/// <summary> /// Tries to decode/unprotect the message, returning null if the protectedMessage does not represent a valid protected message /// </summary> /// <param name="algorithm">Algorithm to use</param> /// <param name="protectedMessage">Protected message content encoded as string</param> /// <returns>Unprotected/decoded message or null if the protectedMessage is not valid</returns> public static IJsonDataObject Unprotect(this ICryptoMessageAlgorithm algorithm, string protectedMessage) { var raw = protectedMessage.FromWebSafeBase64(); if (raw == null) { return(null); } return(Unprotect(algorithm, new ArraySegment <byte>(raw))); }
/// <summary> /// Protects message into a byte[]. Null is returned for null messages /// </summary> /// <param name="algorithm">Algorithm to use</param> /// <param name="originalMessage">Message to protect using Json format</param> /// <param name="options">Json format options</param> /// <returns>Binary representation of protected message</returns> public static byte[] ProtectAsBuffer(this ICryptoMessageAlgorithm algorithm, object originalMessage, JsonWritingOptions options = null) { if (originalMessage == null) { return(null); } if (options == null) { options = JsonWritingOptions.CompactRowsAsMap; } var raw = JsonWriter.WriteToBuffer(originalMessage, options, UTF8_NO_BOM); var result = algorithm.NonNull(nameof(algorithm)).Protect(new ArraySegment <byte>(raw)); return(result); }
/// <summary> /// Unprotected the JWT payload (middle) segment with the default public algorithm /// </summary> /// <param name="algorithm">App chassis sec manager</param> /// <param name="jwt">JSON web token: `header.payload.hash`</param> /// <returns>JsonDataMap filled with payload/claims or null if message is corrupt/not authentic</returns> public static JsonDataMap UnprotectJWTPayload(this ICryptoMessageAlgorithm algorithm, ArraySegment <byte> jwt) { var raw = algorithm.Unprotect(jwt); if (raw == null) { return(null); } using (var ms = new MemoryStream(raw)) { try { return(JsonReader.DeserializeDataObject(ms, UTF8_NO_BOM, true) as JsonDataMap); } catch { return(null);//corrupted message } } }
/// <summary> /// Tries to decode/unprotect the message, returning null if the protectedMessage does not represent a valid protected message /// </summary> /// <param name="algorithm">Algorithm to use</param> /// <param name="protectedMessage">Protected message content encoded as string</param> /// <returns>Unprotected/decoded message or null if the protectedMessage is not valid</returns> public static IJsonDataObject UnprotectObject(this ICryptoMessageAlgorithm algorithm, string protectedMessage) { var raw = algorithm.UnprotectFromString(protectedMessage); if (raw == null) { return(null); } using (var ms = new MemoryStream(raw)) { try { return(JsonReader.DeserializeDataObject(ms, UTF8_NO_BOM, true)); } catch { return(null);//corrupted message } } }
/// <summary> /// Tries to decode/unprotect the message, returning null if the protectedMessage does not represent a valid protected message /// </summary> /// <param name="algorithm">Algorithm to use</param> /// <param name="protectedMessage">Protected message content</param> /// <returns>Unprotected/decoded message or null if the protectedMessage is not valid</returns> public static IJsonDataObject Unprotect(this ICryptoMessageAlgorithm algorithm, ArraySegment <byte> protectedMessage) { var raw = algorithm.Unprotect(protectedMessage); if (raw == null) { return(null); } using (var ms = new MemoryStream(raw)) { try { return(JsonReader.DeserializeDataObject(ms, Encoding.UTF8, true)); } catch { return(null);//corrupted message } } }
/// <summary> /// Protected the JWT payload (middle) segment with the default public algorithm /// </summary> /// <param name="algorithm">Message protection algorithm</param> /// <param name="payload">JWT payload (the middle) segment between '.'</param> /// <returns>JWT string like: `header.payload.hash` encoded with base 64 URI scheme</returns> public static string ProtectJWTPayloadAsString(this ICryptoMessageAlgorithm algorithm, JsonDataMap payload) { var binPayload = JsonWriter.WriteToBuffer(payload.NonNull(nameof(payload)), JsonWritingOptions.CompactRowsAsMap, UTF8_NO_BOM); return(algorithm.ProtectToString(new ArraySegment <byte>(binPayload))); }
/// <summary> /// Protects message as web-safe URI string. Null is returned for null messages /// </summary> /// <param name="algorithm">Algorithm to use</param> /// <param name="originalMessage">Message to protect using Json format</param> /// <param name="options">Json format options</param> /// <returns>Web-safe base64-encoded string representation of protected message suitable for direct use in Uris</returns> public static string ProtectAsString(this ICryptoMessageAlgorithm algorithm, object originalMessage, JsonWritingOptions options = null) { var bin = ProtectAsBuffer(algorithm, originalMessage, options); return(bin.ToWebSafeBase64()); }