Exemple #1
        private string AuthorizationHeader(string method, DateTime now, HttpWebRequest request, string contentLength = "", string ifMatch = "", string md5 = "")
            string MessageSignature;

            //this is the raw representation of the message signature
            MessageSignature = String.Format("{0}\n\n\n{1}\n{5}\n\n\n\n{2}\n\n\n\n{3}{4}",
                                             GetCanonicalizedResource(request.RequestUri, this.storageAccount),

            //now turn it into a byte array
            byte[] SignatureBytes = System.Text.Encoding.UTF8.GetBytes(MessageSignature);

            //create the HMACSHA256 version of the storage key
            System.Security.Cryptography.HMACSHA256 SHA256 =
                new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(this.accessKey));

            //Compute the hash of the SignatureBytes and convert it to a base64 string.
            string signature = Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));

            //this is the actual header that will be added to the list of request headers
            string AuthorizationHeader = "SharedKey " + this.storageAccount
                                         + ":" + Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));

 public static string PBKDF2Sha256GetBytes(int dklen, string password_string, string salt_b64, int iterationCount)
     byte[] password = Encoding.UTF8.GetBytes(password_string);
     byte[] salt     = Encoding.ASCII.GetBytes(salt_b64);
     using (var hmac = new System.Security.Cryptography.HMACSHA256(password))
         int hashLength = hmac.HashSize / 8;
         if ((hmac.HashSize & 7) != 0)
         int keyLength = dklen / hashLength;
         if ((long)dklen > (0xFFFFFFFFL * hashLength) || dklen < 0)
             throw new ArgumentOutOfRangeException("dklen");
         if (dklen % hashLength != 0)
         byte[] extendedkey = new byte[salt.Length + 4];
         Buffer.BlockCopy(salt, 0, extendedkey, 0, salt.Length);
         using (var ms = new System.IO.MemoryStream())
             for (int i = 0; i < keyLength; i++)
                 extendedkey[salt.Length]     = (byte)(((i + 1) >> 24) & 0xFF);
                 extendedkey[salt.Length + 1] = (byte)(((i + 1) >> 16) & 0xFF);
                 extendedkey[salt.Length + 2] = (byte)(((i + 1) >> 8) & 0xFF);
                 extendedkey[salt.Length + 3] = (byte)(((i + 1)) & 0xFF);
                 byte[] u = hmac.ComputeHash(extendedkey);
                 Array.Clear(extendedkey, salt.Length, 4);
                 byte[] f = u;
                 for (int j = 1; j < iterationCount; j++)
                     u = hmac.ComputeHash(u);
                     for (int k = 0; k < f.Length; k++)
                         f[k] ^= u[k];
                 ms.Write(f, 0, f.Length);
                 Array.Clear(u, 0, u.Length);
                 Array.Clear(f, 0, f.Length);
             byte[] dk = new byte[dklen];
             ms.Position = 0;
             ms.Read(dk, 0, dklen);
             ms.Position = 0;
             for (long i = 0; i < ms.Length; i++)
             Array.Clear(extendedkey, 0, extendedkey.Length);
Exemple #3
        public bool VerificarPasswordHash(string password, byte[] passwordHashAlmacenado)
            using var hmac = new System.Security.Cryptography.HMACSHA256(this._encoding.GetBytes(this._key));
            var passwordHashNuevo = hmac.ComputeHash(this._encoding.GetBytes(password));

            return(new ReadOnlySpan <byte>(passwordHashAlmacenado).SequenceEqual(new ReadOnlySpan <byte>(passwordHashNuevo)));
Exemple #4
 private void creathash(string pass, out byte[] hash, out byte[] salt)
     using (var h = new System.Security.Cryptography.HMACSHA256()) {
         salt = h.Key;
         hash = h.ComputeHash(System.Text.Encoding.UTF8.GetBytes(pass));
        public IActionResult Post([FromForm] string login, [FromForm] string password)
            if (login != "LF" && password != "teste")

            var keyBytes = System.Text.Encoding.UTF8.GetBytes(key);

            string header  = @"{""typ"":""JWT"",""alg"":""HS256""}";
            string payload = @"{""sub"":""123456789"",""name"":""Luiz Flavio""}";

            var headerBytes  = System.Text.Encoding.UTF8.GetBytes(header);
            var payloadBytes = System.Text.Encoding.UTF8.GetBytes(payload);

            var header64 = System.Convert.ToBase64String(headerBytes).Replace('+', '-')
                           .Replace('/', '_')
                           .Replace("=", "")
            var payload64 = System.Convert.ToBase64String(payloadBytes).Replace('+', '-')
                            .Replace('/', '_')
                            .Replace("=", "");

            var messageBytes = System.Text.Encoding.UTF8.GetBytes(header64 + "." + payload64);

            System.Security.Cryptography.HMACSHA256 crypto = new System.Security.Cryptography.HMACSHA256(keyBytes);

            var signBytes = crypto.ComputeHash(messageBytes);
            var sign64    = System.Convert.ToBase64String(signBytes).Replace('+', '-')
                            .Replace('/', '_')
                            .Replace("=", "");

            return(Ok(header64 + "." + payload64 + "." + sign64));
Exemple #6
        public void MakeRequest(string type, string platform, string reqjsondata)
            System.Text.UTF8Encoding en = new System.Text.UTF8Encoding();

            string secret = Configs.Secret;

            string uri = "http://api.bf3stats.com/" + platform + "/" + type + "/";
            WebClient wc = new WebClient();
            wc.Headers["Content-Type"] = "application/x-www-form-urlencoded";

            if (type == "setupkey")
                wc.UploadStringCompleted += new UploadStringCompletedEventHandler(completed_register);
                wc.UploadStringCompleted += new UploadStringCompletedEventHandler(completed_update);
                secret = Configs.GetAPIkey();

            System.Security.Cryptography.HMACSHA256 hmac = new System.Security.Cryptography.HMACSHA256(en.GetBytes(secret));

            Byte[] bytes = en.GetBytes(reqjsondata);
            string encodedRequest = Convert.ToBase64String(bytes).Replace('+', '-').Replace('/', '_').Replace("=", "");

            byte[] hashVal = hmac.ComputeHash(en.GetBytes(encodedRequest));
            string signature = Convert.ToBase64String(hashVal).Replace('+', '-').Replace('/', '_').Replace("=", "");

            string query = "data=" + encodedRequest + "&sig=" + signature;
            wc.UploadStringAsync(new Uri(uri), "POST", query);
Exemple #7
        /// <summary>
        /// Creates a new hash, given a password string, salt value, and hash version to use.
        /// </summary>
        private static string CreateHash(string password, string salt, int hashVersion)
            // the global secret used in password hashing;
            // you can't ever change this, or all users will be unable to log in
            string globalSecret = "terceS-hap00S,1ABo1G";
            string valueToHash  = salt + password + salt + globalSecret;

            if (hashVersion == 1)
                return(new MD5(valueToHash).HashString);
            else if (hashVersion == 2)
                // the key used in passphase hashing;
                // you can't ever change this, or all users with v2 hashes will be unable to log in
                string globalHashKey = "xN3Jar4Uvw9HPbGBAVesRq2Lz2KxyMPegf4bNS9nSsCDgLbh";

                var    encoding           = new System.Text.UTF8Encoding();
                byte[] globalHashKeyBytes = encoding.GetBytes(globalHashKey);
                byte[] valueToHashBytes   = encoding.GetBytes(valueToHash);

                var    sha  = new System.Security.Cryptography.HMACSHA256(globalHashKeyBytes);
                byte[] hash = sha.ComputeHash(valueToHashBytes);
                throw new ApplicationException("Invalid hash version");
Exemple #8
        // https://docs.microsoft.com/en-gb/rest/api/cosmos-db/access-control-on-cosmosdb-resources?redirectedfrom=MSDN
        private static string GenerateAuthToken(string verb, string resourceType, string resourceId, string date, string key, string keyType, string tokenVersion)
            var hmacSha256 = new System.Security.Cryptography.HMACSHA256 {
                Key = Convert.FromBase64String(key)

            verb         = verb ?? string.Empty;
            resourceType = resourceType ?? string.Empty;
            resourceId   = resourceId ?? string.Empty;

            string payLoad = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n",

            byte[] hashPayLoad = hmacSha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(payLoad));
            string signature   = Convert.ToBase64String(hashPayLoad);

                                     "type=" + keyType + "&ver=" + tokenVersion + "&sig=" + signature)));
Exemple #9
 public void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)
     using (var hmac = new System.Security.Cryptography.HMACSHA256()) {
         passwordSalt = hmac.Key;
         passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
        public IHttpActionResult GetTokenExConfig()
            if (!Request.Headers.TryGetValues("Origin", out var originValues))
                return(BadRequest("Invalid request."));

            var timeStamp   = DateTime.Now.ToString("yyyyMMddHHmmss");
            var tokenScheme = "nTOKEN";

            var concatenatedInfo = $"{_tokenizationOptions.TokenizationId}|{originValues.First()}|{timeStamp}|{tokenScheme}";
            var hmac             = new System.Security.Cryptography.HMACSHA256
                Key = Encoding.UTF8.GetBytes(_tokenizationOptions.ClientSecretKey)
            var hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(concatenatedInfo));
            var authenticationKey = Convert.ToBase64String(hash);

            return(Ok(new TokenExIframeConfigModel
                TokenExID = _tokenizationOptions.TokenizationId,
                AuthenticationKey = authenticationKey,
                Timestamp = timeStamp,
                TokenScheme = tokenScheme
        public bool IsValid(string key, ILogger log)
            //are the fields properly populated?
            if (string.IsNullOrEmpty(this.expiry) || this.requestedResource == null || string.IsNullOrEmpty(this.signature) || string.IsNullOrEmpty(key))

            //is request expired?
            double expiryDouble;

            if (double.TryParse(this.expiry, out expiryDouble))
                if (expiryDouble < (DateTime.UtcNow - new DateTime(1970, 1, 1)).TotalSeconds)
                log.LogInformation("error parsing");

            string stringToSign = System.Web.HttpUtility.UrlEncode(this.requestedResource.ToString()) + "\n" + this.expiry;

            System.Security.Cryptography.HMACSHA256 hmac = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(key));
            string computedSignature = Convert.ToBase64String(hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(stringToSign)));

            return(string.Equals(this.signature, computedSignature));
Exemple #12
        /// <summary>
        /// Generates the signature for a string containing a LatitudePay request body in json format.
        /// </summary>
        /// <param name="jsonPayload">The json payload.</param>
        /// <remarks>
        /// <para>If <paramref name="jsonPayload"/> is null or an empty string then null is returned as the signature.</para>
        /// </remarks>
        /// <returns>A string containing the required signature.</returns>
        /// <exception cref="ObjectDisposedException">Thrown if <see cref="Dispose"/> has been called on this instance.</exception>
        public string?GenerateSignature(string jsonPayload)
            if (_IsDisposed)
                throw new ObjectDisposedException(nameof(LatitudePayHMACSHA256SignatureGenerator));
            if (String.IsNullOrEmpty(jsonPayload))

            //TODO: Lots of allocations going on here, should be improved.
            //Convert byte array to base 64 without converting to string
            //Use recyclable memory streams
            //Reuse/pool the string builder (or replace with a recycable memory stream etc)
            var normalisedPayload    = StripJsonFormatting(jsonPayload);
            var base64EncodedPayload = System.Convert.ToBase64String(normalisedPayload);
            var hashBytes            = _Hasher.ComputeHash(System.Text.UTF8Encoding.UTF8.GetBytes(base64EncodedPayload));

            var resultBuilder = new StringBuilder(hashBytes.Length * 2);

            foreach (var b in hashBytes)
                resultBuilder.Append(b.ToString("x2", System.Globalization.CultureInfo.InvariantCulture));
Exemple #13
 public static byte[] Compute(byte[] data, byte[] key)
     using (var hmacSha256 = new System.Security.Cryptography.HMACSHA256(key))
Exemple #14
 private void createPass(string password, out byte[] hashed, out byte[] salt)
     using (var hmac = new System.Security.Cryptography.HMACSHA256()){
         salt   = hmac.Key;
         hashed = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
Exemple #15
        private static string GenerateMasterKeyAuthorizationSignature(
            string verb,
            string resourceId,
            string resourceType,
            string key,
            string keyType,
            string tokenVersion,
            string dateTimeUtc)
            System.Security.Cryptography.HMACSHA256 hmacSha256 = new System.Security.Cryptography.HMACSHA256 {
                Key = Convert.FromBase64String(key)

            string payLoad = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n",

            byte[] hashPayLoad = hmacSha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(payLoad));
            string signature   = Convert.ToBase64String(hashPayLoad);

            return(System.Web.HttpUtility.UrlEncode(string.Format(System.Globalization.CultureInfo.InvariantCulture, "type={0}&ver={1}&sig={2}",
Exemple #16
         * https://www.cnblogs.com/lechengbo/p/9860711.html
         * /// <summary>
         * /// 创建jwtToken,采用微软内部方法,默认使用HS256加密,如果需要其他加密方式,请更改源码
         * /// 返回的结果和CreateToken一样
         * /// </summary>
         * /// <param name="payLoad"></param>
         * /// <param name="expiresMinute">有效分钟</param>
         * /// <returns></returns>
         * public static string CreateTokenByHandler(Dictionary<string, object> payLoad, int expiresMinute)
         * {
         *  var now = DateTime.UtcNow;
         *  // Specifically add the jti (random nonce), iat (issued timestamp), and sub (subject/user) claims.
         *  // You can add other claims here, if you want:
         *  var claims = new List<Claim>();
         *  foreach (var key in payLoad.Keys)
         *  {
         *      var tempClaim = new Claim(key, payLoad[key]?.ToString());
         *      claims.Add(tempClaim);
         *  }
         *  // Create the JWT and write it to a string
         *  var jwt = new JwtSecurityToken(
         *      issuer: null,
         *      audience: null,
         *      claims: claims,
         *      notBefore: now,
         *      expires: now.Add(TimeSpan.FromMinutes(expiresMinute)),
         *      signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes(securityKey)), SecurityAlgorithms.HmacSha256));
         *  var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
         *  return encodedJwt;
         * }
         *           /// <summary>
         * /// 获取jwt中的payLoad
         * /// </summary>
         * /// <param name="encodeJwt"></param>
         * /// <returns></returns>
         * public static Dictionary<string, object> GetPayLoad(string encodeJwt)
         * {
         *  var jwtArr = encodeJwt.Split('.');
         *  var payLoad = JsonConvert.DeserializeObject<Dictionary<string, object>>(Base64Decode(jwtArr[1]));
         *  return payLoad;
         * }

        /// <summary>
        /// 验证身份 验证签名的有效性,
        /// </summary>
        /// <param name="encodeJwt"></param>
        /// <param name="validatePayLoad">自定义各类验证; 是否包含那种申明,或者申明的值, </param>
        /// 例如:payLoad["aud"]?.ToString() == "roberAuddience";
        /// 例如:验证是否过期 等
        /// <returns></returns>
        public static bool Validate(string encodeJwt, Func <Dictionary <string, object>, bool> validatePayLoad)
            encodeJwt = encodeJwt.Replace("Bearer ", string.Empty);
            var success = true;
            var jwtArr  = encodeJwt.Split('.');
            //var header = JsonConvert.DeserializeObject<Dictionary<string, object>>(Base64Decode(jwtArr[0]));

            var hs256 = new System.Security.Cryptography.HMACSHA256(Encoding.ASCII.GetBytes(securityKey));

            success = success && string.Equals(jwtArr[2], Convert.ToBase64String(hs256.ComputeHash(Encoding.UTF8.GetBytes(string.Concat(jwtArr[0], ".", jwtArr[1])))));
            if (!success)
            var now = ToUnixEpochDate(DateTime.UtcNow);

            var payLoad = JsonConvert.DeserializeObject <Dictionary <string, object> >(Base64Decode(jwtArr[1]));

            success = success && (now >= long.Parse(payLoad["nbf"].ToString()) && now < long.Parse(payLoad["exp"].ToString()));

            //再其次 进行自定义的验证
            success = success && validatePayLoad(payLoad);

Exemple #17
        public static bool VerifyPasswordHash(string password, byte[] storedHash)
            if (password == null)
                throw new ArgumentNullException("password");
            if (string.IsNullOrWhiteSpace(password))
                throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
            if (storedHash.Length != 32)
                throw new ArgumentException("Invalid length of password hash (32 bytes expected).", "passwordHash");

            using (var hmac = new System.Security.Cryptography.HMACSHA256(salt))
                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
                for (int i = 0; i < computedHash.Length; i++)
                    if (computedHash[i] != storedHash[i])

Exemple #18
        public string GetSignature(string messageSignature)
            var signatureBytes = Encoding.UTF8.GetBytes(messageSignature);
            var SHA256         = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(StorageKey));

Exemple #19
        public static string AuthorizationHeader(string StorageAccount, string StorageKey, string method, DateTime now, HttpWebRequest request, bool IsTableStorage, string ifMatch = "", string md5 = "")
            if (string.IsNullOrEmpty(StorageAccount))
                throw new ArgumentNullException(StorageAccount);
            string MessageSignature;

            if (IsTableStorage)
                MessageSignature = String.Format("{0}\n\n{1}\n{2}\n{3}",
                    now.ToString("R", System.Globalization.CultureInfo.InvariantCulture),
                    GetCanonicalizedResource(request.RequestUri, StorageAccount, IsTableStorage)
                MessageSignature = String.Format("{0}\n\n\n{1}\n{5}\n\n\n\n{2}\n\n\n\n{3}{4}",
                    (method == "GET" || method == "HEAD") ? String.Empty : request.ContentLength.ToString(),
                    GetCanonicalizedResource(request.RequestUri, StorageAccount, IsTableStorage),
            byte[] SignatureBytes = System.Text.Encoding.UTF8.GetBytes(MessageSignature);
            System.Security.Cryptography.HMACSHA256 SHA256 = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(StorageKey));
            String AuthorizationHeader = "SharedKey " + StorageAccount + ":" + Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));
            return AuthorizationHeader;
Exemple #20
        public async Task <IActionResult> Run(
            [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "api/skyway")] HttpRequest req,
            ILogger log)
            string  requestBody = await new StreamReader(req.Body).ReadToEndAsync();
            dynamic data        = JsonConvert.DeserializeObject(requestBody);
            string  token       = data?.token;

            if (string.IsNullOrEmpty(token))
                return(new BadRequestResult());

            var uri  = new Uri(token.Replace("?", "/check.txt?"));
            var blob = new BlobClient(uri);

                await blob.DownloadAsync();
                return(new UnauthorizedResult());

            var timestamp = DateTimeOffset.Now.ToUnixTimeSeconds();
            var ttl       = 3600 * 3;
            var peerId    = Guid.NewGuid().ToString("n");

            using var hmac = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(_settings.SkyWaySecretKey));
            var authToken = hmac.ComputeHash(Encoding.UTF8.GetBytes($"{timestamp}:{ttl}:{peerId}"));

            return(new OkObjectResult(new { peerId, timestamp, ttl, authToken }));
        internal static string GenerateMasterKeyAuthorizationSignature(string utcDate, string verb, string resourceType, string resourceValue, string key, string keyType, string tokenVersion)
                var hmacSha256 = new System.Security.Cryptography.HMACSHA256 {
                    Key = Convert.FromBase64String(key)
                string payLoad = verb.ToLowerInvariant() + "\n" +
                                 (!String.IsNullOrWhiteSpace(resourceType) ? resourceType.ToLowerInvariant() : "") + "\n" +
                                 (!String.IsNullOrWhiteSpace(resourceValue) ? resourceValue : "") + "\n" +
                                 utcDate.ToLowerInvariant() + "\n\n";

                byte[] hashPayLoad = hmacSha256.ComputeHash(Encoding.UTF8.GetBytes(payLoad));
                string signature   = Convert.ToBase64String(hashPayLoad);
                                         "type=" + keyType + "&ver=" + tokenVersion + "&sig=" + signature)));
            catch (FormatException ex) // and UriFormatException
                throw new TinyDocDB_Exception("Error Generating the Authentication Signature.", ex);
            catch (EncoderFallbackException ex)
                throw new TinyDocDB_Exception("Error Generating the Authentication Signature.", ex);
            catch (ObjectDisposedException ex)
                throw new TinyDocDB_Exception("Error Generating the Authentication Signature.", ex);
            catch (ArgumentNullException ex)
                throw new TinyDocDB_Exception("Error Generating the Authentication Signature.", ex);
Exemple #22
        internal static string CreateAuthorizationSignature(string utcDate, string verb, string resourceType, string resourceValue, string key, string keyType, string tokenVersion)
                var hmacSha256 = new System.Security.Cryptography.HMACSHA256 {
                    Key = Convert.FromBase64String(key)

                verb          = verb ?? "";
                resourceType  = resourceType ?? "";
                resourceValue = resourceValue ?? "";

                string payLoad = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n",

                var    hashPayLoad = hmacSha256.ComputeHash(Encoding.UTF8.GetBytes(payLoad));
                string signature   = Convert.ToBase64String(hashPayLoad);
                return(Uri.EscapeDataString(String.Format(System.Globalization.CultureInfo.InvariantCulture, "type=" + keyType + "&ver=" + tokenVersion + "&sig=" + signature)));
            catch (Exception ex)
Exemple #23
        private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)
            if (storedHash.Length != 32)
            if (storedSalt.Length != 64)

            using (var hmac = new System.Security.Cryptography.HMACSHA256(storedSalt))
                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
                for (var i = 0; i < computedHash.Length; i++)
                    if (computedHash[i] != storedHash[i])

Exemple #24
        /// <summary>
        /// 创建jwttoken,源码自定义
        /// </summary>
        /// <param name="payLoad"></param>
        /// <param name="header"></param>
        /// <returns></returns>
        public static string CreateToken(Dictionary <string, object> payLoad, int expiresMinute, Dictionary <string, object> header = null)
            if (header == null)
                header = new Dictionary <string, object>(new List <KeyValuePair <string, object> >()
                    new KeyValuePair <string, object>("alg", "HS256"),
                    new KeyValuePair <string, object>("typ", "JWT")
            var now = DateTime.UtcNow;

            payLoad["nbf"] = ToUnixEpochDate(now);                                          //可用时间起始
            payLoad["exp"] = ToUnixEpochDate(now.Add(TimeSpan.FromMinutes(expiresMinute))); //可用时间结束

            var encodedHeader  = Convert.ToBase64String(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(header)));
            var encodedPayload = Convert.ToBase64String(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(payLoad)));

            var hs256            = new System.Security.Cryptography.HMACSHA256(Encoding.ASCII.GetBytes(securityKey));
            var encodedSignature = Convert.ToBase64String(hs256.ComputeHash(Encoding.UTF8.GetBytes(string.Concat(encodedHeader, ".", encodedPayload))));

            var encodedJwt = string.Concat(encodedHeader, ".", encodedPayload, ".", encodedSignature);

            return($"Bearer {encodedJwt}");
Exemple #25
        private static string CreateSignatureOfRequest(byte[] body)
                //string documentContents = "";
                //using (Stream receiveStream = request.InputStream)
                //    using (StreamReader readStream = new StreamReader(receiveStream, request.ContentEncoding))
                //    {
                //        documentContents = readStream.ReadToEnd();
                //    }

                byte[] key = Encoding.UTF8.GetBytes(Models.Constants.CHANNEL_SECRET);
                using (System.Security.Cryptography.HMACSHA256 hmac = new System.Security.Cryptography.HMACSHA256(key))
                    var hash = hmac.ComputeHash(body, 0, body.Length);
Exemple #26
        public string Cipher(string stringToCipher, string verb, string resourceType, string resourceId, string date)
            var hmacSha256 = new System.Security.Cryptography.HMACSHA256 {
                Key = Convert.FromBase64String(stringToCipher)

            //var date = DateTime.UtcNow.ToString("r");
            verb         = verb ?? "";
            resourceType = resourceType ?? "";
            resourceId   = resourceId ?? "";

            string payLoad = string.Format(System.Globalization.CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n",

            byte[] hashPayLoad = hmacSha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(payLoad));
            string signature   = Convert.ToBase64String(hashPayLoad);

            return(System.Net.WebUtility.UrlEncode(String.Format(System.Globalization.CultureInfo.InvariantCulture, "type={0}&ver={1}&sig={2}",
        public static string SignTheStringToSign(string stringToSign, string sharedKey)
            byte[] SignatureBytes = System.Text.Encoding.UTF8.GetBytes(stringToSign);
            System.Security.Cryptography.HMACSHA256 SHA256 = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(sharedKey));

		public static JObject DecodeFacebookRequest(string signed_request, Facebook.Apps app)
			string secret = Facebook.FacebookCommon.Common(app).Secret;
			var facebookData = new Dictionary<string, string>();

			var requestArray = signed_request.Split('.');

			var sig = Base64_Url_Decode(requestArray[0]);

			var dataString = Base64_Url_Decode(requestArray[1]);

			var data = JObject.Parse(dataString);

			var algo = data["algorithm"].ToString().Replace("\"", "");

			if (algo != "HMAC-SHA256")
				return null;

			var hmacsha256 = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(secret));

			var expected_sig = Encoding.UTF8.GetString(hmacsha256.Hash);

			if (sig != expected_sig)
				return null;

			return data;
        public Dictionary <string, string> gen_encodedHeaders()
            var payload = new global::Riminder.response.WebhookProfileParse()
                type    = global::Riminder.route.Webhook.EventNames.PROFILE_PARSE_SUCCESS,
                message = "Yey it's parsed ! :) (not actually a true message)",
                profile = new global::Riminder.response.WebhookProfile()
                    profile_id        = "some complicated id",
                    profile_reference = "some simple reference"
            var json_payload      = JsonConvert.SerializeObject(payload);
            var byte_json_payload = System.Text.Encoding.UTF8.GetBytes(json_payload);
            var byte_key          = System.Text.Encoding.UTF8.GetBytes(_webhook_key);

            var hasher = new System.Security.Cryptography.HMACSHA256(byte_key);

            var encoded_sign = hasher.ComputeHash(byte_json_payload);

            var b64_sign    = System.Convert.ToBase64String(encoded_sign);
            var b64_payload = System.Convert.ToBase64String(byte_json_payload);
            var res         = String.Concat(b64_sign, ".", b64_payload);

            return(new Dictionary <string, string>()
                { "HTTP-RIMINDER-SIGNATURE", res }
Exemple #30
        /// <summary>
        /// Verifies whether a plain text password matches the hashed password
        /// </summary>
        /// <param name="passwordSalt"></param>
        /// <param name="plainTextPassword"></param>
        /// <param name="passwordHash"></param>
        /// <returns></returns>
        public bool VerifyPasswordHash(byte[] passwordHash, byte[] passwordSalt, string plainTextPassword)
            if (passwordHash == null)
                throw new ArgumentNullException(nameof(passwordHash));

            if (passwordSalt == null)
                throw new ArgumentNullException(nameof(passwordSalt));

            if (string.IsNullOrEmpty(plainTextPassword))
                throw new ArgumentNullException(nameof(plainTextPassword));

            // pass the passwordSalt to obtain the secure key
            using (var hmac = new System.Security.Cryptography.HMACSHA256(passwordSalt))
                // password converted to a byte array so it can be hashed using the salt key above
                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(plainTextPassword));

                // compare each element in the computedHash byte array
                if (computedHash.Where((t, i) => t != passwordHash[i]).Any())

            // if all correct, return true
Exemple #31
        private static bool VerifyPasswordHash(string password, string storedHash, string storedSalt)
            byte[] byeHash  = Convert.FromBase64String(storedHash);
            byte[] byteSalt = Convert.FromBase64String(storedSalt);
            if (password == null)
                throw new ArgumentNullException("password");
            if (string.IsNullOrWhiteSpace(password))
                throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
            if (byeHash.Length != 32)
                throw new ArgumentException("Invalid length of password hash (62 bytes expected).", "passwordHash");
            if (byteSalt.Length != 64)
                throw new ArgumentException("Invalid length of password salt (64 bytes expected).", "passwordSalt");

            using (var hmac = new System.Security.Cryptography.HMACSHA256(byteSalt))
                var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
                for (int i = 0; i < computedHash.Length; i++)
                    if (computedHash[i] != byeHash[i])

Exemple #32
 /// <summary>
 /// Création d'un token HS256 HMAC AES
 /// </summary>
 /// <param name="payload">Données à signer</param>
 /// <param name="keyHs256">Clef UTF8</param>
 /// <returns></returns>
 public static string Encode(Dictionary <string, object> payload, string keyHs256)
         if (string.IsNullOrWhiteSpace(keyHs256))
             throw new Exception("Invalid Key for sign");
         byte[]        keyBytes   = Encoding.UTF8.GetBytes(keyHs256);
         List <string> segments   = new List <string>();
         const string  headerJson = "{\"alg\":\"HS256\",\"typ\": \"JWT\"}";
         //string payloadJson = Nglib.FILES.SERIAL.JsonTools.Serialize<Dictionary<string, object>>(payload);
         string payloadJson = FILES.SERIAL.JsonTools.SerializeDictionaryValues(payload);
         var    stringToSign = string.Join(".", segments.ToArray());
         var    bytesToSign  = Encoding.UTF8.GetBytes(stringToSign);
         var    sha          = new System.Security.Cryptography.HMACSHA256(keyBytes);
         byte[] signature    = sha.ComputeHash(bytesToSign);
         return(string.Join(".", segments.ToArray()));
     catch (Exception ex)
         throw new Exception("EncodeJWT " + ex.Message, ex);
Exemple #33
        public static bool ValidateSignature(string body, string signature, string secret)
            var hash = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(secret));
            var computedSignature = Convert.ToBase64String(hash.ComputeHash(Encoding.UTF8.GetBytes(body)));

            return(computedSignature == signature);
 public static string GenerateEventHash(string apiKey, string eventTime, string eventType)
     var keyBytes = Encoding.ASCII.GetBytes(apiKey);
     using (var hmac = new System.Security.Cryptography.HMACSHA256(keyBytes))
         var inputBytes = Encoding.ASCII.GetBytes(eventTime + eventType);
         var outputBytes = hmac.ComputeHash(inputBytes);
         return BitConverter.ToString(outputBytes).Replace("-", "").ToLower();
        public HttpResponseMessage Post([FromBody]TokenRequestModel model)
                var user = _repo.GetApiUsers().Where(u => u.AppId == model.ApiKey).FirstOrDefault();
                //if we actually have the user
                if (user != null)
                    var secret = user.Secret;

                    // Converting the secret to the raw version
                    var key = Convert.FromBase64String(secret);
                    var provider = new System.Security.Cryptography.HMACSHA256(key);
                    // Compute Hash from API Key (NOT SECURE)
                    var hash = provider.ComputeHash(Encoding.UTF8.GetBytes(user.AppId));
                    var signature = Convert.ToBase64String(hash);
                    //checking the signature with the user
                    if (signature == model.Signature)
                        var rawTokenInfo = string.Concat(user.AppId + DateTime.UtcNow.ToString("d"));
                        var rawTokenByte = Encoding.UTF8.GetBytes(rawTokenInfo);
                        var token = provider.ComputeHash(rawTokenByte);
                        var authToken = new AuthToken()
                            Token = Convert.ToBase64String(token),
                            Expiration = DateTime.UtcNow.AddDays(15),
                            ApiUser = user
                        if (_repo.Insert(authToken) && _repo.SaveAll())
                            return Request.CreateResponse(HttpStatusCode.Created, authToken);
                return Request.CreateErrorResponse(HttpStatusCode.BadRequest,"ERROR");

            return Request.CreateResponse(HttpStatusCode.BadRequest);
    public HttpResponseMessage Post([FromBody]TokenRequestModel model)
        var user = TheRepository.GetApiUsers().Where(u => u.AppId == model.ApiKey).FirstOrDefault();
        if (user != null)
          var secret = user.Secret;

          // Simplistic implementation DO NOT USE
          var key = Convert.FromBase64String(secret);
          var provider = new System.Security.Cryptography.HMACSHA256(key);
          // Compute Hash from API Key (NOT SECURE)
          var hash = provider.ComputeHash(Encoding.UTF8.GetBytes(user.AppId));
          var signature = Convert.ToBase64String(hash);

          if (signature == model.Signature)
            var rawTokenInfo = string.Concat(user.AppId + DateTime.UtcNow.ToString("d"));
            var rawTokenByte = Encoding.UTF8.GetBytes(rawTokenInfo);
            var token = provider.ComputeHash(rawTokenByte);
            var authToken = new AuthToken()
              Token = Convert.ToBase64String(token),
              Expiration = DateTime.UtcNow.AddDays(7),
              ApiUser = user
            if (TheRepository.Insert(authToken) && TheRepository.SaveAll())
              return Request.CreateResponse(HttpStatusCode.Created, TheModelFactory.Create(authToken));
      catch (Exception ex)
        return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex);

      return Request.CreateResponse(HttpStatusCode.BadRequest);
        public System.Security.Cryptography.HMACSHA256 HashSignature(ETextingDomainModel.ApiUser user, out string signature)
            var secret = user.Secret;

            // Simplistic implementation DO NOT USE
            var key = Convert.FromBase64String(secret);
            var provider = new System.Security.Cryptography.HMACSHA256(key);
            // Compute Hash from API Key (NOT SECURE)
            var hash = provider.ComputeHash(Encoding.UTF8.GetBytes(user.AppId));
            signature = Convert.ToBase64String(hash);
            return provider;
Exemple #38
 public static String CaculateHMAC(String key,String mesg)
     byte[] data = System.Text.Encoding.UTF8.GetBytes(mesg);
     byte[] keyData = System.Text.Encoding.UTF8.GetBytes(key);
     System.Security.Cryptography.HMACSHA256 hmac = new System.Security.Cryptography.HMACSHA256(keyData);
     byte[] bs = hmac.ComputeHash(data);
     return BitConverter.ToString(bs).ToLower().Replace("-", "");
Exemple #39
        public static string MakeBlobReadSignature(DateTime starttime, DateTime endtime,
            string account, string container, string blobname, string sharedKey)
            string stringtosign =
              starttime, endtime, account, container, blobname);
              byte[] signatureByteForm = System.Text.Encoding.UTF8.GetBytes(sharedKey );

              using (var hmac = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(sharedKey)))
              return Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringtosign)));
 private static string CreateToken(string message, string secret)
     // don't allow null secrets
     secret = secret ?? "";
     var encoding = new System.Text.ASCIIEncoding();
     byte[] keyByte = encoding.GetBytes(secret);
     byte[] messageBytes = encoding.GetBytes(message);
     using (var hmacsha256 = new System.Security.Cryptography.HMACSHA256(keyByte))
         byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
         return Convert.ToBase64String(hashmessage);
        protected internal static string GenerateNonce(AuthConfig config, DateTimeOffset httpRequestUTCDate)
            string content = config.ApiAccessKey + " " + httpRequestUTCDate.ToString(CultureInfo.CurrentCulture.DateTimeFormat.RFC1123Pattern);

            byte[] keyByte = System.Text.Encoding.UTF8.GetBytes(config.ApiSecretKey);
            var hmacsha256 = new System.Security.Cryptography.HMACSHA256(keyByte);

            byte[] messageBytes = System.Text.Encoding.UTF8.GetBytes(content);
            byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);

            string sbinary = "";
            for (int i = 0; i < hashmessage.Length; i++) sbinary += hashmessage[i].ToString("X2"); // hex format
            return sbinary;
        /// <summary>
        /// Generate Signature
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>

        public static string GenerateSignature(string data)
            string secret = "25eace5393646842f0d0c3fb2ac7d3cfa15c052436ee86b5406a8433f54d24a5";
            var secretBytes = Encoding.UTF8.GetBytes(secret);
            var dataBytes = Encoding.UTF8.GetBytes(data);
            string signature = "";

            using (var hmac = new System.Security.Cryptography.HMACSHA256(secretBytes))
                var hash = hmac.ComputeHash(dataBytes);
                for (int i = 0; i < hash.Length; i++)
                    signature += hash[i].ToString("x2");
            return signature;
Exemple #43
        public static void AddAzureAuthorizationHeaderLiteFromSharedKey(System.Net.HttpWebRequest req, string sharedKey)
            string StringToSign = req.Headers["x-ms-date"] + "\n";
            StringToSign += GenerateCanonicalizedResource(req.RequestUri);

            string signature = StringToSign;
            //System.Diagnostics.Trace.TraceInformation("GenerateAzureSignatureFromSharedKey: Generated signature: " + StringToSign);

            byte[] SignatureBytes = System.Text.Encoding.UTF8.GetBytes(signature);
            System.Security.Cryptography.HMACSHA256 SHA256 = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(sharedKey));

            string strHash2Base64 = Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));

            String AuthorizationHeader = "SharedKeyLite " + GetAccountNameFromUri(req.RequestUri) + ":" + strHash2Base64;

            req.Headers.Add("Authorization", AuthorizationHeader);
        /// <summary>
        /// Parses the signed request string.
        /// </summary>
        /// <param name="signedRequestValue">The encoded signed request value.</param>
        /// <returns>The valid signed request.</returns>
        protected internal FbmlFacebookSession ParseSignedRequest(string signedRequestValue, string secrect)
            string[] parts = signedRequestValue.Split('.');
            var encodedValue = parts[0];

            var sig = Base64UrlDecode(encodedValue);
            var payload = parts[1];

            using (var cryto = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(secrect)))
                var hash = Convert.ToBase64String(cryto.ComputeHash(Encoding.UTF8.GetBytes(payload)));
                var hashDecoded = Base64UrlDecode(hash);
                if (hashDecoded != sig)
                    return null;

            var payloadJson = Encoding.UTF8.GetString(Convert.FromBase64String(Base64UrlDecode(payload)));
            JavaScriptSerializer serializer = new JavaScriptSerializer();
            var data = (IDictionary<string, object>)serializer.DeserializeObject(payloadJson);
            var sessionKeyValue = PopulateFbmlSessionObject(data);
            return new FbmlFacebookSession(sessionKeyValue);
Exemple #45
        private void CompareBlocks(HmacAlg Algorithm)
            if (Algorithm == HmacAlg.Sha256Hmac)
                byte[] hashKey = new byte[32];
                byte[] buffer = new byte[640];
                byte[] hash1 = new byte[32];
                byte[] hash2 = new byte[32];

                using (System.Security.Cryptography.RNGCryptoServiceProvider rng = new System.Security.Cryptography.RNGCryptoServiceProvider())

                using (System.Security.Cryptography.HMACSHA256 hmac = new System.Security.Cryptography.HMACSHA256(hashKey))
                    hash1 = hmac.ComputeHash(buffer);

                // test 1: HMAC interface
                HMAC hmac1 = new HMAC(new SHA256Digest());
                hmac1.BlockUpdate(buffer, 0, buffer.Length);
                hmac1.DoFinal(hash2, 0);

                if (!Compare.AreEqual(hash2, hash1))
                    throw new Exception("hmac is not equal!");

                // test 2: class with dofinal
                using (SHA256HMAC hmac = new SHA256HMAC())
                    hmac.BlockUpdate(buffer, 0, buffer.Length);
                    hmac.DoFinal(hash2, 0);

                if (!Compare.AreEqual(hash2, hash1))
                    throw new Exception("hmac1 is not equal!");

                // test 3: class with computemac
                using (SHA256HMAC hmac = new SHA256HMAC(hashKey))
                    hash2 = hmac.ComputeMac(buffer);

                if (!Compare.AreEqual(hash2, hash1))
                    throw new Exception("hmac2 is not equal!");
                // SHA512 //
                byte[] hash1 = new byte[64];
                byte[] hash2 = new byte[64];
                byte[] hashKey = new byte[64];
                byte[] buffer = new byte[128];

                using (System.Security.Cryptography.RNGCryptoServiceProvider rng = new System.Security.Cryptography.RNGCryptoServiceProvider())

                using (System.Security.Cryptography.HMACSHA512 hmac = new System.Security.Cryptography.HMACSHA512(hashKey))
                    hash1 = hmac.ComputeHash(buffer);

                // test 1: HMAC interface
                HMAC hmac1 = new HMAC(new SHA512Digest());
                hmac1.BlockUpdate(buffer, 0, buffer.Length);
                hmac1.DoFinal(hash2, 0);

                if (!Compare.AreEqual(hash2, hash1))
                    throw new Exception("hmac1 is not equal!");

                // test 2: class with dofinal
                using (SHA512HMAC hmac = new SHA512HMAC())
                    hmac.BlockUpdate(buffer, 0, buffer.Length);
                    hmac.DoFinal(hash2, 0);

                if (!Compare.AreEqual(hash2, hash1))
                    throw new Exception("hmac1 is not equal!");

                // test 3: class with computemac
                using (SHA512HMAC hmac = new SHA512HMAC(hashKey))
                    hash2 = hmac.ComputeMac(buffer);

                if (!Compare.AreEqual(hash2, hash1))
                    throw new Exception("hmac2 is not equal!");
		private byte[] ComputeHandshakeDigest1(byte[] vec, byte[] key, int doffset)
			var msg = new byte[vec.Length-32];
			Array.Copy(vec, 0, msg, 0, doffset);
			Array.Copy(vec, doffset+32, msg, doffset, vec.Length-32-doffset);
			var hasher = new System.Security.Cryptography.HMACSHA256(key);
			return hasher.ComputeHash(msg);
Exemple #47
        public static string SignTheStringToSign(string stringToSign, string sharedKey)
            byte[] SignatureBytes = System.Text.Encoding.UTF8.GetBytes(stringToSign);
            System.Security.Cryptography.HMACSHA256 SHA256 = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(sharedKey));

            return Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));
		private byte[] ComputeHandshakeDigest2(byte[] keyvec, DigestPosition keypos, byte[] vec, byte[] key)
			var doffset = GetDigestOffset(keyvec, keypos);
			var hasher1 = new System.Security.Cryptography.HMACSHA256(key);
			var key2 = hasher1.ComputeHash(keyvec, doffset, 32);
			var hasher2 = new System.Security.Cryptography.HMACSHA256(key2);
			return hasher2.ComputeHash(vec, 0, vec.Length-32);
        public static string SharedKey(string Account, string signature)
            // Hash-based Message Authentication Code (HMAC) using SHA256 hash
            System.Security.Cryptography.HMACSHA256 hasher = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(GetSecret(Account)));

            byte[] hash = hasher.ComputeHash(Encoding.UTF8.GetBytes(signature));

            // return the Shared Key
            return "SharedKey " + Account + ":" + System.Convert.ToBase64String(hash);
Exemple #50
		public static byte[] PseudorandomFunction(byte[] secret, byte[] seed, int length)
			byte[] result = new byte[length];
			System.Security.Cryptography.HMACSHA256 hmac = new System.Security.Cryptography.HMACSHA256(secret);
			int iterations = (int)Math.Ceiling(length / (double)hmac.HashSize);
			byte[] dataToHash = seed;
			int offset = 0;
			for (int index = 0; index < iterations; index++)
				dataToHash = hmac.ComputeHash(dataToHash);
				hmac.TransformBlock(dataToHash, 0, dataToHash.Length, dataToHash, 0);
				byte[] hash = hmac.TransformFinalBlock(seed, 0, seed.Length);
				Buffer.BlockCopy(hash, 0, result, offset, Math.Min(hash.Length, length - offset));
				offset += hash.Length;
			return result;
 private static string CreateAuthorizationHeader(string canonicalizedstring, string sharedKeyAuthorizationScheme, string account, string applicationKey)
     string signature = string.Empty;
     using (System.Security.Cryptography.HMACSHA256 hmacSha256 = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(applicationKey)))
         Byte[] dataToHmac = System.Text.Encoding.UTF8.GetBytes(canonicalizedstring);
         signature = Convert.ToBase64String(hmacSha256.ComputeHash(dataToHmac));
     string authorizationHeader = string.Format(CultureInfo.InvariantCulture, "{0} {1}:{2}", sharedKeyAuthorizationScheme, account, signature);
     return authorizationHeader;
Exemple #52
 public static byte[] GenerateChallengeResponseBytes(byte[] challenge, byte[] sharedSecret)
     using (var hmac = new System.Security.Cryptography.HMACSHA256(sharedSecret)) {
         return hmac.ComputeHash(challenge);
Exemple #53
        public void TestRfc7515Example_A_1_1()
            string protectedSample = // From the RFC example
                    "{\"typ\":\"JWT\",\r\n" +
                    " \"alg\":\"HS256\"}";
            var protectedBytesExpected = new byte[] // From the RFC example
                123, 34, 116, 121, 112, 34, 58, 34, 74, 87, 84, 34, 44, 13, 10,
                32, 34, 97, 108, 103, 34, 58, 34, 72, 83, 50, 53, 54, 34, 125
            var protectedBytesActual = Encoding.UTF8.GetBytes(protectedSample);
            CollectionAssert.AreEqual(protectedBytesExpected, protectedBytesActual);
            string protectedB64uExpected = "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9"; // From the RFC example
            string protectedB64uActual = JOSE.JwsHelper.Base64UrlEncode(protectedBytesActual);
            Assert.AreEqual(protectedB64uExpected, protectedB64uActual);

            string payloadSample = // From the RFC example
                    "{\"iss\":\"joe\",\r\n" +
                    " \"exp\":1300819380,\r\n" +
                    " \"http://example.com/is_root\":true}";

            byte[] payloadBytesExpected = // From the RFC example
                123, 34, 105, 115, 115, 34, 58, 34, 106, 111, 101, 34, 44, 13, 10,
                32, 34, 101, 120, 112, 34, 58, 49, 51, 48, 48, 56, 49, 57, 51, 56,
                48, 44, 13, 10, 32, 34, 104, 116, 116, 112, 58, 47, 47, 101, 120, 97,
                109, 112, 108, 101, 46, 99, 111, 109, 47, 105, 115, 95, 114, 111,
                111, 116, 34, 58, 116, 114, 117, 101, 125
            byte[] payloadBytesActual = Encoding.UTF8.GetBytes(payloadSample);
            CollectionAssert.AreEqual(payloadBytesExpected, payloadBytesActual);

            string payloadB64uExpected = // From the RFC example
                    "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" +
            string payloadB64uActual = JOSE.JwsHelper.Base64UrlEncode(payloadBytesActual);
            Assert.AreEqual(payloadB64uExpected, payloadB64uActual);

            string signingInput = $"{protectedB64uActual}.{payloadB64uActual}";

            byte[] signingBytesExpected = // From the RFC example
                101, 121, 74, 48, 101, 88, 65, 105, 79, 105, 74, 75, 86, 49, 81,
                105, 76, 65, 48, 75, 73, 67, 74, 104, 98, 71, 99, 105, 79, 105, 74,
                73, 85, 122, 73, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51,
                77, 105, 79, 105, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67,
                74, 108, 101, 72, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84,
                107, 122, 79, 68, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100,
                72, 65, 54, 76, 121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76,
                109, 78, 118, 98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73,
                106, 112, 48, 99, 110, 86, 108, 102, 81
            byte[] signingBytesActual = Encoding.ASCII.GetBytes(signingInput);
            CollectionAssert.AreEqual(signingBytesExpected, signingBytesActual);

            // JSON Web Key (JWK) symmetric key from the RFC example:
            //   {"kty":"oct",
            //    "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75
            //         aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow"
            //   }
            byte[] symKey = JOSE.JwsHelper.Base64UrlDecode(
                    "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75" +
            byte[] hmacExpected = // From the RFC example:
                116, 24, 223, 180, 151, 153, 224, 37, 79, 250, 96, 125, 216, 173,
                187, 186, 22, 212, 37, 77, 105, 214, 191, 240, 91, 88, 5, 88, 83,
                132, 141, 121
            byte[] hmacActual;
            using (var hmacAlgor = new System.Security.Cryptography.HMACSHA256(symKey))
                hmacActual = hmacAlgor.ComputeHash(signingBytesActual);
            CollectionAssert.AreEqual(hmacExpected, hmacActual);

            string hmacB64uExpected = "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"; // From RFC example
            string hmacB64uActual = JOSE.JwsHelper.Base64UrlEncode(hmacActual);
            Assert.AreEqual(hmacB64uExpected, hmacB64uActual);

            string jwsSigExpected = // From RFC example
                    "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9" +
                    ".eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" +
                    "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ" +
            string jwsSigActual = $"{protectedB64uActual}.{payloadB64uActual}.{hmacB64uActual}";
            Assert.AreEqual(jwsSigExpected, jwsSigActual);
Exemple #54
 private string signMessage(string message)
     var hmac = new System.Security.Cryptography.HMACSHA256(System.Text.ASCIIEncoding.ASCII.GetBytes(g_apiInformation["sig_key"]));
     return BitConverter.ToString(
     ).Replace("-", string.Empty);
Exemple #55
 // Hash Encryption
 public static string hashHmac(string input, string key)
     byte[] keyBytes = System.Text.Encoding.ASCII.GetBytes(key);
     System.Security.Cryptography.HMACSHA256 hashmac = new System.Security.Cryptography.HMACSHA256(keyBytes);
     byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
     hashmac.Key = keyBytes;
     byte[] hash = hashmac.ComputeHash(inputBytes);
     return Convert.ToBase64String(hash);
Exemple #56
        /// <summary>
        /// 站内应用使用SignedRequest获取AccessToken
        /// </summary>
        /// <param name="signedRequest">SignedRequest</param>
        /// <returns></returns>
        public AccessToken GetAccessTokenBySignedRequest(string signedRequest)
            string[] parameters = signedRequest.Split('.');
            if (parameters.Length < 2)
                throw new Exception("SignedRequest格式错误。");
            var encodedSig = parameters[0];
            var payload = parameters[1];
            var sha256 = new System.Security.Cryptography.HMACSHA256(Encoding.UTF8.GetBytes(AppSecret));
            var expectedSig = Convert.ToBase64String(sha256.ComputeHash(Encoding.UTF8.GetBytes(payload)));

            encodedSig = parameters[0].Length % 4 == 0 ? parameters[0] : parameters[0].PadRight(parameters[0].Length + (4 - parameters[0].Length % 4), '=').Replace("-", "+").Replace("_", "/");
            payload = parameters[1].Length % 4 == 0 ? parameters[1] : parameters[1].PadRight(parameters[1].Length + (4 - parameters[1].Length % 4), '=').Replace("-", "+").Replace("_", "/");

            if(encodedSig != expectedSig)
                throw new WeiboException("SignedRequest签名验证失败。");
            var result = JObject.Parse(Encoding.UTF8.GetString(Convert.FromBase64String(payload)));

            if (result["oauth_token"] == null)
                return null;//throw new WeiboException("没有获取到授权信息,请先进行授权。");

            AccessToken token = new AccessToken();
            AccessToken = token.Token = result["oauth_token"].ToString();

            token.UID = result["user_id"].ToString();
            token.ExpiresIn = Convert.ToInt32(result["expires"].ToString());
            return token;
        public string CreateSharedKeyAuth(string method, string resource, string contentMD5, DateTime requestDate, HttpClient client, string contentType, Authentication auth)
            Hashtable ht = new Hashtable();
               StringBuilder sbHdrs = new StringBuilder();
               StringBuilder sbHeader = new StringBuilder();
               string rtn = string.Empty;
               //string fmtStringToSign = "{0}\n{1}\n{2}\n{3:R}\n{4}{5}";

               //string hdr = CanonicalizeHeaders(client.RequestHeaders);
               //string authValue = string.Format(fmtStringToSign, method, contentMD5, contentType, "", hdr, resource);
             // support for 2009-09-09 version
               string contentEncoding = string.Empty;
               string contentLanguage = string.Empty;
               string dateForSigning = string.Empty;
               string ifModifiedSince = string.Empty;// client.IfModifiedSince.ToString();
               string ifMatch = string.Empty;
               string ifNoneMatch = string.Empty;
               string ifUnmodifiedSince = string.Empty;
               string rangeForSigning = string.Empty;
               string clientContentLength = string.Empty;
               string clientContentType = string.Empty;

               if (client.RequestHeaders["if-match"] != null)// && client.Headers["if-match"] != "*")
             ifMatch = client.RequestHeaders["if-match"].ToString();
               if (client.RequestHeaders["if-none-match"] != null)
             ifNoneMatch = client.RequestHeaders["if-none-match"].ToString();
               if (client.RequestHeaders["if-unmodified-since"] != null)
             ifUnmodifiedSince = client.RequestHeaders["if-unmodified-since"].ToString();
               //if (client.ResponseLength> 0 || method != "GET")
               //  clientContentLength = client.ResponseLength.ToString();

               //if (client.ContentType != null)
               //  clientContentType = client.ContentType.ToString();

               //string fmtStringToSign = "{0}\n{1}\n{2}\n{3:R}\n{4}{5}";
               string fmtStringToSign = "{0}\n{1}\n{2}\n{3}\n{4}\n{5}\n{6}\n{7}\n{8}\n{9}\n{10}\n{11}\n{12}{13}";
               string hdrs = CanonicalizeHeaders(client.RequestHeaders);
               //string authValue = string.Format(fmtStringToSign, method, contentMD5, client.ContentType, "", hdrs, resource);
               string authValue = string.Format(fmtStringToSign, method, contentEncoding,contentLanguage,clientContentLength, contentMD5, clientContentType,
             dateForSigning, ifModifiedSince, ifMatch,ifNoneMatch,ifUnmodifiedSince,rangeForSigning, hdrs, resource);
               byte[] signatureByteForm = System.Text.Encoding.UTF8.GetBytes(authValue);

               System.Security.Cryptography.HMACSHA256 hasher = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(auth.SharedKey));

               // Now build the Authorization header
               String authHeader = String.Format(CultureInfo.InvariantCulture,
                              "{0} {1}:{2}",

               rtn = authHeader;

               return rtn;
Exemple #58
        public void GetSwf()
                // check if we can retrieve
                if (string.IsNullOrEmpty(swfUrl)) return;
                Uri swfUri = new Uri(swfUrl);

                if (swfCache.ContainsKey(swfUrl))
                    SWFHash = swfCache[swfUrl].Hash;
                    SWFSize = swfCache[swfUrl].Size;
                    // get the swf file from the web
                    HttpWebRequest request = WebRequest.Create(swfUri) as HttpWebRequest;
                    if (request == null) return;
                    request.Accept = "*/*";
                    request.Headers.Add(HttpRequestHeader.AcceptEncoding, "gzip,deflate");
                    request.Timeout = 5000; // don't wait longer than 5 seconds
                    HttpWebResponse response = (HttpWebResponse)request.GetResponse();
                    System.IO.Stream responseStream;
                    if (response.ContentEncoding.ToLower().Contains("gzip"))
                        responseStream = new System.IO.Compression.GZipStream(response.GetResponseStream(), System.IO.Compression.CompressionMode.Decompress);
                    else if (response.ContentEncoding.ToLower().Contains("deflate"))
                        responseStream = new System.IO.Compression.DeflateStream(response.GetResponseStream(), System.IO.Compression.CompressionMode.Decompress);
                        responseStream = response.GetResponseStream();

                    byte[] tempBuff = new byte[1024 * 1024 * 10];
                    int bytesRead = 0;
                    int totalBytesRead = 0;
                    while ((bytesRead = responseStream.Read(tempBuff, totalBytesRead, tempBuff.Length - totalBytesRead)) > 0)
                        totalBytesRead += bytesRead;
                    byte[] buff = new byte[totalBytesRead];
                    Array.Copy(tempBuff, buff, totalBytesRead);

                    MemoryStream ms = new MemoryStream(buff);
                    BinaryReader br = new BinaryReader(ms);
                    // compressed swf?
                    if (br.PeekChar() == 'C')
                        // read size
                        br.BaseStream.Position = 4; // skip signature
                        SWFSize = Convert.ToInt32(br.ReadUInt32());
                        // read swf head
                        byte[] uncompressed = new byte[SWFSize];
                        br.BaseStream.Position = 0;
                        br.Read(uncompressed, 0, 8); // header data is not compressed
                        uncompressed[0] = System.Text.Encoding.ASCII.GetBytes(new char[] { 'F' })[0];
                        // un-zip
                        byte[] compressed = br.ReadBytes(SWFSize);
                        Ionic.Zlib.ZlibStream dStream = new Ionic.Zlib.ZlibStream(new MemoryStream(compressed), Ionic.Zlib.CompressionMode.Decompress);
                        int read = dStream.Read(uncompressed, 8, SWFSize - 8);

                        byte[] finalUncompressed = new byte[8 + read];
                        Array.Copy(uncompressed, finalUncompressed, 8 + read);
                        buff = finalUncompressed;
                    System.Security.Cryptography.HMACSHA256 sha256Hmac = new System.Security.Cryptography.HMACSHA256(System.Text.Encoding.ASCII.GetBytes("Genuine Adobe Flash Player 001"));
                    SWFHash = sha256Hmac.ComputeHash(buff);
                    Logger.Log(string.Format("Size of decompressed SWF: {0}, Hash:", SWFSize));
                    Logger.LogHex(SWFHash, 0, SWFHash.Length);
                    swfCache.Add(swfUrl, new SwFInfo() { Hash = SWFHash, Size = SWFSize, Time = DateTime.Now });
            catch (Exception ex)
                Logger.Log(string.Format("Error while getting swf ({0}): {1}", swfUrl, ex.Message));
        private void SetAuthorizationHeader()
            // Now sign the request
            // For a blob, you need to use this Canonical form:
            //  VERB + "\n" +
            //  Content - MD5 + "\n" +
            //  Content - Type + "\n" +
            //  Date + "\n" +
            //  CanonicalizedHeaders +
            //  CanonicalizedResource;

            StringBuilder signature = new StringBuilder();

            // Verb
            signature.Append(String.Format("{0}{1}", this.request.Method, "\n"));

            // Content-MD5 Header

            // Content-Type Header

            // Then Date, if we have already added the x-ms-date header, leave this null

            // Now for CanonicalizedHeaders
            // TODO: Replace with LINQ statement
            foreach (string header in this.request.Headers)
                if (header.StartsWith("x-ms"))
                    signature.Append(String.Format("{0}:{1}\n", header, this.request.Headers[header]));

            // Now for CanonicalizedResource
            // Format is /{0}/{1} where 0 is name of the account and 1 is resources URI path
            // Also make sure any comp query params are included
            signature.Append(String.Format("/{0}{1}", this.storageEndpoint.Account, GetCanonicalizedResourceURI()));

            // Next, we need to encode our signature using the HMAC-SHA256 algorithm
            byte[] signatureByteForm = System.Text.Encoding.UTF8.GetBytes(signature.ToString());

            System.Security.Cryptography.HMACSHA256 hasher = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(this.storageEndpoint.Key));

            // Now build the Authorization header
            String authHeader = String.Format(CultureInfo.InvariantCulture,
                                       "{0} {1}:{2}",

            // And add the Authorization header to the request
            this.request.Headers.Add("Authorization", authHeader);
        public string AuthorizationHeader(string method, string date, HttpWebRequest request, string ifMatch = "", string md5 = "")
            string MessageSignature;

            if (IsTableStorage)
                if (radioButton4.Checked)
                    MessageSignature = String.Format("{0}\n\n{1}\n{2}\n{3}",
                    now.ToString("R", System.Globalization.CultureInfo.InvariantCulture),
                    GetCanonicalizedResource(request.RequestUri, storageAccount)
                    //MessageSignature = String.Format("{0}\n{1}\n{2}\n{3}\n{4}",
                    //    method,
                    //    md5,
                    //    "application/atom+xml",
                    //    date,
                    //    GetCanonicalizedResource(request.RequestUri, storageAccount)
                    //    );
                    MessageSignature = String.Format("{0}\n{1}\n{2}",
                        GetCanonicalizedResource(request.RequestUri, storageAccount)
                if (radioButton4.Checked)
                    MessageSignature = String.Format("{0}\n\n\n{1}\n{5}\n\n\n\n{2}\n\n\n\n{3}{4}",
                    (method == "GET" || method == "HEAD") ? String.Empty : request.ContentLength > 0? request.ContentLength.ToString():String.Empty,
                    GetCanonicalizedResource(request.RequestUri, storageAccount),
                    //MessageSignature = String.Format("{0}\n\n\n{1}\n{2}\n\n{3}\n\n{4}\n\n\n\n{5}{6}",
                    //    method,
                    //    (method == "GET" || method == "HEAD") ? String.Empty : request.ContentLength.ToString(),
                    //    md5,
                    //    date,
                    //    ifMatch,
                    //    GetCanonicalizedHeaders(request),
                    //    GetCanonicalizedResource(request.RequestUri, storageAccount)

                    //    );
                    MessageSignature = String.Format("{0}\n{1}\n{2}\n{3}\n{4}{5}",
                        "text/plain; charset=UTF-8",
                        GetCanonicalizedResource(request.RequestUri, storageAccount)

            byte[] SignatureBytes = System.Text.Encoding.UTF8.GetBytes(MessageSignature);
            System.Security.Cryptography.HMACSHA256 SHA256 = new System.Security.Cryptography.HMACSHA256(Convert.FromBase64String(storageKey));
            String AuthorizationHeader = storageAccount + ":" + Convert.ToBase64String(SHA256.ComputeHash(SignatureBytes));
            if (radioButton4.Checked)
                AuthorizationHeader = "SharedKey " + AuthorizationHeader;
                AuthorizationHeader = "SharedKey Lite " + AuthorizationHeader;
            return AuthorizationHeader;