internal static IPrivateKeyProvider Create(
IPublicKeyDataProvider publicKeyDataProvider,
TimeSpan keyLifetime,
TimeSpan keyRotationPeriod,
CngAlgorithm algorithm,
IDateTimeProvider dateTimeProvider = null
)
{
if (keyLifetime < keyRotationPeriod)
{
throw new ArgumentException("Private key lifetime must exceed the rotation period", "keyLifetime");
}
dateTimeProvider = dateTimeProvider ?? DateTimeProvider.Instance;
ID2LSecurityTokenFactory d2lSecurityTokenFactory = new D2LSecurityTokenFactory(
dateTimeProvider,
keyLifetime
);
IPrivateKeyProvider privateKeyProvider = new EcDsaPrivateKeyProvider(
d2lSecurityTokenFactory,
algorithm
);
privateKeyProvider = new SavingPrivateKeyProvider(
privateKeyProvider,
PublicKeyDataProviderFactory.CreateInternal(publicKeyDataProvider)
);
privateKeyProvider = new RotatingPrivateKeyProvider(
privateKeyProvider,
dateTimeProvider,
keyRotationPeriod
);
return(privateKeyProvider);
}
public async Task FromJson_GeneratedECKeyRoundTrips() {
IPrivateKeyProvider privateKeyProvider = new EcDsaPrivateKeyProvider(
new D2LSecurityTokenFactory(
new DateTimeProvider(),
TimeSpan.FromHours( 1 )
),
CngAlgorithm.ECDsaP256
);
JsonWebKey expectedKey;
using( D2LSecurityToken token = await privateKeyProvider.GetSigningCredentialsAsync().SafeAsync() ) {
expectedKey = token.ToJsonWebKey();
}
string expectedJson = JsonConvert.SerializeObject( expectedKey.ToJwkDto() );
JsonWebKey actualKey = JsonWebKey.FromJson( expectedJson );
string actualJson = JsonConvert.SerializeObject( actualKey.ToJwkDto() );
Assert.AreEqual( expectedKey.Id, actualKey.Id );
Assert.AreEqual( (long)expectedKey.ExpiresAt.Value.TimeSinceUnixEpoch().TotalSeconds, (long)actualKey.ExpiresAt.Value.TimeSinceUnixEpoch().TotalSeconds );
Assert.AreEqual( expectedJson, actualJson );
}