public void ShouldKeepPublicKeyAfterUpdateAExpiredJwk(string algorithm, KeyType keyType) { var alg = JwsAlgorithm.Create(algorithm, keyType); var key = _keyService.GenerateSigningCredentials(new JwksOptions() { KeyPrefix = "ShouldGenerateManyRsa_", Jws = alg }); var privateKey = new SecurityKeyWithPrivate(); privateKey.SetJwsParameters(key.Key, alg); _jsonWebKeyStore.Save(privateKey); /*Remove private*/ _jsonWebKeyStore.Revoke(privateKey); var jsonWebKey = _keyService.GetLastKeysCredentials(JsonWebKeyType.Jws, 5).First(w => w.Kid == privateKey.KeyId); jsonWebKey.Kty.Should().NotBeNullOrEmpty(); jsonWebKey.HasPrivateKey.Should().BeFalse(); switch (jsonWebKey.Kty) { case JsonWebAlgorithmsKeyTypes.EllipticCurve: jsonWebKey.X.Should().NotBeNullOrEmpty(); jsonWebKey.Y.Should().NotBeNullOrEmpty(); break; case JsonWebAlgorithmsKeyTypes.RSA: jsonWebKey.N.Should().NotBeNullOrEmpty(); jsonWebKey.E.Should().NotBeNullOrEmpty(); break; case JsonWebAlgorithmsKeyTypes.Octet: jsonWebKey.K.Should().NotBeNullOrEmpty(); break; } }
public SigningCredentials GenerateSigningCredentials(JwksOptions options = null) { if (options == null) { options = _options.Value; } var key = _jwkService.Generate(options.Jws); var t = new SecurityKeyWithPrivate(); t.SetJwsParameters(key, options.Jws); _store.Save(t); return(new SigningCredentials(key, options.Jws)); }
public void ShouldRemovePrivateAndUpdate(string algorithm, KeyType keyType) { var alg = JwsAlgorithm.Create(algorithm, keyType); var key = _keyService.GenerateSigningCredentials(new JwksOptions() { KeyPrefix = "ShouldGenerateManyRsa_", Jws = alg }); var privateKey = new SecurityKeyWithPrivate(); privateKey.SetJwsParameters(key.Key, alg); _jsonWebKeyStore.Save(privateKey); /*Remove private*/ privateKey.Revoke(); _jsonWebKeyStore.Revoke(privateKey); }