public void Generate_Secp256k1_SignedToken()
{
var privateKey = GeneratePrivateKey(domainParams);
var securityKey = new EcSecurityKey(privateKey);
var signingCredentials = new SigningCredentials(securityKey, algorithm);
signingCredentials.CryptoProviderFactory = new EcCryptoProviderFactory(domainParams,
new[] { algorithm },
deterministic: true,
digest: new Sha256Digest());
var tokenHandler = new JwtSecurityTokenHandler();
var jwtToken = tokenHandler.CreateJwtSecurityToken(
issuer: "me",
audience: "you",
subject: null,
notBefore: now,
expires: now.AddMinutes(30),
issuedAt: now,
signingCredentials: signingCredentials);
var token = tokenHandler.WriteToken(jwtToken);
Assert.NotNull(token);
Assert.Equal(3, token.Split(".").Length);
}
public void Verify_Signature()
{
var privateKey = GeneratePrivateKey(domainParams);
var signingCredentials = new SigningCredentials(new EcSecurityKey(privateKey), algorithm);
signingCredentials.CryptoProviderFactory = new EcCryptoProviderFactory(domainParams,
new[] { algorithm },
deterministic: true,
digest: new Sha256Digest());
var tokenHandler = new JwtSecurityTokenHandler();
var jwtToken = tokenHandler.CreateJwtSecurityToken(
issuer: "me",
audience: "you",
subject: null,
notBefore: now,
expires: now.AddMinutes(30),
issuedAt: now,
signingCredentials: signingCredentials);
var token = tokenHandler.WriteToken(jwtToken);
// Verify
var publicKey = new EcSecurityKey(new ECPublicKeyParameters(domainParams.G.Multiply(privateKey.D), domainParams));
tokenHandler = new JwtSecurityTokenHandler();
var settings = new TokenValidationParameters()
{
ValidIssuer = "me",
ValidAudience = "you",
IssuerSigningKey = publicKey,
CryptoProviderFactory = new EcCryptoProviderFactory(domainParams,
new[] { algorithm },
deterministic: true,
digest: new Sha256Digest())
};
var claims = tokenHandler.ValidateToken(token, settings, out var securityToken);
Assert.NotNull(claims);
}
