public void Save(SecurityKeyWithPrivate securityParameters) { lock (lockObject) _store.Add(securityParameters); _current = securityParameters; }
public void Save(SecurityKeyWithPrivate securityParamteres) { _context.SecurityKeys.Add(securityParamteres); _logger.LogInformation($"Saving new SecurityKeyWithPrivate {securityParamteres.Id}", typeof(TContext).Name); _context.SaveChanges(); }
public void ShouldKeepPublicKeyAfterUpdateAExpiredJwk(string algorithm, KeyType keyType) { var alg = JwsAlgorithm.Create(algorithm, keyType); var key = _keyService.GenerateSigningCredentials(new JwksOptions() { KeyPrefix = "ShouldGenerateManyRsa_", Jws = alg }); var privateKey = new SecurityKeyWithPrivate(); privateKey.SetJwsParameters(key.Key, alg); _jsonWebKeyStore.Save(privateKey); /*Remove private*/ _jsonWebKeyStore.Revoke(privateKey); var jsonWebKey = _keyService.GetLastKeysCredentials(JsonWebKeyType.Jws, 5).First(w => w.Kid == privateKey.KeyId); jsonWebKey.Kty.Should().NotBeNullOrEmpty(); jsonWebKey.HasPrivateKey.Should().BeFalse(); switch (jsonWebKey.Kty) { case JsonWebAlgorithmsKeyTypes.EllipticCurve: jsonWebKey.X.Should().NotBeNullOrEmpty(); jsonWebKey.Y.Should().NotBeNullOrEmpty(); break; case JsonWebAlgorithmsKeyTypes.RSA: jsonWebKey.N.Should().NotBeNullOrEmpty(); jsonWebKey.E.Should().NotBeNullOrEmpty(); break; case JsonWebAlgorithmsKeyTypes.Octet: jsonWebKey.K.Should().NotBeNullOrEmpty(); break; } }
private bool CheckCompatibility(SecurityKeyWithPrivate currentKey, JwksOptions options) { if (options == null) { options = _options.Value; } if (currentKey.JwkType == JsonWebKeyType.Jws) { if (currentKey.JwsAlgorithm == options.Jws) { return(true); } GenerateSigningCredentials(options); } if (currentKey.JwkType == JsonWebKeyType.Jwe) { if (currentKey.JweAlgorithm == options.Jwe) { return(true); } GenerateEncryptingCredentials(options); } return(false); }
public void Revoke(SecurityKeyWithPrivate securityKeyWithPrivate) { securityKeyWithPrivate.Revoke(); _context.Attach(securityKeyWithPrivate); _context.SecurityKeys.Update(securityKeyWithPrivate); _context.SaveChanges(); ClearCache(); }
public SigningCredentials Generate(JwksOptions options = null) { if (options == null) { options = _options.Value; } var key = _jwkService.Generate(options.Algorithm); var t = new SecurityKeyWithPrivate(); t.SetParameters(key, options.Algorithm); _store.Save(t); return(new SigningCredentials(key, options.Algorithm)); }
public void Update(SecurityKeyWithPrivate securityKeyWithPrivate) { var oldOne = _store.Find(f => f.Id == securityKeyWithPrivate.Id); if (oldOne != null) { var index = _store.FindIndex(f => f.Id == securityKeyWithPrivate.Id); Monitor.Enter(lockObject); _store.RemoveAt(index); _store.Insert(index, securityKeyWithPrivate); Monitor.Exit(lockObject); } }
public EncryptingCredentials GenerateEncryptingCredentials(JwksOptions options = null) { if (options == null) { options = _options.Value; } var key = _jwkService.Generate(options.Jwe); var t = new SecurityKeyWithPrivate(); t.SetJweParameters(key, options.Jwe); _store.Save(t); return(new EncryptingCredentials(key, options.Jwe, options.Jwe.Encryption)); }
public void Save(SecurityKeyWithPrivate securityParameters) { lock (lockObject) _store.Add(securityParameters); if (securityParameters.JwkType == JsonWebKeyType.Jws) { _currentJws = securityParameters; } else { _currentJwe = securityParameters; } }
private bool CheckCompatibility(SecurityKeyWithPrivate currentKey, JwksOptions options) { if (options == null) { options = _options.Value; } if (currentKey.Algorithm == options.Algorithm) { return(true); } Generate(options); return(false); }
public void ShouldRemovePrivateAndUpdate(string algorithm, KeyType keyType) { var alg = Algorithm.Create(algorithm, keyType); var key = _keyService.Generate(new JwksOptions() { KeyPrefix = "ShouldGenerateManyRsa_", Algorithm = alg }); var privateKey = new SecurityKeyWithPrivate(); privateKey.SetParameters(key.Key, alg); _jsonWebKeyStore.Save(privateKey); /*Remove private*/ privateKey.SetParameters(); _jsonWebKeyStore.Update(privateKey); }
public void Update(SecurityKeyWithPrivate securityKeyWithPrivate) { foreach (var fileInfo in KeysPath.GetFiles("*.key")) { var key = GetKey(fileInfo.FullName); if (key.Id != securityKeyWithPrivate.Id) { continue; } File.WriteAllText(fileInfo.FullName, JsonSerializer.Serialize(securityKeyWithPrivate, new JsonSerializerOptions() { IgnoreNullValues = true })); break; } }
public void Save(SecurityKeyWithPrivate securityParamteres) { if (!KeysPath.Exists) { KeysPath.Create(); } // Datetime it's just to be easy searchable. if (File.Exists(GetCurrentFile())) { File.Copy(GetCurrentFile(), Path.Combine(Path.GetDirectoryName(GetCurrentFile()), $"{_options.Value.KeyPrefix}old-{DateTime.Now:yyyy-MM-dd}-{Guid.NewGuid()}.key")); } File.WriteAllText(GetCurrentFile(), JsonSerializer.Serialize(securityParamteres, new JsonSerializerOptions() { IgnoreNullValues = true })); }
public void Save(SecurityKeyWithPrivate securityParamteres) { var possiblyEncryptedKeyElement = _dataProtector.Protect(System.Text.Json.JsonSerializer.Serialize(securityParamteres)); // build the <key> element var keyElement = new XElement(Name, new XAttribute(IdAttributeName, securityParamteres.Id), new XAttribute(VersionAttributeName, 1), new XElement(CreationDateElementName, DateTimeOffset.UtcNow), new XElement(ActivationDateElementName, DateTimeOffset.UtcNow), new XElement(ExpirationDateElementName, DateTimeOffset.UtcNow.AddDays(_options.Value.DaysUntilExpire)), new XElement(DescriptorElementName, new XAttribute(DeserializerTypeAttributeName, typeof(SecurityKeyWithPrivate).AssemblyQualifiedName !), possiblyEncryptedKeyElement)); // Persist it to the underlying repository and trigger the cancellation token. var friendlyName = string.Format(CultureInfo.InvariantCulture, "key-{0}-{1:D}", securityParamteres.JwkType.ToString(), securityParamteres.Id); KeyRepository.StoreElement(keyElement, friendlyName); ClearCache(); }
public void Revoke(SecurityKeyWithPrivate securityKeyWithPrivate) { var key = Get(securityKeyWithPrivate.JwkType).First(f => f.Id == securityKeyWithPrivate.Id); if (key != null && key.IsRevoked) { return; } securityKeyWithPrivate.Revoke(); var revocationElement = new XElement(RevocationElementName, new XAttribute(VersionAttributeName, 1), new XElement(RevocationDateElementName, DateTimeOffset.UtcNow), new XElement(Name, new XAttribute(IdAttributeName, securityKeyWithPrivate.Id)), new XElement(ReasonElementName, "Revoked")); // Persist it to the underlying repository and trigger the cancellation token var friendlyName = string.Format(CultureInfo.InvariantCulture, "revocation-{0}-{1:D}-{2:yyyy_MM_dd_hh_mm_fffffff}", securityKeyWithPrivate.JwkType.ToString(), securityKeyWithPrivate.Id, DateTime.UtcNow); KeyRepository.StoreElement(revocationElement, friendlyName); ClearCache(); }
public void Update(SecurityKeyWithPrivate securityKeyWithPrivate) { _context.SecurityKeys.Update(securityKeyWithPrivate); _context.SaveChanges(); }
public void Clear() { _currentJwe = null; _currentJws = null; _store.Clear(); }