/// <summary>ES256のJWS生成メソッド</summary>
/// <param name="payloadJson">ペイロード部のJson文字列</param>
/// <returns>JWSの文字列表現</returns>
public override string Create(string payloadJson)
{
// ヘッダー
string headerJson = JsonConvert.SerializeObject(
this.JWSHeader,
new JsonSerializerSettings()
{
Formatting = Formatting.None,
NullValueHandling = NullValueHandling.Ignore
});
byte[] headerBytes = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);
// ペイロード
byte[] payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
string payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);
// 署名
byte[] temp = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
string signEncoded = CustomEncode.ToBase64UrlString(this.Create2(temp)); // 派生を呼ぶ
// return JWS by ES256
return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
}
/// <summary>
/// code_challenge_method=S256
/// BASE64URL-ENCODE(SHA256(ASCII(code_verifier)))</summary>
/// <param name="code_verifier">string</param>
/// <returns>code_challenge</returns>
public static string PKCE_S256_CodeChallengeMethod(string code_verifier)
{
return(CustomEncode.ToBase64UrlString(
GetHash.GetHashBytes(
CustomEncode.StringToByte(code_verifier, CustomEncode.us_ascii),
EnumHashAlgorithm.SHA256_M)));
}
/// <summary>CreateJwkFromDictionary</summary>
/// <param name="dic">Dictionary</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>JwkString</returns>
internal static string CreateJwkFromDictionary(
Dictionary <string, string> dic,
JsonSerializerSettings settings = null)
{
// JSON Web Key (JWK) Thumbprint
// https://openid-foundation-japan.github.io/rfc7638.ja.html
// kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Example
// https://openid-foundation-japan.github.io/rfc7638.ja.html#MembersUsed
// kidには、JWK の JWK Thumbprint 値などが用いられるらしい。
// ★ EC 公開鍵の必須メンバを辞書順に並べると、crv, kty, x, y となる。
dic[JwtConst.kid] = CustomEncode.ToBase64UrlString(
GetHash.GetHashBytes(
CustomEncode.StringToByte(
JsonConvert.SerializeObject(new
{
crv = dic[JwtConst.crv],
kty = dic[JwtConst.kty],
x = dic[JwtConst.x],
y = dic[JwtConst.y]
}),
CustomEncode.UTF_8),
EnumHashAlgorithm.SHA256_M));
//dic["ext"] = "false"; // 定義をRFC上に発見できない。
if (settings == null)
{
return(JsonConvert.SerializeObject(dic));
}
else
{
return(JsonConvert.SerializeObject(dic, settings));
}
}
/// <summary>HSXXXのJWS生成メソッド</summary>
/// <param name="payloadJson">ペイロード部のJson文字列</param>
/// <returns>JWSの文字列表現</returns>
public override string Create(string payloadJson)
{
// ヘッダー
JWS_Header headerObject = new JWS_Header {
alg = this.JwtConstHSnnn
};
string headerJson = JsonConvert.SerializeObject(
headerObject,
new JsonSerializerSettings()
{
Formatting = Formatting.None,
NullValueHandling = NullValueHandling.Ignore
});
byte[] headerBytes = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);
// ペイロード
byte[] payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
string payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);
// 署名
byte[] data = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
HMAC sa = this.CreateHMACSHA(this.Key);
string signEncoded = CustomEncode.ToBase64UrlString(sa.ComputeHash(data));
return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
}
/// <summary>
/// SHA256でat_hash, c_hashを作成。
/// (現時点でRS256固定になっているので)
/// </summary>
/// <returns>hash</returns>
public static string CreateHash(string input)
{
// ID Token の JOSE Header にある alg Header Parameterのアルゴリズムで使用されるハッシュアルゴリズムを用い、
// input(access_token や code) のASCII オクテット列からハッシュ値を求め、左半分を base64url エンコードした値。
return(CustomEncode.ToBase64UrlString(
PubCmnFunction.ShortenByteArray(
GetHash.GetHashBytes(
CustomEncode.StringToByte(input, CustomEncode.us_ascii),
EnumHashAlgorithm.SHA256Managed), (256 / 2))));
}
/// <summary>Constructor</summary>
/// <param name="key">byte[]</param>
public JWT_HS256(byte[] key)
{
this.Key = key;
// mkjwk - JSON Web Key Generator
// https://mkjwk.org
// JWK - マイクロソフト系技術情報 Wiki > 詳細 > パラメタ(JWA) > Parameters for Symmetric Keys
// https://techinfoofmicrosofttech.osscons.jp/index.php?JWK#r5be7fb8
this.JWK = "{ 'kty': 'oct', 'use': 'sig', 'alg': 'HS256', 'k': 'password' }";
this.JWK = this.JWK.Replace("password", CustomEncode.ToBase64UrlString(key));
}
/// <summary>
/// at_hash, c_hash, s_hashを作成
/// (SHA256→HS256,RS256,ES256対応可能)
/// </summary>
/// <param name="input">string</param>
/// <returns>hash</returns>
public static string CreateHash(string input)
{
// ID Token の JOSE Header にある
// alg Header Parameterのアルゴリズムで使用されるハッシュアルゴリズムを用い、
// input(access_token や code) のASCII オクテット列からハッシュ値を求め、
byte[] bytes = GetHash.GetHashBytes(
CustomEncode.StringToByte(input, CustomEncode.us_ascii),
EnumHashAlgorithm.SHA256_M);
// 左半分を base64url エンコードした値。
return(CustomEncode.ToBase64UrlString(
ArrayOperator.ShortenByteArray(bytes, (bytes.Length / 2))));
}
/// <summary>JWT検証</summary>
private void btnJWTVerify_Click(object sender, EventArgs e)
{
bool ret = false;
if (rbnJWTHS256.Checked)
{
// HS256
// 入力
string[] temp = this.txtJWTSign.Text.Split('.');
// 改変可能なフィールドから入力
string newJWT =
CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
+ "." + temp[2];
// 検証
JWT_HS256 jwtHS256 = new JWT_HS256(CustomEncode.StringToByte(this.txtJWTKey.Text, CustomEncode.UTF_8));
ret = jwtHS256.Verify(newJWT);
}
else
{
// RS256 (X509Cer)
// 入力
string[] temp = this.txtJWTSign.Text.Split('.');
// 改変可能なフィールドから入力
string newJWT =
CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
+ "." + temp[2];
// 検証
JWT_RS256 jwtRS256 = new JWT_RS256(this.CertificateFilePath_cer, "");
ret = jwtRS256.Verify(newJWT);
}
if (ret)
{
MessageBox.Show("検証成功");
}
else
{
MessageBox.Show("検証失敗");
}
}
/// <summary>ParamToJwk</summary>
/// <param name="ecParams">ECParameters</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public string ParamToJwk(ECParameters ecParams, JsonSerializerSettings settings)
{
Dictionary <string, string> dic = new Dictionary <string, string>();
dic[JwtConst.kty] = JwtConst.EC; // 必須
dic[JwtConst.alg] = this.JwtConstESnnn;
// 楕円曲線
dic[JwtConst.crv] = this.GetCrvStringFromECCurve(ecParams.Curve);
// Public
dic[JwtConst.x] = CustomEncode.ToBase64UrlString(ecParams.Q.X);
dic[JwtConst.y] = CustomEncode.ToBase64UrlString(ecParams.Q.Y);
// Private
dic[JwtConst.d] = CustomEncode.ToBase64UrlString(ecParams.D);
return(this.CreateJwkFromDictionary(dic, settings));
}
// <参考>
// JSON Web Key (JWK)
// https://openid-foundation-japan.github.io/rfc7517.ja.html
// を、"kty":"RSA"で検索するとイイ。
//
// A.1. Example Public Keys
// https://openid-foundation-japan.github.io/rfc7517.ja.html#PublicExample
// A.2. Example Private Keys
// https://openid-foundation-japan.github.io/rfc7517.ja.html#PrivateExample
// C.1. Plaintext RSA Private Key
// https://openid-foundation-japan.github.io/rfc7517.ja.html#example-privkey-plaintext
// ECCurve support of EccKey.
// https://github.com/dvsekhvalnov/jose-jwt/issues/105
// RSAParameters ⇔ Jwk
// https://github.com/psteniusubi/jose-jwt/blob/master/jose-jwt/jwk/JwkRsa.cs
// <Param to jwk> // <Jwk to param>
//header.Set("kty", "RSA"); //RSAParameters parameters = new RSAParameters();
//header.Set("n", parameters.Modulus); //parameters.Modulus = header.GetBytes("n");
//header.Set("e", parameters.Exponent); //parameters.Exponent = header.GetBytes("e");
//
// ココから下は秘密鍵の領域 // ココから下は秘密鍵の領域
//if (includePrivateParameters) //if (header.ContainsKey("d"))
//{ //{
// header.Set("d", parameters.D); // parameters.D = header.GetBytes("d");
// header.Set("p", parameters.P); // parameters.P = header.GetBytes("p");
// header.Set("q", parameters.Q); // parameters.Q = header.GetBytes("q");
// header.Set("dp", parameters.DP); // parameters.DP = header.GetBytes("dp");
// header.Set("dq", parameters.DQ); // parameters.DQ = header.GetBytes("dq");
// header.Set("qi", parameters.InverseQ); // parameters.InverseQ = header.GetBytes("qi");
//} //}
// // ↓↓↓
// //RSA rsa = RSA.Create();
// //rsa.ImportParameters(parameters);
// //return rsa;
#region ParamToJwk
/// <summary>ParamToJwk</summary>
/// <param name="param">RSAParameters</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public string ParamToJwk(
RSAParameters param,
JsonSerializerSettings settings = null)
{
Dictionary <string, string> dic = new Dictionary <string, string>();
dic[JwtConst.kty] = JwtConst.RSA; // 必須
dic[JwtConst.alg] = this.JwtConstRSnnn;
// Public
dic[JwtConst.n] = CustomEncode.ToBase64UrlString(param.Modulus);
dic[JwtConst.e] = CustomEncode.ToBase64UrlString(param.Exponent); //"AQAB";
// JSON Web Key (JWK) Thumbprint
// https://openid-foundation-japan.github.io/rfc7638.ja.html
// kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Example
// https://openid-foundation-japan.github.io/rfc7638.ja.html#MembersUsed
// kidには、JWK の JWK Thumbprint 値などが用いられるらしい。
// ★ RSA 公開鍵の必須メンバを辞書順に並べると、e, kty, n となる。
dic[JwtConst.kid] = CustomEncode.ToBase64UrlString(
GetHash.GetHashBytes(
CustomEncode.StringToByte(
JsonConvert.SerializeObject(new
{
e = dic[JwtConst.e],
kty = dic[JwtConst.kty],
n = dic[JwtConst.n]
}),
CustomEncode.UTF_8),
this.HashAlgorithm));
//dic["ext"] = "false"; // 定義をRFC上に発見できない。
if (settings == null)
{
return(JsonConvert.SerializeObject(dic));
}
else
{
return(JsonConvert.SerializeObject(dic, settings));
}
}
/// <summary>JWE生成メソッド</summary>
/// <param name="payloadJson">ペイロード部のJson文字列</param>
/// <returns>JWEの文字列表現</returns>
public string Create(string payloadJson)
{
// ヘッダー
string headerJson = JsonConvert.SerializeObject(
this.JWEHeader,
new JsonSerializerSettings()
{
Formatting = Formatting.None,
NullValueHandling = NullValueHandling.Ignore
});
byte[] headerBytes = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);
// コンテンツ暗号化キー(CEK)
byte[] cekBytes = GetPassword.RandomByte(this.CekByteLength);
byte[] encryptedCekBytes = this.CreateKey(cekBytes); // 派生を呼ぶ
string encryptedCekEncoded = CustomEncode.ToBase64UrlString(encryptedCekBytes);
// 初期化ベクトル
byte[] ivBytes = GetPassword.RandomByte(this.IvByteLength);
string ivEncoded = CustomEncode.ToBase64UrlString(ivBytes);
// 追加認証データ(AAD)
byte[] aadBytes = CustomEncode.StringToByte(headerEncoded, CustomEncode.us_ascii);
// ペイロード(認証付き暗号(AEAD)による暗号化)
byte[] payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
AeadResult result = this.CreateBody(cekBytes, ivBytes, aadBytes, payloadBytes); // 派生を呼ぶ
byte[] encryptedPayloadBytes = result.Ciphert;
string encryptedPayloadEncoded = CustomEncode.ToBase64UrlString(encryptedPayloadBytes);
// 認証タグ(MAC)
byte[] macBytes = result.Tag;
string macEncoded = CustomEncode.ToBase64UrlString(macBytes);
// return JWE
return(headerEncoded + "." +
encryptedCekEncoded + "." + ivEncoded + "." +
encryptedPayloadEncoded + "." + macEncoded);
}
/// <summary>ParamToJwk</summary>
/// <param name="ecParams">ECParameters</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public static string ParamToJwk(
ECParameters ecParams,
JsonSerializerSettings settings = null)
{
Dictionary <string, string> dic = new Dictionary <string, string>();
dic[JwtConst.kty] = JwtConst.EC; // 必須
dic[JwtConst.alg] = JwtConst.ES256;
// 楕円曲線
dic[JwtConst.crv] = EccPublicKeyConverter.GetCrvStringFromECCurve(ecParams.Curve);
// 公開鍵の部分
dic[JwtConst.x] = CustomEncode.ToBase64UrlString(ecParams.Q.X);
dic[JwtConst.y] = CustomEncode.ToBase64UrlString(ecParams.Q.Y);
//if (ecParams.D != null) // 秘密鍵の部分は処理しない
//{
// dic[JwtConst.d] = CustomEncode.ToBase64UrlString(ecParams.D);
//}
return(EccPublicKeyConverter.CreateJwkFromDictionary(dic, settings));
}
/// <summary>RS256のJWT生成メソッド</summary>
/// <param name="payloadJson">ペイロード部のJson文字列</param>
/// <returns>JWTの文字列表現</returns>
public override string Create(string payloadJson)
{
// ヘッダー
var headerObject = new Header {
alg = "RS256"
};
string headerJson = JsonConvert.SerializeObject(headerObject, Formatting.None);
byte[] headerBytes = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);
// ペイロード
var payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
var payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);
// 署名
byte[] temp = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
string signEncoded = CustomEncode.ToBase64UrlString(this._cs.Sign(temp));
// return JWT by RS256
return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
}
/// <summary>RS256のJWT検証メソッド</summary>
/// <param name="jwtString">JWTの文字列表現</param>
/// <returns>署名の検証結果</returns>
public override bool Verify(string jwtString)
{
string[] temp = jwtString.Split('.');
// 検証
Header headerObject = (Header)JsonConvert.DeserializeObject(
CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(Header));
if (headerObject.alg == "HS256" && headerObject.typ == "JWT")
{
byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8);
byte[] sign = CustomEncode.FromBase64UrlString(temp[2]);
HMACSHA256 sa = new HMACSHA256(this._key);
return(CustomEncode.ToBase64UrlString(sign)
== CustomEncode.ToBase64UrlString(sa.ComputeHash(data)));
}
else
{
return(false);
}
}
/// <summary>HS256のJWT生成メソッド</summary>
/// <param name="payloadJson">ペイロード部のJson文字列</param>
/// <returns>JWTの文字列表現</returns>
public override string Create(string payloadJson)
{
// ヘッダー
var headerObject = new Header {
alg = "HS256"
};
string headerJson = JsonConvert.SerializeObject(headerObject, Formatting.None);
byte[] headerBytes = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);
// ペイロード
var payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
var payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);
// 署名
byte[] data = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
HMACSHA256 sa = new HMACSHA256(this._key);
string signEncoded = CustomEncode.ToBase64UrlString(sa.ComputeHash(data));
// return JWT by RS256
return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
}
/// <summary>
/// ParamToJwkPublicKey
/// RSAParametersからJwk公開鍵へ変換
/// </summary>
/// <param name="param">RSAParameters</param>
/// <returns>JwkPublicKey</returns>
public static string ParamToJwkPublicKey(RSAParameters param)
{
/*
* FIDO2.0 の Web Authentication API が生成する公開鍵の例
* {
* "alg": "RS256",
* "e": "AQAB",
* "ext": false,
* "kty": "RSA",
* "n": "・・・"
* }
*/
Dictionary <string, string> dic = new Dictionary <string, string>();
dic["kty"] = "RSA"; // 必須
dic["alg"] = "RS256";
dic["n"] = CustomEncode.ToBase64UrlString(param.Modulus);
dic["e"] = CustomEncode.ToBase64UrlString(param.Exponent); //"AQAB";
//dic["ext"] = "false"; // 定義をRFC上に発見できない。
return(JsonConvert.SerializeObject(dic));
}
/// <summary>HSXXXのJWS検証メソッド</summary>
/// <param name="jwtString">JWSの文字列表現</param>
/// <returns>署名の検証結果</returns>
public override bool Verify(string jwtString)
{
string[] temp = jwtString.Split('.');
// 検証
JWS_Header headerObject = (JWS_Header)JsonConvert.DeserializeObject(
CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(JWS_Header));
if (headerObject.alg.ToUpper() == this.JwtConstHSnnn &&
headerObject.typ.ToUpper() == JwtConst.JWT)
{
byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8);
byte[] sign = CustomEncode.FromBase64UrlString(temp[2]);
HMAC sa = this.CreateHMACSHA(this.Key);
return(CustomEncode.ToBase64UrlString(sign)
== CustomEncode.ToBase64UrlString(sa.ComputeHash(data)));
}
else
{
return(false);
}
}
/// <summary>ParamToJwk</summary>
/// <param name="rsaParameters">RSAParameters</param>
/// <param name="settings">JsonSerializerSettings</param>
/// <returns>Jwk公開鍵</returns>
public string ParamToJwk(RSAParameters rsaParameters, JsonSerializerSettings settings)
{
Dictionary <string, string> dic = new Dictionary <string, string>();
dic[JwtConst.kty] = JwtConst.RSA; // 必須
dic[JwtConst.alg] = this.JwtConstRSnnn;
// Public
dic[JwtConst.n] = CustomEncode.ToBase64UrlString(rsaParameters.Modulus);
dic[JwtConst.e] = CustomEncode.ToBase64UrlString(rsaParameters.Exponent); //"AQAB";
// Private
dic[JwtConst.d] = CustomEncode.ToBase64UrlString(rsaParameters.D);
dic[JwtConst.p] = CustomEncode.ToBase64UrlString(rsaParameters.P);
dic[JwtConst.q] = CustomEncode.ToBase64UrlString(rsaParameters.Q);
dic[JwtConst.dp] = CustomEncode.ToBase64UrlString(rsaParameters.DP);
dic[JwtConst.dq] = CustomEncode.ToBase64UrlString(rsaParameters.DQ);
dic[JwtConst.qi] = CustomEncode.ToBase64UrlString(rsaParameters.InverseQ);
// JSON Web Key (JWK) Thumbprint
// https://openid-foundation-japan.github.io/rfc7638.ja.html
// kid : https://openid-foundation-japan.github.io/rfc7638.ja.html#Private
// JwkSetに格納しないので、今のところ、Thumbprintは取らない。
//dic["ext"] = "false"; // 定義をRFC上に発見できない。
if (settings == null)
{
return(JsonConvert.SerializeObject(dic));
}
else
{
return(JsonConvert.SerializeObject(dic, settings));
}
}
/// <summary>JWT検証</summary>
private void btnJWTVerify_Click(object sender, EventArgs e)
{
bool ret = false;
if (rbnJWTHS256.Checked)
{
// HS256
// 入力
string[] temp = this.txtJWTSign.Text.Split('.');
// 改変可能なフィールドから入力
string newJWT =
CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
+ "." + temp[2];
// 検証
//JWT_HS256 jwtHS256 = new JWT_HS256(CustomEncode.StringToByte(this.txtJWTKey.Text, CustomEncode.UTF_8));
JWT_HS256 jwtHS256 = new JWT_HS256(this.txtJWTJWK.Text);
ret = jwtHS256.Verify(newJWT);
}
else if (rbnJWTRS256_XML.Checked)
{
// RS256 (XML)
// 入力
string[] temp = this.txtJWTSign.Text.Split('.');
// 改変可能なフィールドから入力
string newJWT =
CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
+ "." + temp[2];
// 検証
JWT_RS256_XML jwtRS256 = new JWT_RS256_XML(this.txtJWTKey.Text);
ret = jwtRS256.Verify(newJWT);
}
else if (rbnJWTRS256_Param.Checked)
{
// RS256 (Param)
// 入力
string[] temp = this.txtJWTSign.Text.Split('.');
// 改変可能なフィールドから入力
string newJWT =
CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
+ "." + temp[2];
// 検証
//JWT_RS256_Param jwtRS256 = new JWT_RS256_Param(
// RS256_KeyConverter.XmlToProvider(this.txtJWTKey.Text).ExportParameters(false));
JWT_RS256_Param jwtRS256 = new JWT_RS256_Param(
RS256_KeyConverter.JwkToProvider(this.txtJWTJWK.Text).ExportParameters(false));
ret = jwtRS256.Verify(newJWT);
}
else
{
// RS256 (X509)
// 入力
string[] temp = this.txtJWTSign.Text.Split('.');
// 改変可能なフィールドから入力
string newJWT =
CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTHeader.Text, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64UrlString(CustomEncode.StringToByte(this.txtJWTPayload.Text, CustomEncode.UTF_8))
+ "." + temp[2];
// 検証
JWT_RS256_X509 jwtRS256 = new JWT_RS256_X509(this.CertificateFilePath_cer, "");
ret = jwtRS256.Verify(newJWT);
}
if (ret)
{
MessageBox.Show("検証成功");
}
else
{
MessageBox.Show("検証失敗");
}
}
/// <summary>Constructor</summary>
public JWT_HS256(byte[] key)
{
this._key = key;
this.JWK = this.JWK.Replace("password", CustomEncode.ToBase64UrlString(key));
}
/// <summary>Base64UrlSecretを生成</summary>
/// <param name="byteSize">サイズ(バイト)</param>
/// <returns>Base64UrlSecret</returns>
public static string Base64UrlSecret(int byteSize)
{
return(CustomEncode.ToBase64UrlString(GetPassword.RandomByte(byteSize)));
}