public void Decrypt_MultipleRecipients_MismatchEncOrAlgThrows(JweEncryption expectedJweEnc, JweAlgorithm expectedJweAlg, string expectedMessage) { //given byte[] payload = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12 }; var recipients = new Recipient[] { recipientAes256KW1, recipientAes256KW2, recipientRsa1, }; var sharedProtectedHeaders = new Dictionary <string, object> { { "cty", "application/octet-string" }, }; var jwe = JWE.Encrypt( plaintext: payload, recipients: recipients, JweEncryption.A256GCM, mode: SerializationMode.Json, extraHeaders: sharedProtectedHeaders); //when var exception = Record.Exception(() => JWE.Decrypt(jwe, aes256KWKey2, expectedJweAlg, expectedJweEnc)); //then Assert.IsType <InvalidAlgorithmException>(exception); Assert.Equal(expectedMessage, exception.Message); }
/// <summary> /// Encodes given json string to JWT token and applies requested encryption/compression algorithms. /// Json string to encode will be obtained via configured IJsonMapper implementation. /// </summary> /// <param name="payload">json string to encode (not null or whitespace)</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string Encode(string payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null) { Ensure.IsNotEmpty(payload, "Payload expected to be not empty, whitespace or null."); IKeyManagement keys = KeyAlgorithms[alg]; IJweAlgorithm _enc = EncAlgorithms[enc]; var jwtHeader = new Dictionary <string, object> { { "alg", JweAlgorithms[alg] }, { "enc", JweEncryptionMethods[enc] } }; byte[][] contentKeys = keys.WrapNewKey(_enc.KeySize, key, jwtHeader); byte[] cek = contentKeys[0]; byte[] encryptedCek = contentKeys[1]; byte[] plainText = Encoding.UTF8.GetBytes(payload); if (compression.HasValue) { jwtHeader["zip"] = JweCompressionMethods[compression.Value]; plainText = CompressionAlgorithms[compression.Value].Compress(plainText); } byte[] header = Encoding.UTF8.GetBytes(jsMapper.Serialize(jwtHeader)); byte[] aad = Encoding.UTF8.GetBytes(Compact.Serialize(header)); byte[][] encParts = _enc.Encrypt(aad, plainText, cek); return(Compact.Serialize(header, encryptedCek, encParts[0], encParts[1], encParts[2])); }
/// <summary> /// Encodes given json string to JWT token and applies requested encryption/compression algorithms. /// Json string to encode will be obtained via configured IJsonMapper implementation. /// </summary> /// <param name="payload">json string to encode (not null or whitespace)</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <param name="alg">JWT algorithm to be used.</param> /// <param name="enc">encryption algorithm to be used.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraHeaders">optional extra headers to pass along with the payload.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string Encode(string payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null, JwtSettings settings = null) { Ensure.IsNotEmpty(payload, "Payload expected to be not empty, whitespace or null."); byte[] plainText = Encoding.UTF8.GetBytes(payload); return(EncodeBytes(plainText, key, alg, enc, compression, extraHeaders, settings)); }
private static byte[] DecryptBytes(byte[][] parts, object key, JweAlgorithm?jweAlg, JweEncryption?jweEnc, JwtSettings settings = null) { byte[] header = parts[0]; byte[] encryptedCek = parts[1]; byte[] iv = parts[2]; byte[] cipherText = parts[3]; byte[] authTag = parts[4]; JwtSettings jwtSettings = GetSettings(settings); IDictionary <string, object> jwtHeader = jwtSettings.JsonMapper.Parse <Dictionary <string, object> >(Encoding.UTF8.GetString(header)); JweAlgorithm headerAlg = jwtSettings.JwaAlgorithmFromHeader((string)jwtHeader["alg"]); JweEncryption headerEnc = jwtSettings.JweAlgorithmFromHeader((string)jwtHeader["enc"]); IKeyManagement keys = jwtSettings.Jwa(headerAlg); IJweAlgorithm enc = jwtSettings.Jwe(headerEnc); if (keys == null) { throw new JoseException(string.Format("Unsupported JWA algorithm requested: {0}", headerAlg)); } if (enc == null) { throw new JoseException(string.Format("Unsupported JWE algorithm requested: {0}", headerEnc)); } if (jweAlg != null && (JweAlgorithm)jweAlg != headerAlg) { throw new InvalidAlgorithmException("The algorithm type passed to the Decrypt method did not match the algorithm type in the header."); } if (jweEnc != null && (JweEncryption)jweEnc != headerEnc) { throw new InvalidAlgorithmException("The encryption type passed to the Decrypt method did not match the encryption type in the header."); } byte[] cek = keys.Unwrap(encryptedCek, key, enc.KeySize, jwtHeader); byte[] aad = Encoding.UTF8.GetBytes(Compact.Serialize(header)); byte[] plainText = enc.Decrypt(aad, cek, iv, cipherText, authTag); if (jwtHeader.ContainsKey("zip")) { var alg = (string)jwtHeader["zip"]; var compression = jwtSettings.Compression(GetJweCompression(alg)); if (compression == null) { throw new JoseException(string.Format("Unsupported compressions algorithm requested: {0}", alg)); } plainText = compression.Decompress(plainText); } return(plainText); }
private static byte[] DecryptBytes(byte[][] parts, object key, JweAlgorithm?jweAlg, JweEncryption?jweEnc, JWTSettings settings = null) { byte[] header = parts[0]; byte[] encryptedCek = parts[1]; byte[] iv = parts[2]; byte[] cipherText = parts[3]; byte[] authTag = parts[4]; IDictionary <string, object> jwtHeader = GetSettings(settings).JsonMapper.Parse <Dictionary <string, object> >(Encoding.UTF8.GetString(header)); JweAlgorithm headerAlg = GetJweAlgorithm((string)jwtHeader["alg"]); JweEncryption headerEnc = GetJweEncryption((string)jwtHeader["enc"]); IKeyManagement keys = GetSettings(settings).KeyAlgorithms[headerAlg]; IJweAlgorithm enc = GetSettings(settings).EncAlgorithms[headerEnc]; if (jweAlg != null && (JweAlgorithm)jweAlg != headerAlg) { throw new InvalidAlgorithmException("The algorithm type passed to the Decrypt method did not match the algorithm type in the header."); } if (jweEnc != null && (JweEncryption)jweEnc != headerEnc) { throw new InvalidAlgorithmException("The encryption type passed to the Decrypt method did not match the encryption type in the header."); } byte[] cek = keys.Unwrap(encryptedCek, key, enc.KeySize, jwtHeader); byte[] aad = Encoding.UTF8.GetBytes(Compact.Serialize(header)); byte[] plainText = enc.Decrypt(aad, cek, iv, cipherText, authTag); if (jwtHeader.ContainsKey("zip")) { plainText = GetSettings(settings).CompressionAlgorithms[GetJweCompression((string)jwtHeader["zip"])].Decompress(plainText); } return(plainText); }
/// <summary> /// Decodes JWT token by performing necessary decompression/decryption and signature verification as defined in JWT token header. /// Resulting bytes of the payload are returned untouched (e.g. no parsing or mapping) /// </summary> /// <param name="token">JWT token in compact serialization form.</param> /// <param name="key">key for decoding suitable for JWT algorithm used.</param> /// <param name="alg">The algorithm type that we expect to receive in the header.</param> /// <param name="enc">The encryption type that we expect to receive in the header.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>Decrypted payload as binary data</returns> /// <exception cref="IntegrityException">if signature validation failed</exception> /// <exception cref="EncryptionException">if JWT token can't be decrypted</exception> /// <exception cref="InvalidAlgorithmException">if JWT signature, encryption or compression algorithm is not supported</exception> public static byte[] DecodeBytes(string token, object key, JweAlgorithm alg, JweEncryption enc, JwtSettings settings = null) { return(DecodeBytes(token, key, null, alg, enc, settings)); }
/// <summary> /// Decodes JWT token by performing necessary decompression/decryption and signature verification as defined in JWT token header. /// Resulting json string will be parsed and mapped to desired type via configured IJsonMapper implementation. /// </summary> /// <typeparam name="T">Deserid object type after json mapping</typeparam> /// <param name="token">JWT token in compact serialization form.</param> /// <param name="key">key for decoding suitable for JWT algorithm used.</param> /// <param name="alg">The algorithm type that we expect to receive in the header.</param> /// <param name="enc">The encryption type that we expect to receive in the header.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>object of provided T, result of decoded json mapping</returns> /// <exception cref="IntegrityException">if signature validation failed</exception> /// <exception cref="EncryptionException">if JWT token can't be decrypted</exception> /// <exception cref="InvalidAlgorithmException">if JWT signature, encryption or compression algorithm is not supported</exception> public static T Decode <T>(string token, object key, JweAlgorithm alg, JweEncryption enc, JwtSettings settings = null) { return(GetSettings(settings).JsonMapper.Parse <T>(Decode(token, key, alg, enc, settings))); }
/// <summary> /// Serialize and encodes object to JWT token and applies requested encryption/compression algorithms. /// </summary> /// <param name="payload">json string to encode</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string Encode(object payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null) { return(Encode(jsMapper.Serialize(payload), key, alg, enc)); }
protected Dictionary <string, object> JoseDotNetCore(string token, JweEncryption enc, JweAlgorithm alg, byte[] key) { return(Jose.JWT.Decode <Dictionary <string, object> >(token, key: key, enc: enc /*JweEncryption.A128CBC_HS256*/, alg: alg /*JweAlgorithm.A128KW*/)); }
public static byte[] DecodeBytes(string token, object key, JweAlgorithm alg, JweEncryption enc) { JwsAlgorithm?nullable = null; return(JWT.DecodeBytes(token, key, nullable, new JweAlgorithm?(alg), new JweEncryption?(enc))); }
public static string Encode(string payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null) { Ensure.IsNotEmpty(payload, "Payload expected to be not empty, whitespace or null.", new object[0]); return(JWT.EncodeBytes(Encoding.UTF8.GetBytes(payload), key, alg, enc, compression, extraHeaders)); }
/// <summary> /// Decodes JWT token by performining necessary decompression/decryption and signature verification as defined in JWT token header. /// Resulting json string is returned untouched (e.g. no parsing or mapping) /// </summary> /// <param name="token">JWT token in compact serialization form.</param> /// <param name="key">key for decoding suitable for JWT algorithm used.</param> /// <param name="alg">The algorithm type that we expect to receive in the header.</param> /// <param name="enc">The encryption type that we expect to receive in the header.</param> /// <returns>decoded json string</returns> /// <exception cref="IntegrityException">if signature valdation failed</exception> /// <exception cref="EncryptionException">if JWT token can't be decrypted</exception> /// <exception cref="InvalidAlgorithmException">if JWT signature, encryption or compression algorithm is not supported</exception> public static string Decode(string token, object key, JweAlgorithm alg, JweEncryption enc) { return(Decode(token, key, null, alg, enc)); }
/// <summary> /// Encrypts given binary plaintext using JWE and applies requested encryption/compression algorithms. /// </summary> /// <param name="plaintext">Binary data to encrypt (not null)</param> /// <param name="recipients">The details of who to encrypt the plaintext (or rather the CEK) to.</param> /// <param name="enc">encryption algorithm to be used to encrypt the plaintext.</param> /// <param name="aad">additional authentication data (SerializationMode.Json only)</param> /// <param name="mode">serialization mode to use. Note only one recipient can be specified for compact and flattened json serialization.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraProtectedHeaders">optional extra headers to put in the protected header.</param> /// <param name="unprotectedHeaders">optional unprotected headers</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string EncryptBytes(byte[] plaintext, IEnumerable <JweRecipient> recipients, JweEncryption enc, byte[] aad = null, SerializationMode mode = SerializationMode.Json, JweCompression?compression = null, IDictionary <string, object> extraProtectedHeaders = null, IDictionary <string, object> unprotectedHeaders = null, JwtSettings settings = null) { if (plaintext == null) { throw new ArgumentNullException(nameof(plaintext)); } settings = GetSettings(settings); IJweAlgorithm _enc = settings.Jwe(enc); if (_enc == null) { throw new JoseException(string.Format("Unsupported JWE enc requested: {0}", enc)); } //IDictionary<string, object> joseProtectedHeader = Dictionaries.MergeHeaders( // new Dictionary<string, object> { { "enc", settings.JweHeaderValue(enc) } }, // extraProtectedHeaders); IDictionary <string, object> joseProtectedHeader = Dictionaries.MergeHeaders(); byte[] cek = null; var recipientsOut = new List <JweRecipient>(); foreach (var recipient in recipients) { joseProtectedHeader = Dictionaries.MergeHeaders( new Dictionary <string, object> { { "alg", settings.JwaHeaderValue(recipient.Alg) } }, new Dictionary <string, object> { { "enc", settings.JweHeaderValue(enc) } }, extraProtectedHeaders); IKeyManagement keys = settings.Jwa(recipient.Alg); if (keys == null) { throw new JoseException(string.Format("Unsupported JWE alg requested: {0}", recipient.Alg)); } // joseHeader - is merge of headers // - key management will read from (e.g. enc,apv,apu - ECDH-ES) //// - key management will write to (e.g. iv, tag - AesGcmKW) IDictionary <string, object> joseHeader = Dictionaries.MergeHeaders( joseProtectedHeader, recipient.Header, unprotectedHeaders ); byte[] encryptedCek; if (cek == null) { byte[][] contentKeys = keys.WrapNewKey(_enc.KeySize, recipient.Key, joseHeader); cek = contentKeys[0]; encryptedCek = contentKeys[1]; } else { encryptedCek = keys.WrapKey(cek, recipient.Key, joseHeader); } // For the per-receipient header we want the headers from the result of IKeyManagements key wrapping but without the // shared headers IDictionary <string, object> recipientHeader = joseHeader .Where( kvp => !joseProtectedHeader.ContainsKey(kvp.Key) && (unprotectedHeaders == null || !unprotectedHeaders.ContainsKey(kvp.Key)) ) .ToDictionary(kvp => kvp.Key, kvp => kvp.Value); recipientsOut.Add(new JweRecipient(encryptedCek, recipientHeader)); } if (compression.HasValue) { joseProtectedHeader["zip"] = settings.CompressionHeader(compression.Value); plaintext = settings.Compression(compression.Value).Compress(plaintext); } switch (mode) { case SerializationMode.Compact: { if (recipientsOut.Count != 1) { throw new JoseException("Only one recipient is supported by the JWE Compact Serialization."); } if (aad != null) { throw new JoseException("JWE AAD value is not valid for JWE Compact Serialization."); } joseProtectedHeader = Dictionaries.MergeHeaders(recipientsOut[0].Header, joseProtectedHeader); byte[] header = Encoding.UTF8.GetBytes(settings.JsonMapper.Serialize(joseProtectedHeader)); aad = Encoding.UTF8.GetBytes(Compact.Serialize(header)); byte[][] encParts = _enc.Encrypt(aad, plaintext, cek); return(new JweToken( header, null, recipientsOut, null, encParts[0], encParts[1], encParts[2], mode) .AsString()); } case SerializationMode.Json: { var protectedHeaderBytes = Encoding.UTF8.GetBytes(settings.JsonMapper.Serialize(joseProtectedHeader)); byte[] asciiEncodedProtectedHeader = Encoding.ASCII.GetBytes(Base64Url.Encode(protectedHeaderBytes)); byte[][] encParts = _enc.Encrypt(Aad(protectedHeaderBytes, aad), plaintext, cek); return(new JweToken( protectedHeaderBytes, unprotectedHeaders, recipientsOut, aad, encParts[0], encParts[1], encParts[2], mode) .AsString(settings.JsonMapper)); } default: throw new JoseException($"Unsupported serializtion mode: {mode}."); } }
/// <summary> /// Encrypts given plaintext using JWE and applies requested encryption/compression algorithms. /// </summary> /// <param name="plaintext">Binary data to encrypt (not null)</param> /// <param name="recipients">The details of who to encrypt the plaintext (or rather the CEK) to.</param> /// <param name="enc">encryption algorithm to be used to encrypt the plaintext.</param> /// <param name="mode">serialization mode to use. Note only one recipient can be specified for compact and flattened json serialization.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraHeaders">optional extra headers to put in the JoseProtectedHeader.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string Encrypt(byte[] plaintext, IEnumerable <Recipient> recipients, JweEncryption enc, byte[] aad = null, SerializationMode mode = SerializationMode.Compact, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null, JwtSettings settings = null) { if (plaintext == null) { throw new ArgumentNullException(nameof(plaintext)); } settings = GetSettings(settings); IJweAlgorithm _enc = settings.Jwe(enc); if (_enc == null) { throw new JoseException(string.Format("Unsupported JWE enc requested: {0}", enc)); } IDictionary <string, object> joseProtectedHeader = Dictionaries.MergeHeaders( new Dictionary <string, object> { { "enc", settings.JweHeaderValue(enc) } }, extraHeaders); byte[] cek = null; var recipientsOut = new List <(byte[] EncryptedKey, IDictionary <string, object> Header)>(); foreach (var recipient in recipients) { IKeyManagement keys = settings.Jwa(recipient.Alg); if (keys == null) { throw new JoseException(string.Format("Unsupported JWE alg requested: {0}", recipient.Alg)); } // joseHeader - is merge of headers // - key management will read from (e.g. enc,apv,apu - ECDH-ES) // - key management will write to (e.g. iv, tag - AesGcmKW) IDictionary <string, object> joseHeader = Dictionaries.MergeHeaders( joseProtectedHeader, new Dictionary <string, object> { { "alg", settings.JwaHeaderValue(recipient.Alg) } }, recipient.PerRecipientHeaders); byte[] encryptedCek; if (cek == null) { byte[][] contentKeys = keys.WrapNewKey(_enc.KeySize, recipient.Key, joseHeader); cek = contentKeys[0]; encryptedCek = contentKeys[1]; } else { encryptedCek = keys.WrapKey(cek, recipient.Key, joseHeader); } // For the per-receipient header we want the headers from the result of IKeyManagements key wrapping.. but without the // protected headers that were merged in IDictionary <string, object> recipientHeader = joseHeader.Except(joseProtectedHeader).ToDictionary(x => x.Key, v => v.Value); recipientsOut.Add((EncryptedKey: encryptedCek, Header: recipientHeader)); } if (compression.HasValue) { joseProtectedHeader["zip"] = settings.CompressionHeader(compression.Value); plaintext = settings.Compression(compression.Value).Compress(plaintext); } switch (mode) { case SerializationMode.Compact: { if (recipientsOut.Count != 1) { throw new JoseException("Only one recipient is supported by the JWE Compact Serialization."); } if (aad != null) { throw new JoseException("JWE AAD value is not valid for JWE Compact Serialization."); } joseProtectedHeader = Dictionaries.MergeHeaders(recipientsOut[0].Header, joseProtectedHeader); byte[] header = Encoding.UTF8.GetBytes(settings.JsonMapper.Serialize(joseProtectedHeader)); aad = Encoding.UTF8.GetBytes(Compact.Serialize(header)); byte[][] encParts = _enc.Encrypt(aad, plaintext, cek); return(Compact.Serialize(header, recipientsOut[0].EncryptedKey, encParts[0], encParts[1], encParts[2])); } case SerializationMode.Json: { var protectedHeaderBytes = Encoding.UTF8.GetBytes(settings.JsonMapper.Serialize(joseProtectedHeader)); byte[] asciiEncodedProtectedHeader = Encoding.ASCII.GetBytes(Base64Url.Encode(protectedHeaderBytes)); var aadToEncrypt = aad == null ? asciiEncodedProtectedHeader : asciiEncodedProtectedHeader.Concat(new byte[] { 0x2E }).Concat(aad).ToArray(); byte[][] encParts = _enc.Encrypt(aadToEncrypt, plaintext, cek); var toSerialize = new Dictionary <string, object> { { "protected", Base64Url.Encode(protectedHeaderBytes) }, { "iv", Base64Url.Encode(encParts[0]) }, { "ciphertext", Base64Url.Encode(encParts[1]) }, { "tag", Base64Url.Encode(encParts[2]) }, }; if (aad != null) { toSerialize["aad"] = Base64Url.Encode(aad); } if (recipientsOut.Count == 1) { toSerialize["header"] = recipientsOut.Select(r => r.Header).First(); toSerialize["encrypted_key"] = recipientsOut.Select(r => Base64Url.Encode(r.EncryptedKey)).First(); } else { toSerialize["recipients"] = recipientsOut.Select(r => new { header = r.Header, encrypted_key = Base64Url.Encode(r.EncryptedKey), }); } return(settings.JsonMapper.Serialize(toSerialize)); } default: throw new JoseException($"Unsupported serializtion mode: {mode}."); } }
/// <summary> /// Encodes given binary data to JWT token and applies requested encryption/compression algorithms. /// </summary> /// <param name="payload">Binary data to encode (not null)</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string EncodeBytes(byte[] payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null) { if (payload == null) { throw new ArgumentNullException(nameof(payload)); } IKeyManagement keys = KeyAlgorithms[alg]; IJweAlgorithm _enc = EncAlgorithms[enc]; IDictionary <string, object> jwtHeader = new Dictionary <string, object> { { "alg", JweAlgorithms[alg] }, { "enc", JweEncryptionMethods[enc] } }; Dictionaries.Append(jwtHeader, extraHeaders); byte[][] contentKeys = keys.WrapNewKey(_enc.KeySize, key, jwtHeader); byte[] cek = contentKeys[0]; byte[] encryptedCek = contentKeys[1]; if (compression.HasValue) { jwtHeader["zip"] = JweCompressionMethods[compression.Value]; payload = CompressionAlgorithms[compression.Value].Compress(payload); } byte[] header = Encoding.UTF8.GetBytes(jsMapper.Serialize(jwtHeader)); byte[] aad = Encoding.UTF8.GetBytes(Compact.Serialize(header)); byte[][] encParts = _enc.Encrypt(aad, payload, cek); return(Compact.Serialize(header, encryptedCek, encParts[0], encParts[1], encParts[2])); }
/// <summary> /// Decypts a JWE by performing necessary decompression/decryption and authenticated decryption as defined in RFC7516. /// </summary> /// <param name="jwe">JWE to decrypt.</param> /// <param name="key">key for decoding suitable for JWE algorithm used to encrypt the CEK.</param> /// <param name="expectedJweAlg">The algorithm type that we expect to receive in the header.</param> /// <param name="expectedJweEnc">The encryption type that we expect to receive in the header.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>Decrypted plaintext as binary data</returns> /// <exception cref="IntegrityException">if AEAD operation validation failed</exception> /// <exception cref="EncryptionException">if JWE can't be decrypted</exception> /// <exception cref="InvalidAlgorithmException">if encryption or compression algorithm is not supported</exception> public static (byte[] Plaintext, IDictionary <string, object> JoseHeaders, byte[] Aad) Decrypt(string jwe, object key, JweAlgorithm?expectedJweAlg = null, JweEncryption?expectedJweEnc = null, JwtSettings settings = null) { Ensure.IsNotEmpty(jwe, "Incoming jwe expected to be in a valid serialization form, not empty, whitespace or null."); settings = GetSettings(settings); ParsedJwe parsedJwe = ParsedJwe.Parse(jwe, settings); IDictionary <string, object> protectedHeader = settings.JsonMapper.Parse <Dictionary <string, object> >( Encoding.UTF8.GetString(parsedJwe.ProtectedHeaderBytes)); if (protectedHeader == null && parsedJwe.Encoding == SerializationMode.Compact) { throw new JoseException(string.Format("Protected header was missing but required with compact encoding.")); } IJweAlgorithm enc = null; /* * if (protectedHeader != null) * { * JweEncryption headerEnc = settings.JweAlgorithmFromHeader((string)protectedHeader["enc"]); * enc = settings.Jwe(headerEnc); * * if (enc == null && parsedJwe.Encoding == SerializationMode.Compact) * { * throw new JoseException(string.Format("Unsupported JWE algorithm requested: {0}", headerEnc)); * } * * if (expectedJweEnc != null && expectedJweEnc != headerEnc && parsedJwe.Encoding == SerializationMode.Compact) * { * throw new InvalidAlgorithmException("The encryption type passed to the Decrypt method did not match the encryption type in the header."); * } * } */ var algMatchingRecipients = parsedJwe.Recipients.Select(r => { var joseHeader = Dictionaries.MergeHeaders(protectedHeader, parsedJwe.UnprotectedHeader, r.Header); return(new { JoseHeader = joseHeader, HeaderAlg = settings.JwaAlgorithmFromHeader((string)joseHeader["alg"]), EncryptedCek = r.EncryptedCek, }); }) .Where(r => (expectedJweAlg == null || expectedJweAlg == r.HeaderAlg)); if (!algMatchingRecipients.Any()) { throw new InvalidAlgorithmException("The algorithm type passed to the Decrypt method did not match the algorithm type in the header."); } var exceptions = new List <Exception>(); foreach (var recipient in algMatchingRecipients) { IKeyManagement keys = settings.Jwa(recipient.HeaderAlg); if (keys == null) { throw new JoseException(string.Format("Unsupported JWA algorithm requested: {0}", recipient.HeaderAlg)); } try { JweEncryption headerEnc = settings.JweAlgorithmFromHeader((string)recipient.JoseHeader["enc"]); enc = settings.Jwe(headerEnc); if (enc == null) { throw new JoseException(string.Format("Unsupported JWE algorithm requested: {0}", headerEnc)); } if (expectedJweEnc != null && expectedJweEnc != headerEnc) { throw new InvalidAlgorithmException("The encryption type passed to the Decrypt method did not match the encryption type in the header."); } byte[] cek = keys.Unwrap(recipient.EncryptedCek, key, enc.KeySize, recipient.JoseHeader); byte[] asciiEncodedProtectedHeader = Encoding.ASCII.GetBytes(Base64Url.Encode(parsedJwe.ProtectedHeaderBytes)); byte[] aad = parsedJwe.Aad == null? Encoding.ASCII.GetBytes(Base64Url.Encode(parsedJwe.ProtectedHeaderBytes)) : Encoding.ASCII.GetBytes(string.Concat(Base64Url.Encode(parsedJwe.ProtectedHeaderBytes), ".", Base64Url.Encode(parsedJwe.Aad))); byte[] plaintext = enc.Decrypt(aad, cek, parsedJwe.Iv, parsedJwe.Ciphertext, parsedJwe.AuthTag); if (recipient.JoseHeader.TryGetValue("zip", out var compressionAlg)) { var compression = settings.Compression((string)compressionAlg); plaintext = compression.Decompress(plaintext); } return(Plaintext : plaintext, JoseHeaders : recipient.JoseHeader, Aad : parsedJwe.Aad); } catch (ArgumentException ex) { exceptions.Add(ex); } catch (JoseException ex) { exceptions.Add(ex); } } if (exceptions.Select(e => (e.GetType(), e.Message)).Distinct().Count() == 1) { // throw the first throw exceptions[0]; }
/// <summary> /// Decodes JWT token by performing necessary decompression/decryption and signature verification as defined in JWT token header. /// Resulting bytes of the payload are returned untouched (e.g. no parsing or mapping) /// </summary> /// <param name="token">JWT token in compact serialization form.</param> /// <param name="key">key for decoding suitable for JWT algorithm used.</param> /// <param name="alg">The algorithm type that we expect to receive in the header.</param> /// <param name="enc">The encryption type that we expect to receive in the header.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>Decrypted payload as binary data</returns> /// <exception cref="IntegrityException">if signature validation failed</exception> /// <exception cref="EncryptionException">if JWT token can't be decrypted</exception> /// <exception cref="InvalidAlgorithmException">if JWT signature, encryption or compression algorithm is not supported</exception> public static byte[] DecodeBytes(string token, object key, JweAlgorithm alg, JweEncryption enc, JwtSettings settings = null, bool requireSignature = false) { return(DecodeBytes(token, key, null, alg, enc, settings, null, requireSignature)); }
/// <summary>VerifyResult</summary> /// <param name="testLabel">string</param> /// <param name="jwt">string</param> /// <param name="key">object</param> /// <param name="alg">JweAlgorithm</param> /// <param name="enc">JweEncryption</param> private static void VerifyResult(string testLabel, string jwt, object key, JweAlgorithm alg, JweEncryption enc) { MyDebug.OutputDebugAndConsole(testLabel, "Original:" + jwt); MyDebug.InspectJwt(testLabel, jwt); MyDebug.OutputDebugAndConsole(testLabel, "Decoded:" + JWT.Decode(jwt, key, alg, enc)); }
/// <summary> /// Decypts a JWE by performing necessary decompression/decryption and authenticated decryption as defined in RFC7516. /// </summary> /// <param name="jwe">JWE to decrypt.</param> /// <param name="key">key for decoding suitable for JWE algorithm used to encrypt the CEK.</param> /// <param name="expectedJweAlg">The algorithm type that we expect to receive in the header.</param> /// <param name="expectedJweEnc">The encryption type that we expect to receive in the header.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>Decrypted JweToken object</returns> /// <exception cref="IntegrityException">if AEAD operation validation failed</exception> /// <exception cref="EncryptionException">if JWE can't be decrypted</exception> /// <exception cref="InvalidAlgorithmException">if encryption or compression algorithm is not supported</exception> public static JweToken Decrypt(string jwe, object key, JweAlgorithm?expectedJweAlg = null, JweEncryption?expectedJweEnc = null, JwtSettings settings = null) { Ensure.IsNotEmpty(jwe, "Incoming jwe expected to be in a valid serialization form, not empty, whitespace or null."); settings = GetSettings(settings); JweToken token = Headers(jwe); if (token.ProtectedHeaderBytes == null && token.Encoding == SerializationMode.Compact) { throw new JoseException(string.Format("Protected header was missing but required with compact encoding.")); } var exceptions = new List <Exception>(); foreach (var recipient in token.Recipients) { var headerAlg = settings.JwaAlgorithmFromHeader((string)recipient.JoseHeader["alg"]); var encryptedCek = recipient.EncryptedCek; // skip recipient if asked to do strict validation if (expectedJweAlg != null && expectedJweAlg != headerAlg) { continue; } IKeyManagement keys = settings.Jwa(headerAlg); if (keys == null) { throw new JoseException(string.Format("Unsupported JWA algorithm requested: {0}", headerAlg)); } try { JweEncryption headerEnc = settings.JweAlgorithmFromHeader((string)recipient.JoseHeader["enc"]); IJweAlgorithm enc = settings.Jwe(headerEnc); if (enc == null) { throw new JoseException(string.Format("Unsupported JWE algorithm requested: {0}", headerEnc)); } if (expectedJweEnc != null && expectedJweEnc != headerEnc) { throw new InvalidAlgorithmException("The encryption type passed to the Decrypt method did not match the encryption type in the header."); } byte[] cek = keys.Unwrap(recipient.EncryptedCek, key, enc.KeySize, recipient.JoseHeader); byte[] plaintext = enc.Decrypt(Aad(token.ProtectedHeaderBytes, token.Aad), cek, token.Iv, token.Ciphertext, token.AuthTag); if (recipient.JoseHeader.TryGetValue("zip", out var compressionAlg)) { var compression = settings.Compression((string)compressionAlg); plaintext = compression.Decompress(plaintext); } token.PlaintextBytes = plaintext; token.Recipient = recipient; return(token); } catch (ArgumentException ex) { exceptions.Add(ex); } catch (JoseException ex) { exceptions.Add(ex); } } // nobody was eligable for decryption if (exceptions.Count == 0) { throw new InvalidAlgorithmException("The algorithm type passed to the Decrypt method did not match the algorithm type in the header."); } // decryption failed if (exceptions.Select(e => new KeyValuePair <Type, String>(e.GetType(), e.Message)).Distinct().Count() == 1) { // throw the first throw exceptions[0]; } else { throw new JoseException($"No recipients able to decrypt.", new AggregateException(exceptions)); } }
/// <summary> /// Encodes given json string to JWT token and applies requested encryption/compression algorithms. /// Json string to encode will be obtained via configured IJsonMapper implementation. /// </summary> /// <param name="payload">json string to encode (not null or whitespace)</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <param name="alg">JWT algorithm to be used.</param> /// <param name="enc">encryption algorithm to be used.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraHeaders">optional extra headers to pass along with the payload.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string Encode(string payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null, JwtSettings settings = null) { byte[] plainText = Encoding.UTF8.GetBytes(payload); return(EncodeBytes(plainText, key, alg, enc, compression, extraHeaders, settings)); }
/// <summary> /// Encrypts given plaintext using JWE and applies requested encryption/compression algorithms. /// </summary> /// <param name="plaintext">Binary data to encrypt (not null)</param> /// <param name="recipients">The details of who to encrypt the plaintext (or rather the CEK) to.</param> /// <param name="enc">encryption algorithm to be used to encrypt the plaintext.</param> /// <param name="aad">additional authentication data (SerializationMode.Json only)</param> /// <param name="mode">serialization mode to use. Note only one recipient can be specified for compact and flattened json serialization.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraProtectedHeaders">optional extra headers to put in the protected header.</param> /// <param name="unprotectedHeaders">optional unprotected headers</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string Encrypt(string plaintext, IEnumerable <JweRecipient> recipients, JweEncryption enc, byte[] aad = null, SerializationMode mode = SerializationMode.Json, JweCompression?compression = null, IDictionary <string, object> extraProtectedHeaders = null, IDictionary <string, object> unprotectedHeaders = null, JwtSettings settings = null) { return(EncryptBytes(Encoding.UTF8.GetBytes(plaintext), recipients, enc, aad, mode, compression, extraProtectedHeaders, unprotectedHeaders, settings)); }
/// <summary> /// Encodes given binary data to JWT token and applies requested encryption/compression algorithms. /// </summary> /// <param name="payload">Binary data to encode (not null)</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <param name="alg">JWT algorithm to be used.</param> /// <param name="enc">encryption algorithm to be used.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraHeaders">optional extra headers to pass along with the payload.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string EncodeBytes(byte[] payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null, JwtSettings settings = null) { return(JWE.EncryptBytes(payload, new JweRecipient[] { new JweRecipient(alg, key) }, enc, aad: null, SerializationMode.Compact, compression, extraHeaders, null, settings)); }
public static T Decode <T>(string token, object key, JweAlgorithm alg, JweEncryption enc) { return(JWT.jsMapper.Parse <T>(JWT.Decode(token, key, alg, enc))); }
/// <summary> /// Encrypt a RestSharp request payload. /// </summary> /// <param name="request">A RestSharp request object</param> /// <param name="payload">The payload to be encrypted</param> /// <returns>The encrypted payload</returns> internal override string EncryptPayload(IRestRequest request, string payload) { return(JweEncryption.EncryptPayload(payload, _config)); }
public static string Encode(object payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null) { return(JWT.Encode(JsonConvert.SerializeObject(payload), key, alg, enc, compression, extraHeaders)); }
/// <summary> /// Decrypt a RestSharp response payload /// </summary> /// <param name="response">A RestSharp response object</param> /// <param name="encryptedPayload">The encrypted payload to be decrypted</param> /// <returns>The decrypted payload</returns> internal override string DecryptPayload(IRestResponse response, string encryptedPayload) { return(JweEncryption.DecryptPayload(encryptedPayload, _config)); }
public static string EncodeBytes(byte[] payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null) { if (payload == null) { throw new ArgumentNullException("payload"); } IKeyManagement item = JWT.KeyAlgorithms[alg]; IJweAlgorithm jweAlgorithm = JWT.EncAlgorithms[enc]; IDictionary <string, object> strs = new Dictionary <string, object>() { { "alg", JWT.JweAlgorithms[alg] }, { "enc", JWT.JweEncryptionMethods[enc] } }; Dictionaries.Append <string, object>(strs, extraHeaders); byte[][] numArray = item.WrapNewKey(jweAlgorithm.KeySize, key, strs); byte[] numArray1 = numArray[0]; byte[] numArray2 = numArray[1]; if (compression.HasValue) { strs["zip"] = JWT.JweCompressionMethods[compression.Value]; payload = JWT.CompressionAlgorithms[compression.Value].Compress(payload); } byte[] bytes = Encoding.UTF8.GetBytes(JWT.jsMapper.Serialize(strs)); byte[] bytes1 = Encoding.UTF8.GetBytes(Compact.Serialize(new byte[][] { bytes })); byte[][] numArray3 = jweAlgorithm.Encrypt(bytes1, payload, numArray1); return(Compact.Serialize(new byte[][] { bytes, numArray2, numArray3[0], numArray3[1], numArray3[2] })); }
/// <summary> /// Encodes given binary data to JWT token and applies requested encryption/compression algorithms. /// </summary> /// <param name="payload">Binary data to encode (not null)</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <param name="alg">JWT algorithm to be used.</param> /// <param name="enc">encryption algorithm to be used.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraHeaders">optional extra headers to pass along with the payload.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string EncodeBytes(byte[] payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null, JwtSettings settings = null) { if (payload == null) { throw new ArgumentNullException(nameof(payload)); } JwtSettings jwtSettings = GetSettings(settings); IKeyManagement keys = jwtSettings.Jwa(alg); IJweAlgorithm _enc = jwtSettings.Jwe(enc); if (keys == null) { throw new JoseException(string.Format("Unsupported JWA algorithm requested: {0}", alg)); } if (_enc == null) { throw new JoseException(string.Format("Unsupported JWE algorithm requested: {0}", enc)); } IDictionary <string, object> jwtHeader = new Dictionary <string, object> { { "alg", jwtSettings.JwaHeaderValue(alg) }, { "enc", jwtSettings.JweHeaderValue(enc) } }; Dictionaries.Append(jwtHeader, extraHeaders); byte[][] contentKeys = keys.WrapNewKey(_enc.KeySize, key, jwtHeader); byte[] cek = contentKeys[0]; byte[] encryptedCek = contentKeys[1]; if (compression.HasValue) { jwtHeader["zip"] = jwtSettings.CompressionHeader(compression.Value); payload = jwtSettings.Compression(compression.Value).Compress(payload); } byte[] header = Encoding.UTF8.GetBytes(jwtSettings.JsonMapper.Serialize(jwtHeader)); byte[] aad = Encoding.UTF8.GetBytes(Compact.Serialize(header)); byte[][] encParts = _enc.Encrypt(aad, payload, cek); return(Compact.Serialize(header, encryptedCek, encParts[0], encParts[1], encParts[2])); }
/// <summary> /// Serialize and encodes object to JWT token and applies requested encryption/compression algorithms. /// </summary> /// <param name="payload">json string to encode</param> /// <param name="key">key for encryption, suitable for provided JWS algorithm, can be null.</param> /// <param name="alg">JWT algorithm to be used.</param> /// <param name="enc">encryption algorithm to be used.</param> /// <param name="compression">optional compression type to use.</param> /// <param name="extraHeaders">optional extra headers to pass along with the payload.</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>JWT in compact serialization form, encrypted and/or compressed.</returns> public static string Encode(object payload, object key, JweAlgorithm alg, JweEncryption enc, JweCompression?compression = null, IDictionary <string, object> extraHeaders = null, JwtSettings settings = null) { return(Encode(GetSettings(settings).JsonMapper.Serialize(payload), key, alg, enc, compression, extraHeaders, settings)); }
/// <summary> /// Decodes JWT token by performing necessary decompression/decryption and signature verification as defined in JWT token header. /// Resulting json string is returned untouched (e.g. no parsing or mapping) /// </summary> /// <param name="token">JWT token in compact serialization form.</param> /// <param name="key">key for decoding suitable for JWT algorithm used.</param> /// <param name="alg">The algorithm type that we expect to receive in the header.</param> /// <param name="enc">The encryption type that we expect to receive in the header.</param> /// <param name="cek">The content encryption key derived during the decryption</param> /// <param name="settings">optional settings to override global DefaultSettings</param> /// <returns>decoded json string</returns> /// <exception cref="IntegrityException">if signature validation failed</exception> /// <exception cref="EncryptionException">if JWT token can't be decrypted</exception> /// <exception cref="InvalidAlgorithmException">if JWT signature, encryption or compression algorithm is not supported</exception> public static string Decode(string token, object key, JweAlgorithm alg, JweEncryption enc, out byte[] cek, JwtSettings settings = null) { return(Decode(token, out cek, key, null, alg, enc, settings)); }