public void TestDecodeUnknown() { EncryptMessage msg = new EncryptMessage(); msg.AddAttribute(HeaderKeys.Algorithm, AlgorithmValues.AES_GCM_128, Attributes.PROTECTED); // msg.AddAttribute(HeaderKeys.IV, CBORObject.FromObject(rgbIV96), Attributes.PROTECTED); msg.SetContent(rgbContent); CBORObject obj = CBORObject.NewMap(); obj.Add("kty", "oct"); obj.Add("k", Encoding.UTF8.GetString(Base64.Encode(rgbKey128))); JWK key = new JWK(obj); Recipient recipient = new Recipient(key, "dir"); msg.AddRecipient(recipient); string rgbMsg = msg.Encode(); JoseException e = Assert.ThrowsException <JoseException>(() => msg = (EncryptMessage)Message.DecodeFromString(rgbMsg)); Assert.AreEqual(e.Message, ("Message was not tagged and no default tagging option given")); }
public void EncryptCompressed() { string msg = "Ths is some content"; EncryptMessage encryptMessage = new EncryptMessage(); encryptMessage.SetContent(msg); JWK encryptionKey = JWK.GenerateKey("A128GCM"); // encryptMessage.AddAttribute(HeaderKeys.EncryptionAlgorithm, CBORObject.FromObject(EncryptionAlgorithm), Attributes.PROTECTED); Recipient recipient = new Recipient(encryptionKey); encryptMessage.AddRecipient(recipient); // recipient.ClearUnprotected(); if (recipient.RecipientType == RecipientType.Direct && encryptionKey.ContainsName("alg")) { encryptMessage.AddAttribute("enc", encryptionKey.AsString("alg"), Attributes.PROTECTED); } else { encryptMessage.AddAttribute("enc", "A128GCM", Attributes.PROTECTED); } msg = encryptMessage.EncodeCompressed(); }
static Signer GetSigner(CBORObject control) { CBORObject alg = GetAttribute(control, "alg"); if (control.ContainsKey("alg")) { control.Remove(CBORObject.FromObject("alg")); } JWK key = GetKey(control["key"]); Signer signer; signer = new Signer(key, alg.AsString()); if (control.ContainsKey("protected")) { AddAttributes(signer, control["protected"], 0); } if (control.ContainsKey("unprotected")) { AddAttributes(signer, control["unprotected"], 1); } if (control.ContainsKey("unsent")) { AddAttributes(signer, control["unsent"], 2); } return(signer); }
public void ImportFails() { JWK jwk = new JWK() { Key = JsonWebKeyTest.CreateRSA() }; JWT.Encode("payload", jwk.Key, JwsAlgorithm.RS256); var map = JWT.DefaultSettings .JwkAlgorithmFromKey(jwk.Key) .Serialize(jwk, true); map.Remove("p"); map.Remove("q"); map.Remove("dp"); map.Remove("dq"); map.Remove("qi"); string json = JWT.DefaultSettings .JsonMapper .Serialize(map); Console.WriteLine(json); jwk = JWK.Parse(json); // cannot import RSA private key with only n, e and d JWT.Encode("payload", jwk.Key, JwsAlgorithm.RS256); }
public void A1() { const string TOKEN = "" + "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0" + "." + "QR1Owv2ug2WyPBnbQrRARTeEk9kDO2w8qDcjiHnSJflSdv1iNqhWXaKH4MqAkQtM" + "oNfABIPJaZm0HaA415sv3aeuBWnD8J-Ui7Ah6cWafs3ZwwFKDFUUsWHSK-IPKxLG" + "TkND09XyjORj_CHAgOPJ-Sd8ONQRnJvWn_hXV1BNMHzUjPyYwEsRhDhzjAD26ima" + "sOTsgruobpYGoQcXUwFDn7moXPRfDE8-NoQX7N7ZYMmpUDkR-Cx9obNGwJQ3nM52" + "YCitxoQVPzjbl7WBuB7AohdBoZOdZ24WlN1lVIeh8v1K4krB8xgKvRU8kgFrEn_a" + "1rZgN5TiysnmzTROF869lQ" + "." + "AxY8DCtDaGlsbGljb3RoZQ" + "." + "MKOle7UQrG6nSxTLX6Mqwt0orbHvAKeWnDYvpIAeZ72deHxz3roJDXQyhxx0wKaM" + "HDjUEOKIwrtkHthpqEanSBNYHZgmNOV7sln1Eu9g3J8" + "." + "fiK51VwhsxJ-siBMR-YFiA"; const string PAYLOAD = "" + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"; string json = Helpers.ReadResource(typeof(RFC7516_A_JWE_Examples), "RFC7516_A2.json"); Assert.NotNull(json); var jwk = JWK.Parse(json); Assert.NotNull(jwk); var s = JWT.Decode(TOKEN, jwk.Key); Assert.Equal(Encoding.UTF8.GetString(Base64Url.Decode(PAYLOAD)), s); }
public void JWKWithRSA512SignatureCanBeSerialized() { var keyUse = PublicKeyUse.Signature; var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature }); var algorithm = Algorithm.RS512; var jwk = new JWK(algorithm, keyUse, keyOperations); string jwkString = jwk.Export(true); var parsedJWK = JObject.Parse(jwkString); parsedJWK.TryGetValue("kty", out var _).Should().BeTrue(); parsedJWK.TryGetValue("alg", out var _).Should().BeTrue(); parsedJWK.TryGetValue("use", out var _).Should().BeTrue(); parsedJWK.TryGetValue("kid", out var _).Should().BeTrue(); parsedJWK.TryGetValue("n", out var _).Should().BeTrue(); parsedJWK.TryGetValue("e", out var _).Should().BeTrue(); parsedJWK.TryGetValue("d", out var _).Should().BeTrue(); parsedJWK.TryGetValue("p", out var _).Should().BeTrue(); parsedJWK.TryGetValue("q", out var _).Should().BeTrue(); parsedJWK.TryGetValue("dq", out var _).Should().BeTrue(); parsedJWK.TryGetValue("dp", out var _).Should().BeTrue(); parsedJWK.TryGetValue("qi", out var _).Should().BeTrue(); parsedJWK.GetValue("kty").ToString().Should().Be("RSA"); parsedJWK.GetValue("alg").ToString().Should().Be(Algorithm.RS512.Name); parsedJWK.GetValue("use").ToString().Should().Be(PublicKeyUse.Signature.KeyUse); parsedJWK.GetValue("key_ops").Values <string>().Count().Should().Be(2); parsedJWK.GetValue("key_ops").Values <string>().Should().BeEquivalentTo(new[] { KeyOperation.ComputeDigitalSignature.Operation, KeyOperation.VerifyDigitalSignature.Operation }); }
public void JWKWithECKeyRoundTrip() { KeyType keyType = KeyType.EllipticCurve; PublicKeyUse keyUse = PublicKeyUse.Signature; var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature }); Algorithm algorithm = Algorithm.ES256; var keyParameters = new Dictionary <KeyParameter, string> { { ECKeyParameterCRV, "curveName" }, { ECKeyParameterX, "publicKeyX" }, { ECKeyParameterY, "publicKeyY" }, { ECKeyParameterD, "privateKeyD" } }; JWK jwk = new JWK(keyType, keyParameters, keyUse, keyOperations, algorithm, "test"); string jwkString = jwk.Export(true); var parsedJWK = JObject.Parse(jwkString); parsedJWK.GetValue("crv").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterCRV)); parsedJWK.GetValue("x").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterX)); parsedJWK.GetValue("y").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterY)); parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterD)); parsedJWK.GetValue("kid").ToString().Should().Be("test"); jwk = new JWK(jwkString); jwk.KeyType.Should().Be(keyType); jwk.PublicKeyUse.Should().Be(keyUse); jwk.KeyOperations.Should().BeEquivalentTo(keyOperations); jwk.Algorithm.Should().Be(algorithm); jwk.KeyParameters.Should().BeEquivalentTo(keyParameters); }
public void A1() { const string TOKEN = "" + "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ" + "." + "OKOawDo13gRp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JGe" + "ipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDb" + "Sv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaV" + "mqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je8" + "1860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi" + "6UklfCpIMfIjf7iGdXKHzg" + "." + "48V1_ALb6US04U3b" + "." + "5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6ji" + "SdiwkIr3ajwQzaBtQD_A" + "." + "XFBoMYUZodetZdvTiFvSkQ"; string json = this.GetResource("RFC7516_A1.json"); Assert.NotNull(json); var jwk = JWK.Parse(json); Assert.NotNull(jwk); var s = JWT.Decode(TOKEN, jwk.Key); Assert.Equal("The true sign of intelligence is not knowledge but imagination.", s); }
public void A2() { const string TOKEN = "" + "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0" + "." + "UGhIOguC7IuEvf_NPVaXsGMoLOmwvc1GyqlIKOK1nN94nHPoltGRhWhw7Zx0-kFm" + "1NJn8LE9XShH59_i8J0PH5ZZyNfGy2xGdULU7sHNF6Gp2vPLgNZ__deLKxGHZ7Pc" + "HALUzoOegEI-8E66jX2E4zyJKx-YxzZIItRzC5hlRirb6Y5Cl_p-ko3YvkkysZIF" + "NPccxRU7qve1WYPxqbb2Yw8kZqa2rMWI5ng8OtvzlV7elprCbuPhcCdZ6XDP0_F8" + "rkXds2vE4X-ncOIM8hAYHHi29NX0mcKiRaD0-D-ljQTP-cFPgwCp6X-nZZd9OHBv" + "-B3oWh2TbqmScqXMR4gp_A" + "." + "AxY8DCtDaGlsbGljb3RoZQ" + "." + "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY" + "." + "9hH0vgRfYgPnAHOd8stkvw"; string json = this.GetResource("RFC7516_A2.json"); Assert.NotNull(json); var jwk = JWK.Parse(json); Assert.NotNull(jwk); var s = JWT.Decode(TOKEN, jwk.Key); Assert.Equal("Live long and prosper.", s); }
public void JWKWithAESKeyParametersCanBeCreated() { KeyType keyType = KeyType.RSA; PublicKeyUse keyUse = PublicKeyUse.Signature; var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature }); Algorithm algorithm = Algorithm.ES256; var keyParameters = new Dictionary <KeyParameter, string> { { RSAKeyParameterN, "modulus" }, { RSAKeyParameterE, "exponent" }, { RSAKeyParameterD, "privateExponent" }, { RSAKeyParameterP, "firstPrimeFactor" }, { RSAKeyParameterQ, "secondPrimeFactor" }, { RSAKeyParameterDP, "firstFactorCRTExponent" }, { RSAKeyParameterDQ, "secondFactorCRTExponent" }, { RSAKeyParameterQI, "firstCRTCoefficient" } }; JWK jwk = new JWK(keyType, keyParameters, keyUse, keyOperations, algorithm, "test"); string jwkString = jwk.Export(true); var parsedJWK = JObject.Parse(jwkString); parsedJWK.GetValue("n").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterN)); parsedJWK.GetValue("e").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterE)); parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterD)); parsedJWK.GetValue("p").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterP)); parsedJWK.GetValue("q").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterQ)); parsedJWK.GetValue("dp").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterDP)); parsedJWK.GetValue("dq").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterDQ)); parsedJWK.GetValue("qi").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterQI)); parsedJWK.GetValue("kid").ToString().Should().Be("test"); }
public void JWKCheckECPrivateKeyParametersExport() { PublicKeyUse keyUse = PublicKeyUse.Signature; var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature }); Algorithm algorithm = Algorithm.ES256; JWK jwk = new JWK(algorithm, keyUse, keyOperations); string jwkString = jwk.Export(false); var parsedJWK = JObject.Parse(jwkString); parsedJWK.TryGetValue("kty", out var _).Should().BeTrue(); parsedJWK.TryGetValue("alg", out var _).Should().BeTrue(); parsedJWK.TryGetValue("use", out var _).Should().BeTrue(); parsedJWK.TryGetValue("kid", out var _).Should().BeTrue(); parsedJWK.TryGetValue("crv", out var _).Should().BeTrue(); parsedJWK.TryGetValue("x", out var _).Should().BeTrue(); parsedJWK.TryGetValue("y", out var _).Should().BeTrue(); parsedJWK.TryGetValue("d", out var _).Should().BeFalse(); parsedJWK.GetValue("kty").ToString().Should().Be("EC"); parsedJWK.GetValue("alg").ToString().Should().Be(Algorithm.ES256.Name); parsedJWK.GetValue("use").ToString().Should().Be(PublicKeyUse.Signature.KeyUse); parsedJWK.GetValue("key_ops").Values <string>().Count().Should().Be(2); parsedJWK.GetValue("key_ops").Values <string>().Should().BeEquivalentTo(new[] { KeyOperation.ComputeDigitalSignature.Operation, KeyOperation.VerifyDigitalSignature.Operation }); }
public object SerializeSignedObject() { object token = null; if (Payload == null) { throw new ArgumentException("Payload must be set before the token can be created and signed."); } JWK jwk = null; string kid = null; if (string.IsNullOrEmpty(_kid)) { //Create the JWK jwk = new JWK() { e = Base64Tool.Encode(_rsaParameters.Exponent), kty = "RSA", n = Base64Tool.Encode(_rsaParameters.Modulus) }; } else { kid = _kid; } //Create the Protected Header PROTECTED @protected = new PROTECTED() { alg = "RS256", jwk = jwk, kid = kid, nonce = _nonce, url = _directory }; //Encode jwk and payload string encodedProtected = Base64Tool.Encode(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(@protected, Formatting.None))); string encodedPayload = Base64Tool.Encode(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(Payload, Formatting.None))); //Sign Token string sigBase = $"{encodedProtected}.{encodedPayload}"; byte[] sigBytes = Encoding.ASCII.GetBytes(sigBase); byte[] signedBytes = _cryptoProvider.SignData(sigBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1); string signature = Base64Tool.Encode(signedBytes); token = new { @protected = encodedProtected, payload = encodedPayload, signature = signature }; return(token); }
static JWK GetKey(CBORObject control, bool fPublicKey = false) { JWK jwk = new JWK(control); if (fPublicKey && (control["kty"].AsString() != "oct")) { return(jwk.PublicKey()); } return(jwk); }
public void A2() { const string TOKEN = "" + "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiY3R5IjoiSldU" + "In0" + "." + "g_hEwksO1Ax8Qn7HoN-BVeBoa8FXe0kpyk_XdcSmxvcM5_P296JXXtoHISr_DD_M" + "qewaQSH4dZOQHoUgKLeFly-9RI11TG-_Ge1bZFazBPwKC5lJ6OLANLMd0QSL4fYE" + "b9ERe-epKYE3xb2jfY1AltHqBO-PM6j23Guj2yDKnFv6WO72tteVzm_2n17SBFvh" + "DuR9a2nHTE67pe0XGBUS_TK7ecA-iVq5COeVdJR4U4VZGGlxRGPLRHvolVLEHx6D" + "YyLpw30Ay9R6d68YCLi9FYTq3hIXPK_-dmPlOUlKvPr1GgJzRoeC9G5qCvdcHWsq" + "JGTO_z3Wfo5zsqwkxruxwA" + "." + "UmVkbW9uZCBXQSA5ODA1Mg" + "." + "VwHERHPvCNcHHpTjkoigx3_ExK0Qc71RMEParpatm0X_qpg-w8kozSjfNIPPXiTB" + "BLXR65CIPkFqz4l1Ae9w_uowKiwyi9acgVztAi-pSL8GQSXnaamh9kX1mdh3M_TT" + "-FZGQFQsFhu0Z72gJKGdfGE-OE7hS1zuBD5oEUfk0Dmb0VzWEzpxxiSSBbBAzP10" + "l56pPfAtrjEYw-7ygeMkwBl6Z_mLS6w6xUgKlvW6ULmkV-uLC4FUiyKECK4e3WZY" + "Kw1bpgIqGYsw2v_grHjszJZ-_I5uM-9RA8ycX9KqPRp9gc6pXmoU_-27ATs9XCvr" + "ZXUtK2902AUzqpeEUJYjWWxSNsS-r1TJ1I-FMJ4XyAiGrfmo9hQPcNBYxPz3GQb2" + "8Y5CLSQfNgKSGt0A4isp1hBUXBHAndgtcslt7ZoQJaKe_nNJgNliWtWpJ_ebuOpE" + "l8jdhehdccnRMIwAmU1n7SPkmhIl1HlSOpvcvDfhUN5wuqU955vOBvfkBOh5A11U" + "zBuo2WlgZ6hYi9-e3w29bR0C2-pp3jbqxEDw3iWaf2dc5b-LnR0FEYXvI_tYk5rd" + "_J9N0mg0tQ6RbpxNEMNoA9QWk5lgdPvbh9BaO195abQ" + "." + "AVO9iT5AV4CzvDJCdhSFlQ"; const string PAYLOAD = "" + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"; // decrypt with key from JWE A2 string json1 = Helpers.ReadResource(typeof(RFC7516_A_JWE_Examples), "RFC7516_A2.json"); Assert.NotNull(json1); var jwk1 = JWK.Parse(json1); Assert.NotNull(jwk1); var s1 = JWT.Decode(TOKEN, jwk1.Key); // verify signature with key from JWS A2 string json2 = Helpers.ReadResource(typeof(RFC7515_A_JWS_Examples), "RFC7515_A2.json"); Assert.NotNull(json2); var jwk2 = JWK.Parse(json2); Assert.NotNull(jwk2); var s2 = JWT.Decode(s1, jwk2.Key); Assert.Equal(Encoding.UTF8.GetString(Base64Url.Decode(PAYLOAD)), s2); }
public void JWKCanBeDeserializedMinimalElements() { var jwk = new JWK("{\"kty\":\"RSA\",\"n\":\"4W_ciNjvogFBPf9BYd9jySsrsN6gdosZMAWDi79bZIpYXPHSynbNQUcDe2tSwGKgG9d1ak-jLtZ37SOcC0s1C6W5jAGBHuA-2Oscpa1DZPXrShrDW0wbO2wbBW17pY9rLlnFel-26eE48U0utDdDFCxBBOsWj382sDJzfqLj6DTKBn9r1wDvbRLbWecvZF5uTG392KoO5sNvwwnAhRzo1HX7hPTr5zDOBkfKQolIo99g5Gq9k-_yqDWmRC0mxO6SOfFdrxSMTgCUTyZA_jQXvn7OrSO28yvKdpnrHihGExHubA-m30a21LBQlomovYZiXJ7mlvUnzFxxa7XOsbA1sFU\",\"e\":\"AQAB\",\"d\":\"BAOo6qrqQXlCPydfc621qixhn8mnE9VQQoGmoQNsTjMEdcs8lKxe5U2tazIzDAf1j-lbRuRaJIhfJFLhAXZ6YFW4Ix0XvoQBun0dSnn2XELgyLYHSoXlaj53kLYtYHpYTz_7-zzfFfUTvYBBV6YwRJixI7RH95AtWh_b3KJr6oOdmGzul7XcHJ0rcPAKfRXhUrDpjS-iZ3TOAEImQHBwHCjsiQPSDlz3jlUlG-LnE9l3PH49rKFjwc6RIfhKt0jBuwnxE3cX87ux-cFBdo_lIyv2yH-watb9SO1WqxQA2rXBXrWWKitLMhaQLFdHIZEf1lHN7VA_UD9ty9p8CZC21NU\",\"p\":\"D0X1M5HmLBNMSvxA_uF-KQ2YnhDmt4ldHiKLjjpJnvJLwXf-TDbApIfHnkRnHxd9adLO4IaAlqL3_oVlS1ZuEijy6auzfwbrcgfsuEYR_k7fG4T8K9TDS2FWe24xFkJgVdRpuMiAt0wZZEexCv2oIFDM0idXrUl7Ikq6RL3kOwob\",\"q\":\"DsKeLZl2Du2RBszDDWKMYhORGR93-CPhSGZT91-Dic6iSWtumfIGAbkjEFiCeMs4tJwktgiYS76IsQ9qCZdrcBj2h-LgMUqrdqKmSq2-krsQPpJxfPadHewa8T2_e48wXzxmx8Dmmoqd4q1LPbOHFMJpY2HBwXopeIbtFa1vUdZP\",\"dp\":\"DDNG5nXyVlzoAbI1PSTlQWfx9LntgskAkDTqI6fd7VEBQL9YbIsEIamwxHVBpq196g2SYfovN6Vg0ni-bIrTDECXoh8dGChv5Tv9VUnrz6gzQmldgqnHgyxzB9AC-BP3njg6Z3gKkeEBG4DFJNFw_rdslacFu4_KA5-L4aOKb7rn\",\"dq\":\"Dmzw0Rohwvc1_VJT85n0H8qFzerugkr2255-w87KrP2RqHXh830Rl8-MUGZgpZPgSMwuKOZ_ic-eooWxGcyuSTFsiGQYvrP-ngTaxzPFhHxkpPLVDc-swNjHgCzcHvNT0FAlF2cVOcbuBeNeHOB_za8v9txM1D4Dl_MudTg7Ct2L\",\"qi\":\"Aw3In2d6QWQ95rRJwAVAXuWJKubLqSxXTPVu7ueyn1PGMyzK7-6nFNfa1WBpCE4LQ-Ep3eZ2GhSZzN888iixnkNNuaXToUzk0dBEyNM7WDg8tGuyvd5yaJd6wj8q6prYUJGxk7V0mDMhSsA6uttRYe9rbemye6eUNwQIvfmjkbQl\"}"); jwk.KeyType.Should().Be(KeyType.RSA); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterN).Should().Be("4W_ciNjvogFBPf9BYd9jySsrsN6gdosZMAWDi79bZIpYXPHSynbNQUcDe2tSwGKgG9d1ak-jLtZ37SOcC0s1C6W5jAGBHuA-2Oscpa1DZPXrShrDW0wbO2wbBW17pY9rLlnFel-26eE48U0utDdDFCxBBOsWj382sDJzfqLj6DTKBn9r1wDvbRLbWecvZF5uTG392KoO5sNvwwnAhRzo1HX7hPTr5zDOBkfKQolIo99g5Gq9k-_yqDWmRC0mxO6SOfFdrxSMTgCUTyZA_jQXvn7OrSO28yvKdpnrHihGExHubA-m30a21LBQlomovYZiXJ7mlvUnzFxxa7XOsbA1sFU"); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterE).Should().Be("AQAB"); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterD).Should().Be("BAOo6qrqQXlCPydfc621qixhn8mnE9VQQoGmoQNsTjMEdcs8lKxe5U2tazIzDAf1j-lbRuRaJIhfJFLhAXZ6YFW4Ix0XvoQBun0dSnn2XELgyLYHSoXlaj53kLYtYHpYTz_7-zzfFfUTvYBBV6YwRJixI7RH95AtWh_b3KJr6oOdmGzul7XcHJ0rcPAKfRXhUrDpjS-iZ3TOAEImQHBwHCjsiQPSDlz3jlUlG-LnE9l3PH49rKFjwc6RIfhKt0jBuwnxE3cX87ux-cFBdo_lIyv2yH-watb9SO1WqxQA2rXBXrWWKitLMhaQLFdHIZEf1lHN7VA_UD9ty9p8CZC21NU"); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterP).Should().Be("D0X1M5HmLBNMSvxA_uF-KQ2YnhDmt4ldHiKLjjpJnvJLwXf-TDbApIfHnkRnHxd9adLO4IaAlqL3_oVlS1ZuEijy6auzfwbrcgfsuEYR_k7fG4T8K9TDS2FWe24xFkJgVdRpuMiAt0wZZEexCv2oIFDM0idXrUl7Ikq6RL3kOwob"); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterQ).Should().Be("DsKeLZl2Du2RBszDDWKMYhORGR93-CPhSGZT91-Dic6iSWtumfIGAbkjEFiCeMs4tJwktgiYS76IsQ9qCZdrcBj2h-LgMUqrdqKmSq2-krsQPpJxfPadHewa8T2_e48wXzxmx8Dmmoqd4q1LPbOHFMJpY2HBwXopeIbtFa1vUdZP"); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterDP).Should().Be("DDNG5nXyVlzoAbI1PSTlQWfx9LntgskAkDTqI6fd7VEBQL9YbIsEIamwxHVBpq196g2SYfovN6Vg0ni-bIrTDECXoh8dGChv5Tv9VUnrz6gzQmldgqnHgyxzB9AC-BP3njg6Z3gKkeEBG4DFJNFw_rdslacFu4_KA5-L4aOKb7rn"); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterDQ).Should().Be("Dmzw0Rohwvc1_VJT85n0H8qFzerugkr2255-w87KrP2RqHXh830Rl8-MUGZgpZPgSMwuKOZ_ic-eooWxGcyuSTFsiGQYvrP-ngTaxzPFhHxkpPLVDc-swNjHgCzcHvNT0FAlF2cVOcbuBeNeHOB_za8v9txM1D4Dl_MudTg7Ct2L"); jwk.KeyParameters.GetValueOrDefault(RSAKeyParameterQI).Should().Be("Aw3In2d6QWQ95rRJwAVAXuWJKubLqSxXTPVu7ueyn1PGMyzK7-6nFNfa1WBpCE4LQ-Ep3eZ2GhSZzN888iixnkNNuaXToUzk0dBEyNM7WDg8tGuyvd5yaJd6wj8q6prYUJGxk7V0mDMhSsA6uttRYe9rbemye6eUNwQIvfmjkbQl"); }
public void DuplicateKeyOperationsAreNotSerialized() { var keyOps = new List <KeyOperation>() { KeyOperation.ComputeDigitalSignature, KeyOperation.ComputeDigitalSignature }; // Add duplicate key_op var jwk = new JWK(Algorithm.RS256, PublicKeyUse.Signature, keyOps); var jwkString = jwk.Export(true); var parsedJWK = JObject.Parse(jwkString); parsedJWK.TryGetValue("key_ops", out var token); token.ToString().Should().Be($"[\n \"{KeyOperation.ComputeDigitalSignature.Operation}\"\n]"); }
static Recipient SetReceivingAttributes(Recipient recip, CBORObject control) { JWK key = null; if (control.ContainsKey("unsent")) { AddAttributes(recip, control["unsent"], 2); } if (control["key"] != null) { key = GetKey(control["key"]); } recip.SetKey(key); return(recip); }
public void A3() { const string TOKEN = "" + "eyJhbGciOiJFUzI1NiJ9" + "." + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ" + "." + "DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8ISlSA" + "pmWQxfKTUJqPP3-Kg6NU1Q"; const string PAYLOAD = "" + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"; string json = this.GetResource("RFC7515_A3.json"); JWK jwk = JWK.Parse(json); string s = JWT.Decode(TOKEN, jwk.Key); Assert.AreEqual(Encoding.UTF8.GetString(Base64Url.Decode(PAYLOAD)), s); }
public void KeyParametersCanBeSerializedExportPrivate() { var keyParameters = new Dictionary <KeyParameter, string> { { ECKeyParameterCRV, "curveName" }, { ECKeyParameterX, "publicKeyX" }, { ECKeyParameterY, "publicKeyY" }, { ECKeyParameterD, "privateKeyD" } }; var jwk = new JWK(KeyType.EllipticCurve, keyParameters); var json = jwk.Export(true); json.Should().Contain("\"d\":\"privateKeyD\"", "privateKeyD is private and should be exported if requested"); json.Should().Contain("\"y\":\"publicKeyY\"", "publicKeyY should be included by default"); json.Should().Contain("\"x\":\"publicKeyX\"", "publicKeyX should be included by default"); json.Should().Contain("\"crv\":\"curveName\"", "curveName should be included by default"); json.EndsWith(',').Should().BeFalse("Tailing ',' should be trimmed"); }
static void CheckMessage(Message msg, JWK key, CBORObject input) { if (msg.GetType() == typeof(EncryptMessage)) { EncryptMessage enc = (EncryptMessage)msg; Recipient recipient = enc.RecipientList[0]; recipient.SetKey(key); try { enc.Decrypt(recipient); } catch (Exception e) { Console.WriteLine("Failed to decrypt " + e.ToString()); return; } if (enc.GetContentAsString() != input["plaintext"].AsString()) { Console.WriteLine("Plain text does not match"); } } else if (msg.GetType() == typeof(SignMessage)) { SignMessage sig = (SignMessage)msg; try { try { sig.GetContentAsString(); } catch (System.Exception) { sig.SetContent(input["payload"].AsString()); } sig.Validate(key); if (sig.GetContentAsString() != input["payload"].AsString()) { Console.WriteLine("Plain text does not match"); } } catch (Exception e) { Console.WriteLine("Failed to verify " + e.ToString()); return; } } }
public void A3() { const string TOKEN = "" + "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0" + "." + "6KB707dM9YTIgHtLvtgWQ8mKwboJW3of9locizkDTHzBC2IlrT1oOQ" + "." + "AxY8DCtDaGlsbGljb3RoZQ" + "." + "KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY" + "." + "U0m_YmjN04DJvceFICbCVQ"; string json = this.GetResource("RFC7516_A3.json"); Assert.NotNull(json); var jwk = JWK.Parse(json); Assert.NotNull(jwk); var s = JWT.Decode(TOKEN, jwk.Key); Assert.Equal("Live long and prosper.", s); }
public void JWKWithMinimalRequiredElementsCanBeCreated() { KeyType keyType = KeyType.EllipticCurve; var keyParameters = new Dictionary <KeyParameter, string> { { ECKeyParameterCRV, "curveName" }, { ECKeyParameterX, "publicKeyX" }, { ECKeyParameterY, "publicKeyY" }, { ECKeyParameterD, "privateKeyD" } }; JWK jwk = new JWK(keyType, keyParameters); string jwkString = jwk.Export(true); var parsedJWK = JObject.Parse(jwkString); parsedJWK.GetValue("kty").ToString().Should().Be(KeyType.EllipticCurve.Type); parsedJWK.GetValue("crv").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterCRV)); parsedJWK.GetValue("x").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterX)); parsedJWK.GetValue("y").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterY)); parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterD)); }
public void A1() { const string TOKEN = "" + "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9" + "." + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ" + "." + "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"; const string PAYLOAD = "" + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"; string json = this.GetResource("RFC7515_A1.json"); Assert.IsNotNull(json); JWK jwk = JWK.Parse(json); Assert.IsNotNull(jwk); string s = JWT.Decode(TOKEN, jwk.Key); Assert.AreEqual(Encoding.UTF8.GetString(Base64Url.Decode(PAYLOAD)), s); }
public void A2() { const string TOKEN = "" + "eyJhbGciOiJSUzI1NiJ9" + "." + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ" + "." + "cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7" + "AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4" + "BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K" + "0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv" + "hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB" + "p0igcN_IoypGlUPQGe77Rw"; const string PAYLOAD = "" + "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt" + "cGxlLmNvbS9pc19yb290Ijp0cnVlfQ"; string json = this.GetResource("RFC7515_A2.json"); JWK jwk = JWK.Parse(json); string s = JWT.Decode(TOKEN, jwk.Key); Assert.AreEqual(Encoding.UTF8.GetString(Base64Url.Decode(PAYLOAD)), s); }
static bool ValidateSigned(CBORObject cnControl) { CBORObject cnInput = cnControl["input"]; CBORObject cnMessage; CBORObject cnSigners; bool fFailBody = false; fFailBody = HasFailMarker(cnControl); try { cnMessage = cnInput["sign"]; cnSigners = cnMessage["signers"]; foreach (string format in Formats) { if (!cnControl["output"].ContainsKey(format)) { continue; } string rgb; if (format == "compact") { rgb = cnControl["output"][format].AsString(); } else { rgb = cnControl["output"][format].ToJSONString(); } int i = 0; foreach (CBORObject cnSigner in cnSigners.Values) { SignMessage signMsg = null; try { Message msg = Message.DecodeFromString(rgb); signMsg = (SignMessage)msg; } catch (Exception e) { if (fFailBody) { return(true); } throw e; } // SetReceivingAttributes(signMsg, cnMessage); JWK cnKey = GetKey(cnSigner["key"]); Signer hSigner = signMsg.SignerList[i]; SetReceivingAttributes(hSigner, cnSigner); hSigner.SetKey(cnKey); bool fFailSigner = HasFailMarker(cnSigner); try { bool f = signMsg.Validate(hSigner); if (!f && !(fFailBody || fFailSigner)) { return(false); } } catch (Exception) { if (!fFailBody && !fFailSigner) { return(false); } } i++; } } } catch (Exception) { return(false); } return(true); }
internal ImageSignature(JWK header, string signature, string @protected) { Header = header; Signature = signature; Protected = @protected; }