algorithms = _algorithms;
for (int i = 0; i < algorithms.Length; i++)
{
if (reader.ValueTextEquals(algorithms[i]._utf8Name.EncodedUtf8Bytes))
{
algorithm = algorithms[i];
return(true);
}
}
algorithm = null;
return(false);
}
/// <summary>
/// Defines the <see cref="Jwk"/> used as key for encryption.
/// </summary>
/// <param name="key"></param>
/// <param name="encryptionAlgorithm"></param>
/// <param name="keyManagementAlgorithm"></param>
/// <returns></returns>
public JwtDescriptorBuilder EncryptWith(Jwk key, EncryptionAlgorithm encryptionAlgorithm, KeyManagementAlgorithm?keyManagementAlgorithm)
{
if (key is null)
{
ThrowHelper.ThrowArgumentNullException(ExceptionArgument.key);
}
if (encryptionAlgorithm is null)
{
ThrowHelper.ThrowArgumentNullException(ExceptionArgument.encryptionAlgorithm);
}
_encryptionKey = key;
_keyManagementAlgorithm = keyManagementAlgorithm;
_encryptionAlgorithm = encryptionAlgorithm;
return(this);
}
/// <summary>Parses the current value of the <see cref="Utf8JsonReader"/> into its <see cref="KeyManagementAlgorithm"/> representation.</summary>
public static bool TryParseSlow(ref Utf8JsonReader reader, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
var algorithms = _algorithms;
for (int i = 0; i < algorithms.Length; i++)
{
if (reader.ValueTextEquals(algorithms[i]._utf8Name.EncodedUtf8Bytes))
{
algorithm = algorithms[i];
return(true);
}
}
#if NET5_0_OR_GREATER
Unsafe.SkipInit(out algorithm);
#else
algorithm = default;
#endif
return(false);
}
public EcdhKeyWrapper(ECJwk key, EncryptionAlgorithm encryptionAlgorithm, KeyManagementAlgorithm algorithm)
: base(encryptionAlgorithm, algorithm)
{
Debug.Assert(key.SupportKeyManagement(algorithm));
Debug.Assert(algorithm.Category == AlgorithmCategory.EllipticCurve);
_key = key;
if (algorithm.WrappedAlgorithm is null)
{
_algorithm = encryptionAlgorithm.Name;
_keySizeInBytes = encryptionAlgorithm.RequiredKeySizeInBytes;
}
else
{
_algorithm = algorithm.Name;
_keySizeInBytes = algorithm.WrappedAlgorithm.RequiredKeySizeInBits >> 3;
_keyManagementAlgorithm = algorithm.WrappedAlgorithm;
}
_algorithmNameLength = _algorithm.EncodedUtf8Bytes.Length;
_hashAlgorithm = GetHashAlgorithm(encryptionAlgorithm);
}
internal static void ThrowNotSupportedException_AlgorithmForKeyWrap(KeyManagementAlgorithm?algorithm) => throw CreateNotSupportedException_AlgorithmForKeyWrap(algorithm);
/// <summary>Parses the <see cref="JsonElement"/> into its <see cref="KeyManagementAlgorithm"/> representation.</summary>
public static bool TryParse(JsonElement value, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
if (value.ValueEquals(Dir._utf8Name.EncodedUtf8Bytes))
{
algorithm = Dir;
goto Found;
}
else if (value.ValueEquals(A128KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A128KW;
goto Found;
}
else if (value.ValueEquals(A192KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A192KW;
goto Found;
}
else if (value.ValueEquals(A256KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A256KW;
goto Found;
}
else if (value.ValueEquals(Rsa1_5._utf8Name.EncodedUtf8Bytes))
{
algorithm = Rsa1_5;
goto Found;
}
else if (value.ValueEquals(EcdhEs._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEs;
goto Found;
}
else if (value.ValueEquals(RsaOaep._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep;
goto Found;
}
else if (value.ValueEquals(A128GcmKW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A128GcmKW;
goto Found;
}
else if (value.ValueEquals(A192GcmKW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A192GcmKW;
goto Found;
}
else if (value.ValueEquals(A256GcmKW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A256GcmKW;
goto Found;
}
else if (value.ValueEquals(RsaOaep256._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep256;
goto Found;
}
else if (value.ValueEquals(RsaOaep384._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep384;
goto Found;
}
else if (value.ValueEquals(RsaOaep512._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep512;
goto Found;
}
else if (value.ValueEquals(EcdhEsA128KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEsA128KW;
goto Found;
}
else if (value.ValueEquals(EcdhEsA192KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEsA192KW;
goto Found;
}
else if (value.ValueEquals(EcdhEsA256KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEsA256KW;
goto Found;
}
else if (value.ValueEquals(Pbes2HS256A128KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = Pbes2HS256A128KW;
goto Found;
}
else if (value.ValueEquals(Pbes2HS384A192KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = Pbes2HS384A192KW;
goto Found;
}
else if (value.ValueEquals(Pbes2HS512A256KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = Pbes2HS512A256KW;
goto Found;
}
algorithm = null;
return(false);
Found:
return(true);
}
/// <summary>Parses the <see cref="string"/> into its <see cref="KeyManagementAlgorithm"/> representation.</summary>
public static bool TryParse(string?value, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
switch (value)
{
case "dir":
algorithm = Dir;
goto Found;
case "A128KW":
algorithm = A128KW;
goto Found;
case "A192KW":
algorithm = A192KW;
goto Found;
case "A256KW":
algorithm = A256KW;
goto Found;
case "RSA1_5":
algorithm = Rsa1_5;
goto Found;
case "ECDH-ES":
algorithm = EcdhEs;
goto Found;
case "RSA-OAEP":
algorithm = RsaOaep;
goto Found;
case "A128GCMKW":
algorithm = A128GcmKW;
goto Found;
case "A192GCMKW":
algorithm = A192GcmKW;
goto Found;
case "A256GCMKW":
algorithm = A256GcmKW;
goto Found;
case "RSA-OAEP-256":
algorithm = RsaOaep256;
goto Found;
case "RSA-OAEP-384":
algorithm = RsaOaep384;
goto Found;
case "RSA-OAEP-512":
algorithm = RsaOaep512;
goto Found;
case "ECDH-ES+A128KW":
algorithm = EcdhEsA128KW;
goto Found;
case "ECDH-ES+A192KW":
algorithm = EcdhEsA192KW;
goto Found;
case "ECDH-ES+A256KW":
algorithm = EcdhEsA256KW;
goto Found;
case "PBES2-HS256+A128KW":
algorithm = Pbes2HS256A128KW;
goto Found;
case "PBES2-HS384+A192KW":
algorithm = Pbes2HS384A192KW;
goto Found;
case "PBES2-HS512+A256KW":
algorithm = Pbes2HS512A256KW;
goto Found;
}
algorithm = null;
return(false);
Found:
return(true);
}
/// <summary>Parses the <see cref="ReadOnlySpan{T}"/> into its <see cref="KeyManagementAlgorithm"/> representation.</summary>
public static bool TryParse(ReadOnlySpan <byte> value, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
switch (value.Length)
{
case 3 when IntegerMarshal.ReadUInt24(value) == _dir:
algorithm = Dir;
goto Found;
case 6 when IntegerMarshal.ReadUInt16(value, 4) == _KW:
switch (IntegerMarshal.ReadUInt32(value))
{
case _A128:
algorithm = A128KW;
goto Found;
case _A192:
algorithm = A192KW;
goto Found;
case _A256:
algorithm = A256KW;
goto Found;
}
break;
case 6 when IntegerMarshal.ReadUInt32(value) == _RSA1 && IntegerMarshal.ReadUInt16(value, 4) == __5:
algorithm = Rsa1_5;
goto Found;
case 7 when IntegerMarshal.ReadUInt56(value) == _ECDH_ES:
algorithm = EcdhEs;
goto Found;
case 8 when IntegerMarshal.ReadUInt64(value) == _RSA_OAEP:
algorithm = RsaOaep;
goto Found;
case 9 when IntegerMarshal.ReadUInt8(value) == (byte) 'A':
switch (IntegerMarshal.ReadUInt64(value, 1))
{
case __128GCMKW:
algorithm = A128GcmKW;
goto Found;
case __192GCMKW:
algorithm = A192GcmKW;
goto Found;
case __256GCMKW:
algorithm = A256GcmKW;
goto Found;
}
break;
case 12 when IntegerMarshal.ReadUInt64(value) == _RSA_OAEP:
switch (IntegerMarshal.ReadUInt32(value, 8))
{
case __256:
algorithm = RsaOaep256;
goto Found;
case __384:
algorithm = RsaOaep384;
goto Found;
case __512:
algorithm = RsaOaep512;
goto Found;
}
break;
case 14 when IntegerMarshal.ReadUInt64(value) == _ECDH_ES_:
switch (IntegerMarshal.ReadUInt64(value, 6))
{
case _S_A128KW:
algorithm = EcdhEsA128KW;
goto Found;
case _S_A192KW:
algorithm = EcdhEsA192KW;
goto Found;
case _S_A256KW:
algorithm = EcdhEsA256KW;
goto Found;
}
break;
// 'PBES2-HS384+A192KW'
case 18 when IntegerMarshal.ReadUInt64(value) == 6001096197639848528uL && /* PBES2-HS 384+A192KW*/
IntegerMarshal.ReadUInt16(value, 16) == _KW:
switch (IntegerMarshal.ReadUInt64(value, 8))
{
case 4049353170927105330uL:
algorithm = Pbes2HS256A128KW;
goto Found;
case 3618977931536382003uL:
algorithm = Pbes2HS384A192KW;
goto Found;
case 3906083507292746037:
algorithm = Pbes2HS512A256KW;
goto Found;
}
break;
// Special case for escaped 'ECDH-ES\u002bAxxxKW'
case 19 when IntegerMarshal.ReadUInt64(value) == _ECDH_ES_UTF8 /* ECDH-ES\ */:
switch (IntegerMarshal.ReadUInt64(value, 8) | u002bUpperMask)
{
case _u002bA12 when IntegerMarshal.ReadUInt32(value, 15) == __28KW:
algorithm = EcdhEsA128KW;
goto Found;
case _u002bA19 when IntegerMarshal.ReadUInt32(value, 15) == __92KW:
algorithm = EcdhEsA192KW;
goto Found;
case _u002bA25 when IntegerMarshal.ReadUInt32(value, 15) == __56KW:
algorithm = EcdhEsA256KW;
goto Found;
}
break;
}
algorithm = null;
return(false);
Found:
return(true);
}
/// <summary>Determines whether two specified <see cref="KeyManagementAlgorithm"/> objects have the same value.</summary> public bool Equals(KeyManagementAlgorithm?other) => other is null ? false : _id == other._id;
/// <summary>Parses the <see cref="JwtElement"/> into its <see cref="KeyManagementAlgorithm"/> representation.</summary>
public static bool TryParse(JwtElement value, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
if (value.ValueEquals(Dir._utf8Name.EncodedUtf8Bytes))
{
algorithm = Dir;
goto Found;
}
else if (value.ValueEquals(A128KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A128KW;
goto Found;
}
else if (value.ValueEquals(A192KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A192KW;
goto Found;
}
else if (value.ValueEquals(A256KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A256KW;
goto Found;
}
else if (value.ValueEquals(Rsa1_5._utf8Name.EncodedUtf8Bytes))
{
algorithm = Rsa1_5;
goto Found;
}
else if (value.ValueEquals(EcdhEs._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEs;
goto Found;
}
else if (value.ValueEquals(RsaOaep._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep;
goto Found;
}
else if (value.ValueEquals(A128GcmKW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A128GcmKW;
goto Found;
}
else if (value.ValueEquals(A192GcmKW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A192GcmKW;
goto Found;
}
else if (value.ValueEquals(A256GcmKW._utf8Name.EncodedUtf8Bytes))
{
algorithm = A256GcmKW;
goto Found;
}
else if (value.ValueEquals(RsaOaep256._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep256;
goto Found;
}
else if (value.ValueEquals(RsaOaep384._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep384;
goto Found;
}
else if (value.ValueEquals(RsaOaep512._utf8Name.EncodedUtf8Bytes))
{
algorithm = RsaOaep512;
goto Found;
}
else if (value.ValueEquals(EcdhEsA128KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEsA128KW;
goto Found;
}
else if (value.ValueEquals(EcdhEsA192KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEsA192KW;
goto Found;
}
else if (value.ValueEquals(EcdhEsA256KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = EcdhEsA256KW;
goto Found;
}
else if (value.ValueEquals(Pbes2HS256A128KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = Pbes2HS256A128KW;
goto Found;
}
else if (value.ValueEquals(Pbes2HS384A192KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = Pbes2HS384A192KW;
goto Found;
}
else if (value.ValueEquals(Pbes2HS512A256KW._utf8Name.EncodedUtf8Bytes))
{
algorithm = Pbes2HS512A256KW;
goto Found;
}
#if NET5_0_OR_GREATER
Unsafe.SkipInit(out algorithm);
#else
algorithm = default;
#endif
return(false);
Found:
return(true);
}
internal static Exception CreateNotSupportedException_AlgorithmForKeyWrap(KeyManagementAlgorithm?algorithm) => new NotSupportedException($"Key wrap is not supported for algorithm: '{algorithm}'.");
/// <summary>
/// Cast the <see cref="ReadOnlySpan{T}"/> into its <see cref="KeyManagementAlgorithm"/> representation.
/// </summary>
/// <param name="value"></param>
/// <param name="algorithm"></param>
public static bool TryParse(ReadOnlySpan <byte> value, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
ref byte valueRef = ref MemoryMarshal.GetReference(value);
/// <summary>
/// Cast the <see cref="ReadOnlySpan{T}"/> into its <see cref="KeyManagementAlgorithm"/> representation.
/// </summary>
/// <param name="value"></param>
/// <param name="algorithm"></param>
public static bool TryParse(ReadOnlySpan <byte> value, [NotNullWhen(true)] out KeyManagementAlgorithm?algorithm)
{
switch (value.Length)
{
case 3 when IntegerMarshal.ReadUInt24(value) == dir:
algorithm = Direct;
return(true);
case 6 when IntegerMarshal.ReadUInt16(value, 4) == KW:
switch (IntegerMarshal.ReadUInt32(value))
{
case A128:
algorithm = Aes128KW;
return(true);
case A192:
algorithm = Aes192KW;
return(true);
case A256:
algorithm = Aes256KW;
return(true);
}
break;
case 6 when IntegerMarshal.ReadUInt32(value) == RSA1 && IntegerMarshal.ReadUInt16(value, 4) == _5:
algorithm = RsaPkcs1;
return(true);
case 7 when IntegerMarshal.ReadUInt56(value) == ECDH_ES:
algorithm = EcdhEs;
return(true);
case 8 when IntegerMarshal.ReadUInt64(value) == RSA_OAEP:
algorithm = RsaOaep;
return(true);
case 9 when IntegerMarshal.ReadUInt8(value) == (byte) 'A':
switch (IntegerMarshal.ReadUInt64(value, 1))
{
case _128GCMKW:
algorithm = Aes128GcmKW;
return(true);
case _192GCMKW:
algorithm = Aes192GcmKW;
return(true);
case _256GCMKW:
algorithm = Aes256GcmKW;
return(true);
}
break;
case 12 when IntegerMarshal.ReadUInt64(value) == RSA_OAEP:
switch (IntegerMarshal.ReadUInt32(value, 8))
{
case _256:
algorithm = RsaOaep256;
return(true);
case _384:
algorithm = RsaOaep384;
return(true);
case _512:
algorithm = RsaOaep512;
return(true);
}
break;
case 14 when IntegerMarshal.ReadUInt64(value) == ECDH_ES_:
switch (IntegerMarshal.ReadUInt64(value, 6))
{
case S_A128KW:
algorithm = EcdhEsAes128KW;
return(true);
case S_A192KW:
algorithm = EcdhEsAes192KW;
return(true);
case S_A256KW:
algorithm = EcdhEsAes256KW;
return(true);
}
break;
// Special case for escaped 'ECDH-ES\u002bAxxxKW'
case 19 when IntegerMarshal.ReadUInt64(value) == ECDH_ES_UTF8 /* ECDH-ES\ */:
switch (IntegerMarshal.ReadUInt64(value, 8))
{
case u002bA12 when IntegerMarshal.ReadUInt32(value, 15) == _28KW:
algorithm = EcdhEsAes128KW;
return(true);
case u002bA19 when IntegerMarshal.ReadUInt32(value, 15) == _92KW:
algorithm = EcdhEsAes192KW;
return(true);
case u002bA25 when IntegerMarshal.ReadUInt32(value, 15) == _56KW:
algorithm = EcdhEsAes256KW;
return(true);
}
break;
}
algorithm = null;
return(false);
}
/// <summary>
/// Initializes a new instance of the <see cref="Jwk"/> class.
/// </summary>
/// <param name="alg"></param>
protected Jwk(KeyManagementAlgorithm alg)
{
Alg = alg.Utf8Name;
_keyManagementAlgorithm = alg;
}
/// <summary>
/// Initializes a new instance of <see cref="KeyManagementAlgorithm"/>.
/// </summary>
/// <param name="id"></param>
/// <param name="name"></param>
/// <param name="keyType"></param>
/// <param name="wrappedAlgorithm"></param>
public KeyManagementAlgorithm(byte id, string name, AlgorithmCategory keyType, KeyManagementAlgorithm?wrappedAlgorithm)
: this(id, name, keyType, requiredKeySizeInBits : 0, wrappedAlgorithm, produceEncryptedKey : true)
{
}