public string SignCompact(byte[] payload) { var key = this.GetPrimaryKey(); var alg = Jwt.AlgForKey(key); if (alg == null) { throw new InvalidKeyTypeException("Invalid Key Parameters For JWT"); } var header = new JwtHeader { typ = "JWT", alg = alg?.ToString(), kid = WebBase64.FromBytes(key.GetKeyHash()) }; var stringHeader = JsonConvert.SerializeObject(header); var encodedHeader = Jwt.EncodeToBase64(stringHeader); var encodedPayload = WebBase64.FromBytes(payload); var input = Encoding.UTF8.GetBytes($"{encodedHeader}.{encodedPayload}"); using (var outStream = new MemoryStream()) using (var memStream = new MemoryStream(input)) { Sign(memStream, outStream, null, null, input, -1); return(Encoding.UTF8.GetString(outStream.ToArray())); } }
protected override void PadSignature(byte[] signature, Stream outputStream, object extra) { var input = (byte[])extra; outputStream.Write(input, 0, input.Length); outputStream.Write(Encoding.UTF8.GetBytes("."), 0, 1); var b64Sig = WebBase64.FromBytes(signature); var sig = Encoding.UTF8.GetBytes(b64Sig.ToString()); outputStream.Write(sig, 0, sig.Length); }
private void EncodeData(Stream outstream, string destination) { var memstream = (MemoryStream)outstream; outstream.Flush(); var encodedOutput = _format != WireFormat.SignJwt ? WebBase64.FromBytes(memstream.ToArray()).ToString() : Encoding.UTF8.GetString(memstream.ToArray()); if (String.IsNullOrWhiteSpace(destination)) { Console.Write(encodedOutput); } else { if (File.Exists(destination)) { throw new Exception("File already Exists!!"); } File.WriteAllText(destination, encodedOutput); } }
public void RevokeOverwrite() { var testPath = "revoke-override"; using (var writer = CreateNewStorageWriter(DefaultContainer, testPath)) using (var ks = CreateNewKeySetMeta(KeyKind.Symmetric, KeyPurpose.DecryptAndEncrypt)) { int ver = ks.AddKey(KeyStatus.Primary); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } WebBase64 origCipherText = null; WebBase64 origKeyId = null; using (var ks = new StorageKeySet(GetClientCred(), DefaultContainer, testPath)) using (var encrypter = new Encrypter(ks)) { origCipherText = encrypter.Encrypt(Input); origKeyId = WebBase64.FromBytes(ks.Metadata.Versions.First().KeyId); } using (var origKs = new StorageKeySet(GetClientCred(), DefaultContainer, testPath)) using (var ks = new MutableKeySet(origKs)) using (var writer = CreateNewStorageWriter(DefaultContainer, testPath)) { var status = ks.Demote(1); Expect(status, Is.EqualTo(KeyStatus.Active)); var status2 = ks.Demote(1); Expect(status2, Is.EqualTo(KeyStatus.Inactive)); var revoked = ks.Revoke(1); Expect(revoked, Is.True); var success = ks.Save(writer); Expect(success, Is.True); } using (var writer = CreateNewStorageWriter(DefaultContainer, testPath)) using (var ks = CreateNewKeySetMeta(KeyKind.Symmetric, KeyPurpose.DecryptAndEncrypt)) { int ver = ks.AddKey(KeyStatus.Primary); Expect(ver, Is.EqualTo(1)); var success = ks.Save(writer); Expect(success, Is.True); } WebBase64 newCipherText = null; using (var ks = new StorageKeySet(GetClientCred(), DefaultContainer, testPath)) using (var encrypter = new Encrypter(ks)) { newCipherText = encrypter.Encrypt(Input); } using (var ks = StorageKeySet.Create(GetClientCred(), DefaultContainer, testPath)()) { var newKeyId = WebBase64.FromBytes(ks.Metadata.Versions.First().KeyId); var prefix = new byte[KeyczarConst.KeyHashLength]; Array.Copy(newCipherText.ToBytes(), 1, prefix, 0, prefix.Length); Expect(prefix, Is.Not.EqualTo(origKeyId.ToBytes())); Expect(prefix, Is.EqualTo(newKeyId.ToBytes())); } }
internal static string EncodeToBase64(string jsontext) { var rawBytes = Encoding.UTF8.GetBytes(jsontext); return(WebBase64.FromBytes(rawBytes).ToString()); }