public void JWKWithRSA512SignatureCanBeSerialized()
{
var keyUse = PublicKeyUse.Signature;
var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature });
var algorithm = Algorithm.RS512;
var jwk = new JWK(algorithm, keyUse, keyOperations);
string jwkString = jwk.Export(true);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.TryGetValue("kty", out var _).Should().BeTrue();
parsedJWK.TryGetValue("alg", out var _).Should().BeTrue();
parsedJWK.TryGetValue("use", out var _).Should().BeTrue();
parsedJWK.TryGetValue("kid", out var _).Should().BeTrue();
parsedJWK.TryGetValue("n", out var _).Should().BeTrue();
parsedJWK.TryGetValue("e", out var _).Should().BeTrue();
parsedJWK.TryGetValue("d", out var _).Should().BeTrue();
parsedJWK.TryGetValue("p", out var _).Should().BeTrue();
parsedJWK.TryGetValue("q", out var _).Should().BeTrue();
parsedJWK.TryGetValue("dq", out var _).Should().BeTrue();
parsedJWK.TryGetValue("dp", out var _).Should().BeTrue();
parsedJWK.TryGetValue("qi", out var _).Should().BeTrue();
parsedJWK.GetValue("kty").ToString().Should().Be("RSA");
parsedJWK.GetValue("alg").ToString().Should().Be(Algorithm.RS512.Name);
parsedJWK.GetValue("use").ToString().Should().Be(PublicKeyUse.Signature.KeyUse);
parsedJWK.GetValue("key_ops").Values <string>().Count().Should().Be(2);
parsedJWK.GetValue("key_ops").Values <string>().Should().BeEquivalentTo(new[] { KeyOperation.ComputeDigitalSignature.Operation, KeyOperation.VerifyDigitalSignature.Operation });
}
public void JWKWithECKeyRoundTrip()
{
KeyType keyType = KeyType.EllipticCurve;
PublicKeyUse keyUse = PublicKeyUse.Signature;
var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature });
Algorithm algorithm = Algorithm.ES256;
var keyParameters = new Dictionary <KeyParameter, string>
{
{ ECKeyParameterCRV, "curveName" },
{ ECKeyParameterX, "publicKeyX" },
{ ECKeyParameterY, "publicKeyY" },
{ ECKeyParameterD, "privateKeyD" }
};
JWK jwk = new JWK(keyType, keyParameters, keyUse, keyOperations, algorithm, "test");
string jwkString = jwk.Export(true);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.GetValue("crv").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterCRV));
parsedJWK.GetValue("x").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterX));
parsedJWK.GetValue("y").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterY));
parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterD));
parsedJWK.GetValue("kid").ToString().Should().Be("test");
jwk = new JWK(jwkString);
jwk.KeyType.Should().Be(keyType);
jwk.PublicKeyUse.Should().Be(keyUse);
jwk.KeyOperations.Should().BeEquivalentTo(keyOperations);
jwk.Algorithm.Should().Be(algorithm);
jwk.KeyParameters.Should().BeEquivalentTo(keyParameters);
}
public void JWKWithAESKeyParametersCanBeCreated()
{
KeyType keyType = KeyType.RSA;
PublicKeyUse keyUse = PublicKeyUse.Signature;
var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature });
Algorithm algorithm = Algorithm.ES256;
var keyParameters = new Dictionary <KeyParameter, string>
{
{ RSAKeyParameterN, "modulus" },
{ RSAKeyParameterE, "exponent" },
{ RSAKeyParameterD, "privateExponent" },
{ RSAKeyParameterP, "firstPrimeFactor" },
{ RSAKeyParameterQ, "secondPrimeFactor" },
{ RSAKeyParameterDP, "firstFactorCRTExponent" },
{ RSAKeyParameterDQ, "secondFactorCRTExponent" },
{ RSAKeyParameterQI, "firstCRTCoefficient" }
};
JWK jwk = new JWK(keyType, keyParameters, keyUse, keyOperations, algorithm, "test");
string jwkString = jwk.Export(true);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.GetValue("n").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterN));
parsedJWK.GetValue("e").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterE));
parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterD));
parsedJWK.GetValue("p").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterP));
parsedJWK.GetValue("q").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterQ));
parsedJWK.GetValue("dp").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterDP));
parsedJWK.GetValue("dq").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterDQ));
parsedJWK.GetValue("qi").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterQI));
parsedJWK.GetValue("kid").ToString().Should().Be("test");
}
public void JWKCheckECPrivateKeyParametersExport()
{
PublicKeyUse keyUse = PublicKeyUse.Signature;
var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature });
Algorithm algorithm = Algorithm.ES256;
JWK jwk = new JWK(algorithm, keyUse, keyOperations);
string jwkString = jwk.Export(false);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.TryGetValue("kty", out var _).Should().BeTrue();
parsedJWK.TryGetValue("alg", out var _).Should().BeTrue();
parsedJWK.TryGetValue("use", out var _).Should().BeTrue();
parsedJWK.TryGetValue("kid", out var _).Should().BeTrue();
parsedJWK.TryGetValue("crv", out var _).Should().BeTrue();
parsedJWK.TryGetValue("x", out var _).Should().BeTrue();
parsedJWK.TryGetValue("y", out var _).Should().BeTrue();
parsedJWK.TryGetValue("d", out var _).Should().BeFalse();
parsedJWK.GetValue("kty").ToString().Should().Be("EC");
parsedJWK.GetValue("alg").ToString().Should().Be(Algorithm.ES256.Name);
parsedJWK.GetValue("use").ToString().Should().Be(PublicKeyUse.Signature.KeyUse);
parsedJWK.GetValue("key_ops").Values <string>().Count().Should().Be(2);
parsedJWK.GetValue("key_ops").Values <string>().Should().BeEquivalentTo(new[] { KeyOperation.ComputeDigitalSignature.Operation, KeyOperation.VerifyDigitalSignature.Operation });
}
public void DuplicateKeyOperationsAreNotSerialized()
{
var keyOps = new List <KeyOperation>()
{
KeyOperation.ComputeDigitalSignature, KeyOperation.ComputeDigitalSignature
}; // Add duplicate key_op
var jwk = new JWK(Algorithm.RS256, PublicKeyUse.Signature, keyOps);
var jwkString = jwk.Export(true);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.TryGetValue("key_ops", out var token);
token.ToString().Should().Be($"[\n \"{KeyOperation.ComputeDigitalSignature.Operation}\"\n]");
}
public void KeyParametersCanBeSerializedExportPrivate()
{
var keyParameters = new Dictionary <KeyParameter, string>
{
{ ECKeyParameterCRV, "curveName" },
{ ECKeyParameterX, "publicKeyX" },
{ ECKeyParameterY, "publicKeyY" },
{ ECKeyParameterD, "privateKeyD" }
};
var jwk = new JWK(KeyType.EllipticCurve, keyParameters);
var json = jwk.Export(true);
json.Should().Contain("\"d\":\"privateKeyD\"", "privateKeyD is private and should be exported if requested");
json.Should().Contain("\"y\":\"publicKeyY\"", "publicKeyY should be included by default");
json.Should().Contain("\"x\":\"publicKeyX\"", "publicKeyX should be included by default");
json.Should().Contain("\"crv\":\"curveName\"", "curveName should be included by default");
json.EndsWith(',').Should().BeFalse("Tailing ',' should be trimmed");
}
public void JWKWithMinimalRequiredElementsCanBeCreated()
{
KeyType keyType = KeyType.EllipticCurve;
var keyParameters = new Dictionary <KeyParameter, string>
{
{ ECKeyParameterCRV, "curveName" },
{ ECKeyParameterX, "publicKeyX" },
{ ECKeyParameterY, "publicKeyY" },
{ ECKeyParameterD, "privateKeyD" }
};
JWK jwk = new JWK(keyType, keyParameters);
string jwkString = jwk.Export(true);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.GetValue("kty").ToString().Should().Be(KeyType.EllipticCurve.Type);
parsedJWK.GetValue("crv").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterCRV));
parsedJWK.GetValue("x").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterX));
parsedJWK.GetValue("y").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterY));
parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterD));
}
