예제 #1
0
        /// <summary>ES256のJWS生成メソッド</summary>
        /// <param name="payloadJson">ペイロード部のJson文字列</param>
        /// <returns>JWSの文字列表現</returns>
        public override string Create(string payloadJson)
        {
            // ヘッダー
            string headerJson = JsonConvert.SerializeObject(
                this.JWSHeader,
                new JsonSerializerSettings()
            {
                Formatting        = Formatting.None,
                NullValueHandling = NullValueHandling.Ignore
            });

            byte[] headerBytes   = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
            string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);

            // ペイロード
            byte[] payloadBytes   = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
            string payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);

            // 署名
            byte[] temp        = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
            string signEncoded = CustomEncode.ToBase64UrlString(this.Create2(temp)); // 派生を呼ぶ

            // return JWS by ES256
            return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
        }
 /// <summary>
 /// code_challenge_method=S256
 /// BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))</summary>
 /// <param name="code_verifier">string</param>
 /// <returns>code_challenge</returns>
 public static string PKCE_S256_CodeChallengeMethod(string code_verifier)
 {
     return(CustomEncode.ToBase64UrlString(
                GetHash.GetHashBytes(
                    CustomEncode.StringToByte(code_verifier, CustomEncode.us_ascii),
                    EnumHashAlgorithm.SHA256_M)));
 }
        /// <summary>CreateJwkFromDictionary</summary>
        /// <param name="dic">Dictionary</param>
        /// <param name="settings">JsonSerializerSettings</param>
        /// <returns>JwkString</returns>
        internal static string CreateJwkFromDictionary(
            Dictionary <string, string> dic,
            JsonSerializerSettings settings = null)
        {
            // JSON Web Key (JWK) Thumbprint
            // https://openid-foundation-japan.github.io/rfc7638.ja.html
            // kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Example
            //       https://openid-foundation-japan.github.io/rfc7638.ja.html#MembersUsed
            //       kidには、JWK の JWK Thumbprint 値などが用いられるらしい。
            //       ★ EC 公開鍵の必須メンバを辞書順に並べると、crv, kty, x, y となる。
            dic[JwtConst.kid] = CustomEncode.ToBase64UrlString(
                GetHash.GetHashBytes(
                    CustomEncode.StringToByte(
                        JsonConvert.SerializeObject(new
            {
                crv = dic[JwtConst.crv],
                kty = dic[JwtConst.kty],
                x   = dic[JwtConst.x],
                y   = dic[JwtConst.y]
            }),
                        CustomEncode.UTF_8),
                    EnumHashAlgorithm.SHA256_M));

            //dic["ext"] = "false"; // 定義をRFC上に発見できない。

            if (settings == null)
            {
                return(JsonConvert.SerializeObject(dic));
            }
            else
            {
                return(JsonConvert.SerializeObject(dic, settings));
            }
        }
예제 #4
0
        /// <summary>HSXXXのJWS生成メソッド</summary>
        /// <param name="payloadJson">ペイロード部のJson文字列</param>
        /// <returns>JWSの文字列表現</returns>
        public override string Create(string payloadJson)
        {
            // ヘッダー
            JWS_Header headerObject = new JWS_Header {
                alg = this.JwtConstHSnnn
            };

            string headerJson = JsonConvert.SerializeObject(
                headerObject,
                new JsonSerializerSettings()
            {
                Formatting        = Formatting.None,
                NullValueHandling = NullValueHandling.Ignore
            });

            byte[] headerBytes   = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
            string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);

            // ペイロード
            byte[] payloadBytes   = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
            string payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);

            // 署名
            byte[] data        = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
            HMAC   sa          = this.CreateHMACSHA(this.Key);
            string signEncoded = CustomEncode.ToBase64UrlString(sa.ComputeHash(data));

            return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
        }
예제 #5
0
 /// <summary>
 /// SHA256でat_hash, c_hashを作成。
 /// (現時点でRS256固定になっているので)
 /// </summary>
 /// <returns>hash</returns>
 public static string CreateHash(string input)
 {
     // ID Token の JOSE Header にある alg Header Parameterのアルゴリズムで使用されるハッシュアルゴリズムを用い、
     // input(access_token や code) のASCII オクテット列からハッシュ値を求め、左半分を base64url エンコードした値。
     return(CustomEncode.ToBase64UrlString(
                PubCmnFunction.ShortenByteArray(
                    GetHash.GetHashBytes(
                        CustomEncode.StringToByte(input, CustomEncode.us_ascii),
                        EnumHashAlgorithm.SHA256Managed), (256 / 2))));
 }
예제 #6
0
        /// <summary>Constructor</summary>
        /// <param name="key">byte[]</param>
        public JWT_HS256(byte[] key)
        {
            this.Key = key;

            // mkjwk - JSON Web Key Generator
            // https://mkjwk.org
            // JWK - マイクロソフト系技術情報 Wiki > 詳細 > パラメタ(JWA) > Parameters for Symmetric Keys
            // https://techinfoofmicrosofttech.osscons.jp/index.php?JWK#r5be7fb8

            this.JWK = "{ 'kty': 'oct', 'use': 'sig', 'alg': 'HS256', 'k': 'password' }";
            this.JWK = this.JWK.Replace("password", CustomEncode.ToBase64UrlString(key));
        }
예제 #7
0
        /// <summary>
        /// at_hash, c_hash, s_hashを作成
        /// (SHA256→HS256,RS256,ES256対応可能)
        /// </summary>
        /// <param name="input">string</param>
        /// <returns>hash</returns>
        public static string CreateHash(string input)
        {
            // ID Token の JOSE Header にある
            // alg Header Parameterのアルゴリズムで使用されるハッシュアルゴリズムを用い、
            // input(access_token や code) のASCII オクテット列からハッシュ値を求め、
            byte[] bytes = GetHash.GetHashBytes(
                CustomEncode.StringToByte(input, CustomEncode.us_ascii),
                EnumHashAlgorithm.SHA256_M);

            // 左半分を base64url エンコードした値。
            return(CustomEncode.ToBase64UrlString(
                       ArrayOperator.ShortenByteArray(bytes, (bytes.Length / 2))));
        }
예제 #8
0
        /// <summary>JWT検証</summary>
        private void btnJWTVerify_Click(object sender, EventArgs e)
        {
            bool ret = false;

            if (rbnJWTHS256.Checked)
            {
                // HS256

                // 入力
                string[] temp = this.txtJWTSign.Text.Split('.');

                // 改変可能なフィールドから入力
                string newJWT =
                    CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
                    + "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
                    + "." + temp[2];

                // 検証
                JWT_HS256 jwtHS256 = new JWT_HS256(CustomEncode.StringToByte(this.txtJWTKey.Text, CustomEncode.UTF_8));
                ret = jwtHS256.Verify(newJWT);
            }
            else
            {
                // RS256 (X509Cer)

                // 入力
                string[] temp = this.txtJWTSign.Text.Split('.');

                // 改変可能なフィールドから入力
                string newJWT =
                    CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
                    + "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
                    + "." + temp[2];

                // 検証
                JWT_RS256 jwtRS256 = new JWT_RS256(this.CertificateFilePath_cer, "");
                ret = jwtRS256.Verify(newJWT);
            }

            if (ret)
            {
                MessageBox.Show("検証成功");
            }
            else
            {
                MessageBox.Show("検証失敗");
            }
        }
예제 #9
0
        /// <summary>ParamToJwk</summary>
        /// <param name="ecParams">ECParameters</param>
        /// <param name="settings">JsonSerializerSettings</param>
        /// <returns>Jwk公開鍵</returns>
        public string ParamToJwk(ECParameters ecParams, JsonSerializerSettings settings)
        {
            Dictionary <string, string> dic = new Dictionary <string, string>();

            dic[JwtConst.kty] = JwtConst.EC; // 必須
            dic[JwtConst.alg] = this.JwtConstESnnn;

            // 楕円曲線
            dic[JwtConst.crv] = this.GetCrvStringFromECCurve(ecParams.Curve);

            // Public
            dic[JwtConst.x] = CustomEncode.ToBase64UrlString(ecParams.Q.X);
            dic[JwtConst.y] = CustomEncode.ToBase64UrlString(ecParams.Q.Y);

            // Private
            dic[JwtConst.d] = CustomEncode.ToBase64UrlString(ecParams.D);

            return(this.CreateJwkFromDictionary(dic, settings));
        }
        // <参考>
        // JSON Web Key (JWK)
        // https://openid-foundation-japan.github.io/rfc7517.ja.html
        //   を、"kty":"RSA"で検索するとイイ。
        //
        // A.1.  Example Public Keys
        // https://openid-foundation-japan.github.io/rfc7517.ja.html#PublicExample
        // A.2.  Example Private Keys
        // https://openid-foundation-japan.github.io/rfc7517.ja.html#PrivateExample
        // C.1.  Plaintext RSA Private Key
        // https://openid-foundation-japan.github.io/rfc7517.ja.html#example-privkey-plaintext

        // ECCurve support of EccKey.
        // https://github.com/dvsekhvalnov/jose-jwt/issues/105
        // RSAParameters ⇔ Jwk
        // https://github.com/psteniusubi/jose-jwt/blob/master/jose-jwt/jwk/JwkRsa.cs
        // <Param to jwk>                             // <Jwk to param>
        //header.Set("kty", "RSA");                   //RSAParameters parameters = new RSAParameters();
        //header.Set("n", parameters.Modulus);        //parameters.Modulus = header.GetBytes("n");
        //header.Set("e", parameters.Exponent);       //parameters.Exponent = header.GetBytes("e");
        //
        // ココから下は秘密鍵の領域                   // ココから下は秘密鍵の領域
        //if (includePrivateParameters)               //if (header.ContainsKey("d"))
        //{                                           //{
        //    header.Set("d", parameters.D);          //    parameters.D = header.GetBytes("d");
        //    header.Set("p", parameters.P);          //    parameters.P = header.GetBytes("p");
        //    header.Set("q", parameters.Q);          //    parameters.Q = header.GetBytes("q");
        //    header.Set("dp", parameters.DP);        //    parameters.DP = header.GetBytes("dp");
        //    header.Set("dq", parameters.DQ);        //    parameters.DQ = header.GetBytes("dq");
        //    header.Set("qi", parameters.InverseQ);  //    parameters.InverseQ = header.GetBytes("qi");
        //}                                           //}
        //                                            // ↓↓↓
        //                                            //RSA rsa = RSA.Create();
        //                                            //rsa.ImportParameters(parameters);
        //                                            //return rsa;

        #region ParamToJwk
        /// <summary>ParamToJwk</summary>
        /// <param name="param">RSAParameters</param>
        /// <param name="settings">JsonSerializerSettings</param>
        /// <returns>Jwk公開鍵</returns>
        public string ParamToJwk(
            RSAParameters param,
            JsonSerializerSettings settings = null)
        {
            Dictionary <string, string> dic = new Dictionary <string, string>();

            dic[JwtConst.kty] = JwtConst.RSA; // 必須
            dic[JwtConst.alg] = this.JwtConstRSnnn;

            // Public
            dic[JwtConst.n] = CustomEncode.ToBase64UrlString(param.Modulus);
            dic[JwtConst.e] = CustomEncode.ToBase64UrlString(param.Exponent); //"AQAB";

            // JSON Web Key (JWK) Thumbprint
            // https://openid-foundation-japan.github.io/rfc7638.ja.html
            // kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Example
            //       https://openid-foundation-japan.github.io/rfc7638.ja.html#MembersUsed
            //       kidには、JWK の JWK Thumbprint 値などが用いられるらしい。
            //       ★ RSA 公開鍵の必須メンバを辞書順に並べると、e, kty, n となる。

            dic[JwtConst.kid] = CustomEncode.ToBase64UrlString(
                GetHash.GetHashBytes(
                    CustomEncode.StringToByte(
                        JsonConvert.SerializeObject(new
            {
                e   = dic[JwtConst.e],
                kty = dic[JwtConst.kty],
                n   = dic[JwtConst.n]
            }),
                        CustomEncode.UTF_8),
                    this.HashAlgorithm));

            //dic["ext"] = "false"; // 定義をRFC上に発見できない。

            if (settings == null)
            {
                return(JsonConvert.SerializeObject(dic));
            }
            else
            {
                return(JsonConvert.SerializeObject(dic, settings));
            }
        }
예제 #11
0
        /// <summary>JWE生成メソッド</summary>
        /// <param name="payloadJson">ペイロード部のJson文字列</param>
        /// <returns>JWEの文字列表現</returns>
        public string Create(string payloadJson)
        {
            // ヘッダー
            string headerJson = JsonConvert.SerializeObject(
                this.JWEHeader,
                new JsonSerializerSettings()
            {
                Formatting        = Formatting.None,
                NullValueHandling = NullValueHandling.Ignore
            });

            byte[] headerBytes   = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
            string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);

            // コンテンツ暗号化キー(CEK)
            byte[] cekBytes            = GetPassword.RandomByte(this.CekByteLength);
            byte[] encryptedCekBytes   = this.CreateKey(cekBytes); // 派生を呼ぶ
            string encryptedCekEncoded = CustomEncode.ToBase64UrlString(encryptedCekBytes);

            // 初期化ベクトル
            byte[] ivBytes   = GetPassword.RandomByte(this.IvByteLength);
            string ivEncoded = CustomEncode.ToBase64UrlString(ivBytes);

            // 追加認証データ(AAD)
            byte[] aadBytes = CustomEncode.StringToByte(headerEncoded, CustomEncode.us_ascii);

            // ペイロード(認証付き暗号(AEAD)による暗号化)
            byte[]     payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
            AeadResult result       = this.CreateBody(cekBytes, ivBytes, aadBytes, payloadBytes); // 派生を呼ぶ

            byte[] encryptedPayloadBytes   = result.Ciphert;
            string encryptedPayloadEncoded = CustomEncode.ToBase64UrlString(encryptedPayloadBytes);

            // 認証タグ(MAC)
            byte[] macBytes   = result.Tag;
            string macEncoded = CustomEncode.ToBase64UrlString(macBytes);

            // return JWE
            return(headerEncoded + "." +
                   encryptedCekEncoded + "." + ivEncoded + "." +
                   encryptedPayloadEncoded + "." + macEncoded);
        }
        /// <summary>ParamToJwk</summary>
        /// <param name="ecParams">ECParameters</param>
        /// <param name="settings">JsonSerializerSettings</param>
        /// <returns>Jwk公開鍵</returns>
        public static string ParamToJwk(
            ECParameters ecParams,
            JsonSerializerSettings settings = null)
        {
            Dictionary <string, string> dic = new Dictionary <string, string>();

            dic[JwtConst.kty] = JwtConst.EC; // 必須
            dic[JwtConst.alg] = JwtConst.ES256;

            // 楕円曲線
            dic[JwtConst.crv] = EccPublicKeyConverter.GetCrvStringFromECCurve(ecParams.Curve);
            // 公開鍵の部分
            dic[JwtConst.x] = CustomEncode.ToBase64UrlString(ecParams.Q.X);
            dic[JwtConst.y] = CustomEncode.ToBase64UrlString(ecParams.Q.Y);
            //if (ecParams.D != null) // 秘密鍵の部分は処理しない
            //{
            //    dic[JwtConst.d] = CustomEncode.ToBase64UrlString(ecParams.D);
            //}

            return(EccPublicKeyConverter.CreateJwkFromDictionary(dic, settings));
        }
예제 #13
0
        /// <summary>RS256のJWT生成メソッド</summary>
        /// <param name="payloadJson">ペイロード部のJson文字列</param>
        /// <returns>JWTの文字列表現</returns>
        public override string Create(string payloadJson)
        {
            // ヘッダー
            var headerObject = new Header {
                alg = "RS256"
            };
            string headerJson = JsonConvert.SerializeObject(headerObject, Formatting.None);

            byte[] headerBytes   = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
            string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);

            // ペイロード
            var payloadBytes   = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
            var payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);

            // 署名
            byte[] temp        = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
            string signEncoded = CustomEncode.ToBase64UrlString(this._cs.Sign(temp));

            // return JWT by RS256
            return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
        }
예제 #14
0
        /// <summary>RS256のJWT検証メソッド</summary>
        /// <param name="jwtString">JWTの文字列表現</param>
        /// <returns>署名の検証結果</returns>
        public override bool Verify(string jwtString)
        {
            string[] temp = jwtString.Split('.');

            // 検証
            Header headerObject = (Header)JsonConvert.DeserializeObject(
                CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(Header));

            if (headerObject.alg == "HS256" && headerObject.typ == "JWT")
            {
                byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8);
                byte[] sign = CustomEncode.FromBase64UrlString(temp[2]);

                HMACSHA256 sa = new HMACSHA256(this._key);

                return(CustomEncode.ToBase64UrlString(sign)
                       == CustomEncode.ToBase64UrlString(sa.ComputeHash(data)));
            }
            else
            {
                return(false);
            }
        }
예제 #15
0
        /// <summary>HS256のJWT生成メソッド</summary>
        /// <param name="payloadJson">ペイロード部のJson文字列</param>
        /// <returns>JWTの文字列表現</returns>
        public override string Create(string payloadJson)
        {
            // ヘッダー
            var headerObject = new Header {
                alg = "HS256"
            };
            string headerJson = JsonConvert.SerializeObject(headerObject, Formatting.None);

            byte[] headerBytes   = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
            string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);

            // ペイロード
            var payloadBytes   = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
            var payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);

            // 署名
            byte[]     data        = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
            HMACSHA256 sa          = new HMACSHA256(this._key);
            string     signEncoded = CustomEncode.ToBase64UrlString(sa.ComputeHash(data));

            // return JWT by RS256
            return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
        }
예제 #16
0
        /// <summary>
        /// ParamToJwkPublicKey
        /// RSAParametersからJwk公開鍵へ変換
        /// </summary>
        /// <param name="param">RSAParameters</param>
        /// <returns>JwkPublicKey</returns>
        public static string ParamToJwkPublicKey(RSAParameters param)
        {
            /*
             * FIDO2.0 の Web Authentication API が生成する公開鍵の例
             * {
             *  "alg": "RS256",
             *  "e": "AQAB",
             *  "ext": false,
             *  "kty": "RSA",
             *  "n": "・・・"
             * }
             */

            Dictionary <string, string> dic = new Dictionary <string, string>();

            dic["kty"] = "RSA"; // 必須
            dic["alg"] = "RS256";
            dic["n"]   = CustomEncode.ToBase64UrlString(param.Modulus);
            dic["e"]   = CustomEncode.ToBase64UrlString(param.Exponent); //"AQAB";
            //dic["ext"] = "false"; // 定義をRFC上に発見できない。

            return(JsonConvert.SerializeObject(dic));
        }
예제 #17
0
        /// <summary>HSXXXのJWS検証メソッド</summary>
        /// <param name="jwtString">JWSの文字列表現</param>
        /// <returns>署名の検証結果</returns>
        public override bool Verify(string jwtString)
        {
            string[] temp = jwtString.Split('.');

            // 検証
            JWS_Header headerObject = (JWS_Header)JsonConvert.DeserializeObject(
                CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(JWS_Header));

            if (headerObject.alg.ToUpper() == this.JwtConstHSnnn &&
                headerObject.typ.ToUpper() == JwtConst.JWT)
            {
                byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8);
                byte[] sign = CustomEncode.FromBase64UrlString(temp[2]);

                HMAC sa = this.CreateHMACSHA(this.Key);

                return(CustomEncode.ToBase64UrlString(sign)
                       == CustomEncode.ToBase64UrlString(sa.ComputeHash(data)));
            }
            else
            {
                return(false);
            }
        }
예제 #18
0
        /// <summary>ParamToJwk</summary>
        /// <param name="rsaParameters">RSAParameters</param>
        /// <param name="settings">JsonSerializerSettings</param>
        /// <returns>Jwk公開鍵</returns>
        public string ParamToJwk(RSAParameters rsaParameters, JsonSerializerSettings settings)
        {
            Dictionary <string, string> dic = new Dictionary <string, string>();

            dic[JwtConst.kty] = JwtConst.RSA; // 必須
            dic[JwtConst.alg] = this.JwtConstRSnnn;

            // Public
            dic[JwtConst.n] = CustomEncode.ToBase64UrlString(rsaParameters.Modulus);
            dic[JwtConst.e] = CustomEncode.ToBase64UrlString(rsaParameters.Exponent); //"AQAB";

            // Private
            dic[JwtConst.d]  = CustomEncode.ToBase64UrlString(rsaParameters.D);
            dic[JwtConst.p]  = CustomEncode.ToBase64UrlString(rsaParameters.P);
            dic[JwtConst.q]  = CustomEncode.ToBase64UrlString(rsaParameters.Q);
            dic[JwtConst.dp] = CustomEncode.ToBase64UrlString(rsaParameters.DP);
            dic[JwtConst.dq] = CustomEncode.ToBase64UrlString(rsaParameters.DQ);
            dic[JwtConst.qi] = CustomEncode.ToBase64UrlString(rsaParameters.InverseQ);

            // JSON Web Key (JWK) Thumbprint
            // https://openid-foundation-japan.github.io/rfc7638.ja.html
            // kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Private

            // JwkSetに格納しないので、今のところ、Thumbprintは取らない。

            //dic["ext"] = "false"; // 定義をRFC上に発見できない。

            if (settings == null)
            {
                return(JsonConvert.SerializeObject(dic));
            }
            else
            {
                return(JsonConvert.SerializeObject(dic, settings));
            }
        }
예제 #19
0
        /// <summary>JWT検証</summary>
        private void btnJWTVerify_Click(object sender, EventArgs e)
        {
            bool ret = false;

            if (rbnJWTHS256.Checked)
            {
                // HS256

                // 入力
                string[] temp = this.txtJWTSign.Text.Split('.');

                // 改変可能なフィールドから入力
                string newJWT =
                    CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
                    + "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
                    + "." + temp[2];

                // 検証
                //JWT_HS256 jwtHS256 = new JWT_HS256(CustomEncode.StringToByte(this.txtJWTKey.Text, CustomEncode.UTF_8));
                JWT_HS256 jwtHS256 = new JWT_HS256(this.txtJWTJWK.Text);
                ret = jwtHS256.Verify(newJWT);
            }
            else if (rbnJWTRS256_XML.Checked)
            {
                // RS256 (XML)

                // 入力
                string[] temp = this.txtJWTSign.Text.Split('.');

                // 改変可能なフィールドから入力
                string newJWT =
                    CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
                    + "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
                    + "." + temp[2];

                // 検証
                JWT_RS256_XML jwtRS256 = new JWT_RS256_XML(this.txtJWTKey.Text);
                ret = jwtRS256.Verify(newJWT);
            }
            else if (rbnJWTRS256_Param.Checked)
            {
                // RS256 (Param)

                // 入力
                string[] temp = this.txtJWTSign.Text.Split('.');

                // 改変可能なフィールドから入力
                string newJWT =
                    CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
                    + "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
                    + "." + temp[2];

                // 検証
                //JWT_RS256_Param jwtRS256 = new JWT_RS256_Param(
                //    RS256_KeyConverter.XmlToProvider(this.txtJWTKey.Text).ExportParameters(false));
                JWT_RS256_Param jwtRS256 = new JWT_RS256_Param(
                    RS256_KeyConverter.JwkToProvider(this.txtJWTJWK.Text).ExportParameters(false));
                ret = jwtRS256.Verify(newJWT);
            }
            else
            {
                // RS256 (X509)

                // 入力
                string[] temp = this.txtJWTSign.Text.Split('.');

                // 改変可能なフィールドから入力
                string newJWT =
                    CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
                    + "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
                    + "." + temp[2];

                // 検証
                JWT_RS256_X509 jwtRS256 = new JWT_RS256_X509(this.CertificateFilePath_cer, "");
                ret = jwtRS256.Verify(newJWT);
            }

            if (ret)
            {
                MessageBox.Show("検証成功");
            }
            else
            {
                MessageBox.Show("検証失敗");
            }
        }
예제 #20
0
 /// <summary>Constructor</summary>
 public JWT_HS256(byte[] key)
 {
     this._key = key;
     this.JWK  = this.JWK.Replace("password", CustomEncode.ToBase64UrlString(key));
 }
예제 #21
0
 /// <summary>Base64UrlSecretを生成</summary>
 /// <param name="byteSize">サイズ(バイト)</param>
 /// <returns>Base64UrlSecret</returns>
 public static string Base64UrlSecret(int byteSize)
 {
     return(CustomEncode.ToBase64UrlString(GetPassword.RandomByte(byteSize)));
 }