/// <summary>
/// Create a JWK with optionally all elements
/// </summary>
/// <param name="keyType"></param>
/// <param name="keyParameters"></param>
/// <param name="publicKeyUse"></param>
/// <param name="keyOperations"></param>
/// <param name="algorithm"></param>
/// <param name="keyId"></param>
public JWK(KeyType keyType, Dictionary <KeyParameter, string> keyParameters, PublicKeyUse publicKeyUse = null, IEnumerable <KeyOperation> keyOperations = null, Algorithm algorithm = null, string keyId = null) : this(keyType, keyParameters)
{
PublicKeyUse = publicKeyUse;
KeyOperations = new HashSet <KeyOperation>(keyOperations);
Algorithm = algorithm;
KeyID = keyId;
}
public void JWKWithECKeyRoundTrip()
{
KeyType keyType = KeyType.EllipticCurve;
PublicKeyUse keyUse = PublicKeyUse.Signature;
var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature });
Algorithm algorithm = Algorithm.ES256;
var keyParameters = new Dictionary <KeyParameter, string>
{
{ ECKeyParameterCRV, "curveName" },
{ ECKeyParameterX, "publicKeyX" },
{ ECKeyParameterY, "publicKeyY" },
{ ECKeyParameterD, "privateKeyD" }
};
JWK jwk = new JWK(keyType, keyParameters, keyUse, keyOperations, algorithm, "test");
string jwkString = jwk.Export(true);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.GetValue("crv").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterCRV));
parsedJWK.GetValue("x").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterX));
parsedJWK.GetValue("y").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterY));
parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(ECKeyParameterD));
parsedJWK.GetValue("kid").ToString().Should().Be("test");
jwk = new JWK(jwkString);
jwk.KeyType.Should().Be(keyType);
jwk.PublicKeyUse.Should().Be(keyUse);
jwk.KeyOperations.Should().BeEquivalentTo(keyOperations);
jwk.Algorithm.Should().Be(algorithm);
jwk.KeyParameters.Should().BeEquivalentTo(keyParameters);
}
public void JWKWithAESKeyParametersCanBeCreated()
{
KeyType keyType = KeyType.RSA;
PublicKeyUse keyUse = PublicKeyUse.Signature;
var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature });
Algorithm algorithm = Algorithm.ES256;
var keyParameters = new Dictionary <KeyParameter, string>
{
{ RSAKeyParameterN, "modulus" },
{ RSAKeyParameterE, "exponent" },
{ RSAKeyParameterD, "privateExponent" },
{ RSAKeyParameterP, "firstPrimeFactor" },
{ RSAKeyParameterQ, "secondPrimeFactor" },
{ RSAKeyParameterDP, "firstFactorCRTExponent" },
{ RSAKeyParameterDQ, "secondFactorCRTExponent" },
{ RSAKeyParameterQI, "firstCRTCoefficient" }
};
JWK jwk = new JWK(keyType, keyParameters, keyUse, keyOperations, algorithm, "test");
string jwkString = jwk.Export(true);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.GetValue("n").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterN));
parsedJWK.GetValue("e").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterE));
parsedJWK.GetValue("d").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterD));
parsedJWK.GetValue("p").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterP));
parsedJWK.GetValue("q").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterQ));
parsedJWK.GetValue("dp").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterDP));
parsedJWK.GetValue("dq").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterDQ));
parsedJWK.GetValue("qi").ToString().Should().Be(keyParameters.GetValueOrDefault(RSAKeyParameterQI));
parsedJWK.GetValue("kid").ToString().Should().Be("test");
}
public void JWKCheckECPrivateKeyParametersExport()
{
PublicKeyUse keyUse = PublicKeyUse.Signature;
var keyOperations = new HashSet <KeyOperation>(new[] { KeyOperation.ComputeDigitalSignature, KeyOperation.VerifyDigitalSignature });
Algorithm algorithm = Algorithm.ES256;
JWK jwk = new JWK(algorithm, keyUse, keyOperations);
string jwkString = jwk.Export(false);
var parsedJWK = JObject.Parse(jwkString);
parsedJWK.TryGetValue("kty", out var _).Should().BeTrue();
parsedJWK.TryGetValue("alg", out var _).Should().BeTrue();
parsedJWK.TryGetValue("use", out var _).Should().BeTrue();
parsedJWK.TryGetValue("kid", out var _).Should().BeTrue();
parsedJWK.TryGetValue("crv", out var _).Should().BeTrue();
parsedJWK.TryGetValue("x", out var _).Should().BeTrue();
parsedJWK.TryGetValue("y", out var _).Should().BeTrue();
parsedJWK.TryGetValue("d", out var _).Should().BeFalse();
parsedJWK.GetValue("kty").ToString().Should().Be("EC");
parsedJWK.GetValue("alg").ToString().Should().Be(Algorithm.ES256.Name);
parsedJWK.GetValue("use").ToString().Should().Be(PublicKeyUse.Signature.KeyUse);
parsedJWK.GetValue("key_ops").Values <string>().Count().Should().Be(2);
parsedJWK.GetValue("key_ops").Values <string>().Should().BeEquivalentTo(new[] { KeyOperation.ComputeDigitalSignature.Operation, KeyOperation.VerifyDigitalSignature.Operation });
}
/// <summary>
/// Create a JWK by only providing a specific algorithm. A new key for the corresponding algorithm is generated in the background
/// </summary>
/// <param name="algorithm"></param>
/// <param name="publicKeyUse"></param>
/// <param name="keyOperations"></param>
public JWK(Algorithm algorithm, PublicKeyUse publicKeyUse = null, IEnumerable <KeyOperation> keyOperations = null)
{
PublicKeyUse = publicKeyUse;
KeyOperations = keyOperations;
Algorithm = algorithm;
KeyID = Guid.NewGuid().ToString();
KeyType = DeriveKeyType(algorithm);
InitializeKey();
}
static void Main(string[] args)
{
Console.WriteLine("Implementation of JSON Web Keys (RFC7517)");
JWK jwk = new JWK();
PublicKeyUse keyUse = PublicKeyUse.Signature;
KeyOperations keyOperations = KeyOperations.ComputeDigitalSignature;
Algorithm algorithm = Algorithm.ES256;
string jwkString = jwk.JWKfromOptions(keyUse, keyOperations, algorithm);
Console.WriteLine(jwkString);
}
