public void PublicKeyOnlyCorrectlyParses() { var cert = ECCertificateBuilder.CreateNewSigningCertificate("Test"); var data = cert.Export(X509ContentType.Cert); var publicCert = new X509Certificate2(data); var cng = ECDSACertificateParser.ParsePublicCertificate(publicCert); Assert.IsNotNull(cng); }
public void NoPublicKeyThrowsError() { Assert.Throws(typeof(InvalidOperationException), () => { var cert = ECCertificateBuilder.CreateNewSigningCertificate("Test"); var data = cert.Export(X509ContentType.Cert); var publicCert = new X509Certificate2(data); ECDSACertificateParser.ParsePrivateCertificate(publicCert); }); }
public void P384CertificateCorrectlyParses() { var options = new ECCertificateBuilderOptions { FullSubjectName = "CN=Test", ECCurve = ECNamedCurves.P384 }; var cert = ECCertificateBuilder.CreateNewSigningCertificate(options); var cng = ECDSACertificateParser.ParsePublicCertificate(cert); Assert.IsNotNull(cng); }
public void SurvivesExportImport() { var options = new ECCertificateBuilderOptions { FullSubjectName = "CN=Test", ECKeyName = "KeyTestTemp", HashingMethod = HashingMethods.Sha512 }; var cert = ECCertificateBuilder.CreateNewSigningCertificate(options); var data = cert.Export(X509ContentType.Pkcs12, "password"); if (CngKey.Exists("KeyTestTemp")) { var objCngKey = CngKey.Open("KeyTestTemp"); objCngKey.Delete(); } var reloaded = new X509Certificate2(data, "password"); ECDSACertificateParser.ParsePrivateCertificate(reloaded); }
/// <summary> /// Create a web token signed by an ECDSA X509Certificate /// </summary> /// <param name="claims">JSON serialisable data to be signed</param> /// <param name="signingCertificate">Certificate to use for signing, must include a private key</param> /// <param name="extraHeaderClaims">Extra header params</param> /// <param name="payloadSerializerSettings"><see cref="JsonSerializerSettings"/> to be used for <paramref name="claims"/> serialization.</param> /// <param name="headerJson">[Output] the header json</param> /// <param name="payloadJson">[Output] the payload json</param> /// <returns>JWT token</returns> public static string EncodeUsingECDSA <T>(T claims, X509Certificate2 signingCertificate, IDictionary <string, object> extraHeaderClaims, JsonSerializerSettings payloadSerializerSettings, out string headerJson) { var signer = ECDSACertificateParser.ParsePrivateCertificate(signingCertificate); return(EncodeUsingECDSA(claims, signer, extraHeaderClaims, payloadSerializerSettings, out headerJson)); }
/// <summary> /// Verify and then parse the data in a JWT /// </summary> /// <param name="token">The JWT to parse and verify</param> /// <param name="verificationCertificate">Public key certificate to verify the token with</param> /// <param name="verify">Whether to actually verify the token or not</param> /// <param name="headerJson">[Output] The header json</param> /// <param name="payloadJson">[Output] The payload json</param> /// <returns>Parsed object data</returns> public static T DecodeUsingECDSA <T>(string token, X509Certificate2 verificationCertificate, bool verify, out string headerJson, out string payloadJson) { var verifier = ECDSACertificateParser.ParsePublicCertificate(verificationCertificate); return(DecodeUsingECDSA <T>(token, verifier, verify, out headerJson, out payloadJson)); }