public void Generate_Secp256k1_SignedToken() { var privateKey = GeneratePrivateKey(domainParams); var securityKey = new EcSecurityKey(privateKey); var signingCredentials = new SigningCredentials(securityKey, algorithm); signingCredentials.CryptoProviderFactory = new EcCryptoProviderFactory(domainParams, new[] { algorithm }, deterministic: true, digest: new Sha256Digest()); var tokenHandler = new JwtSecurityTokenHandler(); var jwtToken = tokenHandler.CreateJwtSecurityToken( issuer: "me", audience: "you", subject: null, notBefore: now, expires: now.AddMinutes(30), issuedAt: now, signingCredentials: signingCredentials); var token = tokenHandler.WriteToken(jwtToken); Assert.NotNull(token); Assert.Equal(3, token.Split(".").Length); }
public void Verify_Signature() { var privateKey = GeneratePrivateKey(domainParams); var signingCredentials = new SigningCredentials(new EcSecurityKey(privateKey), algorithm); signingCredentials.CryptoProviderFactory = new EcCryptoProviderFactory(domainParams, new[] { algorithm }, deterministic: true, digest: new Sha256Digest()); var tokenHandler = new JwtSecurityTokenHandler(); var jwtToken = tokenHandler.CreateJwtSecurityToken( issuer: "me", audience: "you", subject: null, notBefore: now, expires: now.AddMinutes(30), issuedAt: now, signingCredentials: signingCredentials); var token = tokenHandler.WriteToken(jwtToken); // Verify var publicKey = new EcSecurityKey(new ECPublicKeyParameters(domainParams.G.Multiply(privateKey.D), domainParams)); tokenHandler = new JwtSecurityTokenHandler(); var settings = new TokenValidationParameters() { ValidIssuer = "me", ValidAudience = "you", IssuerSigningKey = publicKey, CryptoProviderFactory = new EcCryptoProviderFactory(domainParams, new[] { algorithm }, deterministic: true, digest: new Sha256Digest()) }; var claims = tokenHandler.ValidateToken(token, settings, out var securityToken); Assert.NotNull(claims); }