Exemple #1
0
        private void HandleAuthenticationAdded(object sender, EventArgs e)
        {
            RsaSecurityKey rsa = null;
            var            xml = _identityServerOptions.Configuration.JsonWebKeys.First().SerializedKey;

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                var provider = new RSACryptoServiceProvider();
                provider.FromXmlStringNetCore(xml);
                rsa = new RsaSecurityKey(provider);
            }
            else
            {
                var r = new RSAOpenSsl();
                r.FromXmlStringNetCore(xml);
                rsa = new RsaSecurityKey(r);
            }

            AspPipelineContext.Instance().ConfigureServiceContext.Services.AddAuthentication(cfg =>
            {
                cfg.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
                cfg.DefaultChallengeScheme    = JwtBearerDefaults.AuthenticationScheme;
            })
            .AddJwtBearer(cfg =>
            {
                cfg.TokenValidationParameters = new TokenValidationParameters()
                {
                    ValidateAudience         = false,
                    ValidateIssuer           = false,
                    ValidateIssuerSigningKey = true,
                    IssuerSigningKey         = rsa
                };
            });
        }
        public void SetRsaPublicKeyInformation(Dictionary <string, object> result, OfficeDocumentJsonWebKeyResponse jsonWebKey)
        {
            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                using (var provider = new RSACryptoServiceProvider())
                {
                    provider.FromXmlStringNetCore(jsonWebKey.SerializedKey);
                    var rsaParameters = provider.ExportParameters(false);
                    // Export the modulus
                    var modulus = rsaParameters.Modulus.Base64EncodeBytes();
                    // Export the exponent
                    var exponent = rsaParameters.Exponent.Base64EncodeBytes();

                    result.Add("n", modulus);
                    result.Add("e", exponent);
                }
            }
            else
            {
                using (var provider = new RSAOpenSsl())
                {
                    provider.FromXmlStringNetCore(jsonWebKey.SerializedKey);
                    var rsaParameters = provider.ExportParameters(false);
                    // Export the modulus
                    var modulus = rsaParameters.Modulus.Base64EncodeBytes();
                    // Export the exponent
                    var exponent = rsaParameters.Exponent.Base64EncodeBytes();

                    result.Add("n", modulus);
                    result.Add("e", exponent);
                }
            }
        }
        private RsaSecurityKey GetSecurityKey(string locationName, string subDistName, string txtFileName)
        {
            string xml = string.Empty;

            if (_properties.ContainsKey(locationName) && _properties.ContainsKey(subDistName))
            {
                var storeLocation = _properties[locationName];
                if (_mappingStrToStoreLocation.ContainsKey(storeLocation))
                {
                    using (var store = new X509Store(_mappingStrToStoreLocation[storeLocation]))
                    {
                        store.Open(OpenFlags.OpenExistingOnly);
                        var certificates = store.Certificates.Find(X509FindType.FindBySubjectDistinguishedName, _properties[subDistName], true);
                        if (certificates.Count > 0)
                        {
                            xml = ((RSACryptoServiceProvider)certificates[0].PrivateKey).ToXmlStringNetCore(false);
                        }
                    }
                }
            }
            else
            {
                var locationPath          = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
                var publicKeyLocationPath = Path.Combine(locationPath, txtFileName);
                xml = File.ReadAllText(publicKeyLocationPath);
            }

            RsaSecurityKey rsa = null;

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                var provider = new RSACryptoServiceProvider();
                provider.FromXmlStringNetCore(xml);
                rsa = new RsaSecurityKey(provider);
            }
            else
            {
                var r = new RSAOpenSsl();
                r.FromXmlStringNetCore(xml);
                rsa = new RsaSecurityKey(r);
            }

            return(rsa);
        }
Exemple #4
0
 public byte[] Decrypt(
     byte[] toBeDecrypted,
     JsonWebKey jsonWebKey)
 {
     if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
     {
         using (var rsa = new RSACryptoServiceProvider())
         {
             rsa.FromXmlStringNetCore(jsonWebKey.SerializedKey);
             return(rsa.Decrypt(toBeDecrypted, _oaep));
         }
     }
     else
     {
         using (var rsa = new RSAOpenSsl())
         {
             rsa.FromXmlStringNetCore(jsonWebKey.SerializedKey);
             return(rsa.Decrypt(toBeDecrypted, RSAEncryptionPadding.Pkcs1));
         }
     }
 }
        private RsaSecurityKey GetSecurityKey(string txtFileName)
        {
            var            locationPath          = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
            var            publicKeyLocationPath = Path.Combine(locationPath, txtFileName);
            var            xml = File.ReadAllText(publicKeyLocationPath);
            RsaSecurityKey rsa = null;

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                var provider = new RSACryptoServiceProvider();
                provider.FromXmlStringNetCore(xml);
                rsa = new RsaSecurityKey(provider);
            }
            else
            {
                var r = new RSAOpenSsl();
                r.FromXmlStringNetCore(xml);
                rsa = new RsaSecurityKey(r);
            }

            return(rsa);
        }
        public string SignWithRsa(
            JwsAlg algorithm,
            string serializedKeys,
            string combinedJwsNotSigned)
        {
            if (!_supportedAlgs.Contains(algorithm))
            {
                return(null);
            }

            if (string.IsNullOrWhiteSpace(serializedKeys))
            {
                throw new ArgumentNullException("serializedKeys");
            }

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                using (var rsa = new RSACryptoServiceProvider())
                {
                    var hashMethod      = _mappingWinJwsAlgorithmToRsaHashingAlgorithms[algorithm];
                    var bytesToBeSigned = ASCIIEncoding.ASCII.GetBytes(combinedJwsNotSigned);
                    rsa.FromXmlStringNetCore(serializedKeys);
                    var byteToBeConverted = rsa.SignData(bytesToBeSigned, hashMethod);
                    return(byteToBeConverted.Base64EncodeBytes());
                }
            }
            else
            {
                using (var rsa = new RSAOpenSsl())
                {
                    var hashMethod      = _mappingLinuxJwsAlgorithmToRsaHashingAlgorithms[algorithm];
                    var bytesToBeSigned = ASCIIEncoding.ASCII.GetBytes(combinedJwsNotSigned);
                    rsa.FromXmlStringNetCore(serializedKeys);
                    var byteToBeConverted = rsa.SignData(bytesToBeSigned, 0, bytesToBeSigned.Length, hashMethod, RSASignaturePadding.Pkcs1);
                    return(byteToBeConverted.Base64EncodeBytes());
                }
            }
        }
        public bool VerifyWithRsa(
            JwsAlg algorithm,
            string serializedKeys,
            string input,
            byte[] signature)
        {
            if (!_supportedAlgs.Contains(algorithm))
            {
                return(false);
            }

            if (string.IsNullOrWhiteSpace(serializedKeys))
            {
                throw new ArgumentNullException("serializedKeys");
            }

            var plainBytes = ASCIIEncoding.ASCII.GetBytes(input);

            if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
            {
                using (var rsa = new RSACryptoServiceProvider())
                {
                    var hashMethod = _mappingWinJwsAlgorithmToRsaHashingAlgorithms[algorithm];
                    rsa.FromXmlStringNetCore(serializedKeys);
                    return(rsa.VerifyData(plainBytes, hashMethod, signature));
                }
            }
            else
            {
                using (var rsa = new RSAOpenSsl())
                {
                    var hashMethod = _mappingLinuxJwsAlgorithmToRsaHashingAlgorithms[algorithm];
                    rsa.FromXmlStringNetCore(serializedKeys);
                    return(rsa.VerifyData(plainBytes, signature, hashMethod, RSASignaturePadding.Pkcs1));
                }
            }
        }