public void ShouldRemovePrivateAndUpdate(string algorithm, KeyType keyType) { var alg = Algorithm.Create(algorithm, keyType); var key = _keyService.Generate(new JwksOptions() { KeyPrefix = "ShouldGenerateManyRsa_", Algorithm = alg }); var privateKey = new SecurityKeyWithPrivate(); privateKey.SetParameters(key.Key, alg); _jsonWebKeyStore.Save(privateKey); /*Remove private*/ privateKey.SetParameters(); _jsonWebKeyStore.Update(privateKey); }
public void ShouldRemovePrivateKeyAfterUpdateAExpiredJwk(string algorithm, KeyType keyType) { var alg = Algorithm.Create(algorithm, keyType); var key = _keyService.Generate(new JwksOptions() { KeyPrefix = "ShouldGenerateManyRsa_", Algorithm = alg }); var privateKey = new SecurityKeyWithPrivate(); privateKey.SetParameters(key.Key, alg); _jsonWebKeyStore.Save(privateKey); /*Remove private*/ privateKey.SetParameters(); _jsonWebKeyStore.Update(privateKey); var jsonWebKey = _keyService.GetLastKeysCredentials(5).First(w => w.Kid == privateKey.KeyId); jsonWebKey.Kty.Should().NotBeNullOrEmpty(); jsonWebKey.HasPrivateKey.Should().BeFalse(); switch (jsonWebKey.Kty) { case JsonWebAlgorithmsKeyTypes.EllipticCurve: jsonWebKey.D.Should().BeNullOrEmpty(); break; case JsonWebAlgorithmsKeyTypes.RSA: jsonWebKey.D.Should().BeNullOrEmpty(); jsonWebKey.DP.Should().BeNullOrEmpty(); jsonWebKey.DQ.Should().BeNullOrEmpty(); jsonWebKey.P.Should().BeNullOrEmpty(); jsonWebKey.Q.Should().BeNullOrEmpty(); jsonWebKey.QI.Should().BeNullOrEmpty(); break; case JsonWebAlgorithmsKeyTypes.Octet: jsonWebKey.K.Should().NotBeNullOrEmpty(); break; } }
public SigningCredentials Generate(JwksOptions options = null) { if (options == null) { options = _options.Value; } var key = _jwkService.Generate(options.Algorithm); var t = new SecurityKeyWithPrivate(); t.SetParameters(key, options.Algorithm); _store.Save(t); return(new SigningCredentials(key, options.Algorithm)); }