public void TestSignFlagJson() { Func<byte[], byte[]> sigFunc = (x) => { using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider()) { rsa.ImportParameters(JwsUnitTests.GetRsaParamsForRfc7515Example_A_2_1()); using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider()) { return rsa.SignData(x, sha256); } } }; object protectedSample = new // From the RFC example { alg = "RS256" }; object headerSample = new // From the RFC example { kid = "2010-12-29" }; string payloadSample = // From the RFC example "{\"iss\":\"joe\",\r\n" + " \"exp\":1300819380,\r\n" + " \"http://example.com/is_root\":true}"; var wsRegex = new Regex("\\s+"); var sigExpected = // Derived from the RFC example in A.6.4 wsRegex.Replace(@"{ ""payload"":""eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"", ""protected"":""eyJhbGciOiJSUzI1NiJ9"", ""header"":{""kid"":""2010-12-29""}, ""signature"": ""cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZ mh7AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjb KBYNX4BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHl b1L07Qe7K0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZES c6BfI7noOPqvhJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AX LIhWkWywlVmtVrBp0igcN_IoypGlUPQGe77Rw"" }", ""); var sigActual = wsRegex.Replace(JwsHelper.SignFlatJson( sigFunc, payloadSample, protectedSample, headerSample), ""); Assert.AreEqual(sigExpected, sigActual); }
public string SHA256(string str) { var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider(); var bs = sha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(str)); sha256.Clear(); return bs.Aggregate("", (current, b) => current + (b.ToString("x2"))); }
/// <summary> /// 计算SHA-256码 /// </summary> /// <param name="word">字符串</param> /// <param name="toUpper">返回哈希值格式 true:英文大写,false:英文小写</param> /// <returns></returns> public static string Hash_SHA_256(string word, bool toUpper = true) { try { System.Security.Cryptography.SHA256CryptoServiceProvider SHA256CSP = new System.Security.Cryptography.SHA256CryptoServiceProvider(); byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(word); byte[] bytHash = SHA256CSP.ComputeHash(bytValue); SHA256CSP.Clear(); //根据计算得到的Hash码翻译为SHA-1码 string sHash = "", sTemp = ""; for (int counter = 0; counter < bytHash.Count(); counter++) { long i = bytHash[counter] / 16; if (i > 9) { sTemp = ((char)(i - 10 + 0x41)).ToString(); } else { sTemp = ((char)(i + 0x30)).ToString(); } i = bytHash[counter] % 16; if (i > 9) { sTemp += ((char)(i - 10 + 0x41)).ToString(); } else { sTemp += ((char)(i + 0x30)).ToString(); } sHash += sTemp; } //根据大小写规则决定返回的字符串 return toUpper ? sHash : sHash.ToLower(); } catch (Exception ex) { throw new Exception(ex.Message); } }
static Settings() { var props = from p in typeof(Settings).GetProperties(BindingFlags.Public | BindingFlags.Static) let t = typeof(DefaultValueAttribute) where p.IsDefined(t, inherit: false) let a = p.GetCustomAttributes(t, inherit: false).Single() as DefaultValueAttribute select new { PropertyInfo = p, DefaultValue = a }; foreach (var pair in props) { pair.PropertyInfo.SetValue(null, Convert.ChangeType(pair.DefaultValue.Value, pair.PropertyInfo.PropertyType), null); } // this assists in debug and is also good for prd, the version is a hash of the main assembly string location; try { location = typeof (Settings).Assembly.Location; } catch { location = HttpContext.Current.Server.MapPath("~/bin/MiniProfiler.dll"); } try { List<string> files = new List<string>(); files.Add(location); string customUITemplatesPath = ""; if (HttpContext.Current != null) customUITemplatesPath = HttpContext.Current.Server.MapPath(MiniProfiler.Settings.CustomUITemplates); if (System.IO.Directory.Exists(customUITemplatesPath)) { files.AddRange(System.IO.Directory.EnumerateFiles(customUITemplatesPath)); } using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider()) { byte[] hash = new byte[sha256.HashSize / 8]; foreach (string file in files) { // sha256 can throw a FIPS exception, but SHA256CryptoServiceProvider is FIPS BABY - FIPS byte[] contents = System.IO.File.ReadAllBytes(file); byte[] hashfile = sha256.ComputeHash(contents); for (int i = 0; i < (sha256.HashSize / 8); i++) { hash[i] = (byte)(hashfile[i] ^ hash[i]); } } Version = System.Convert.ToBase64String(hash); } } catch { Version = Guid.NewGuid().ToString(); } typesToExclude = new HashSet<string> { // while we like our Dapper friend, we don't want to see him all the time "SqlMapper" }; methodsToExclude = new HashSet<string> { "lambda_method", ".ctor" }; assembliesToExclude = new HashSet<string> { // our assembly typeof(Settings).Assembly.GetName().Name, // reflection emit "Anonymously Hosted DynamicMethods Assembly", // the man "System.Core", "System.Data", "System.Data.Linq", "System.Web", "System.Web.Mvc", }; // for normal usage, this will return a System.Diagnostics.Stopwatch to collect times - unit tests can explicitly set how much time elapses StopwatchProvider = StopwatchWrapper.StartNew; }
/// <summary> /// Return unique Int64 value for input string /// </summary> /// <param name="strText"></param> /// <returns></returns> private static UInt64 GetInt64HashCode(string strText) { UInt64 hashCode = 0; if (!string.IsNullOrEmpty(strText)) { //Unicode Encode Covering all characterset byte[] byteContents = Encoding.Unicode.GetBytes(strText); System.Security.Cryptography.SHA256 hash = new System.Security.Cryptography.SHA256CryptoServiceProvider(); byte[] hashText = hash.ComputeHash(byteContents); //32Byte hashText separate //hashCodeStart = 0~7 8Byte //hashCodeMedium = 8~23 8Byte //hashCodeEnd = 24~31 8Byte //and Fold UInt64 hashCodeStart = BitConverter.ToUInt64(hashText, 0); UInt64 hashCodeMedium = BitConverter.ToUInt64(hashText, 8); UInt64 hashCodeEnd = BitConverter.ToUInt64(hashText, 24); hashCode = hashCodeStart ^ hashCodeMedium ^ hashCodeEnd; } return (hashCode); }
public void TestRfc7515Example_A_2_1() { string protectedSample = // From the RFC example "{\"alg\":\"RS256\"}"; byte[] protectedBytesExpected = // From the RFC example { 123, 34, 97, 108, 103, 34, 58, 34, 82, 83, 50, 53, 54, 34, 125 }; byte[] protectedBytesActual = Encoding.UTF8.GetBytes(protectedSample); CollectionAssert.AreEqual(protectedBytesExpected, protectedBytesActual); string protectedB64uExpected = "eyJhbGciOiJSUzI1NiJ9"; // From the RFC example string protectedB64uActual = JOSE.JwsHelper.Base64UrlEncode(protectedBytesActual); Assert.AreEqual(protectedB64uExpected, protectedB64uActual); string payloadSample = // From the RFC example "{\"iss\":\"joe\",\r\n" + " \"exp\":1300819380,\r\n" + " \"http://example.com/is_root\":true}"; byte[] payloadBytesActual = Encoding.UTF8.GetBytes(payloadSample); string payloadB64uActual = JOSE.JwsHelper.Base64UrlEncode(payloadBytesActual); string signingInput = $"{protectedB64uActual}.{payloadB64uActual}"; byte[] signingBytesExpected = // From the RFC example { 101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 122, 73, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76, 121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118, 98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73, 106, 112, 48, 99, 110, 86, 108, 102, 81 }; byte[] signingBytesActual = Encoding.ASCII.GetBytes(signingInput); CollectionAssert.AreEqual(signingBytesExpected, signingBytesActual); byte[] sigExpected = // From the RFC example { 112, 46, 33, 137, 67, 232, 143, 209, 30, 181, 216, 45, 191, 120, 69, 243, 65, 6, 174, 27, 129, 255, 247, 115, 17, 22, 173, 209, 113, 125, 131, 101, 109, 66, 10, 253, 60, 150, 238, 221, 115, 162, 102, 62, 81, 102, 104, 123, 0, 11, 135, 34, 110, 1, 135, 237, 16, 115, 249, 69, 229, 130, 173, 252, 239, 22, 216, 90, 121, 142, 232, 198, 109, 219, 61, 184, 151, 91, 23, 208, 148, 2, 190, 237, 213, 217, 217, 112, 7, 16, 141, 178, 129, 96, 213, 248, 4, 12, 167, 68, 87, 98, 184, 31, 190, 127, 249, 217, 46, 10, 231, 111, 36, 242, 91, 51, 187, 230, 244, 74, 230, 30, 177, 4, 10, 203, 32, 4, 77, 62, 249, 18, 142, 212, 1, 48, 121, 91, 212, 189, 59, 65, 238, 202, 208, 102, 171, 101, 25, 129, 253, 228, 141, 247, 127, 55, 45, 195, 139, 159, 175, 221, 59, 239, 177, 139, 93, 163, 204, 60, 46, 176, 47, 158, 58, 65, 214, 18, 202, 173, 21, 145, 18, 115, 160, 95, 35, 185, 232, 56, 250, 175, 132, 157, 105, 132, 41, 239, 90, 30, 136, 121, 130, 54, 195, 212, 14, 96, 69, 34, 165, 68, 200, 242, 122, 122, 45, 184, 6, 99, 209, 108, 247, 202, 234, 86, 222, 64, 92, 178, 33, 90, 69, 178, 194, 85, 102, 181, 90, 193, 167, 72, 160, 112, 223, 200, 163, 42, 70, 149, 67, 208, 25, 238, 251, 71 }; byte[] sigActual = null; using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider()) { rsa.ImportParameters(GetRsaParamsForRfc7515Example_A_2_1()); using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider()) { sigActual = rsa.SignData(signingBytesExpected, sha256); } } CollectionAssert.AreEqual(sigExpected, sigActual); string sigB64uExpected = // From the RFC example "cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7" + "AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4" + "BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K" + "0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv" + "hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB" + "p0igcN_IoypGlUPQGe77Rw"; string sigB64uActual = JOSE.JwsHelper.Base64UrlEncode(sigActual); Assert.AreEqual(sigB64uExpected, sigB64uActual); }
static ImageDownloader() { _hashMaker = new System.Security.Cryptography.SHA256CryptoServiceProvider(); }
static Settings() { var props = from p in typeof(Settings).GetProperties(BindingFlags.Public | BindingFlags.Static) let t = typeof(DefaultValueAttribute) where p.IsDefined(t, inherit: false) let a = p.GetCustomAttributes(t, inherit: false).Single() as DefaultValueAttribute select new { PropertyInfo = p, DefaultValue = a }; foreach (var pair in props) { pair.PropertyInfo.SetValue(null, Convert.ChangeType(pair.DefaultValue.Value, pair.PropertyInfo.PropertyType), null); } // this assists in debug and is also good for prd, the version is a hash of the main assembly string location; try { location = typeof(Settings).Assembly.Location; } catch { location = HttpContext.Current.Server.MapPath("~/bin/MiniProfiler.dll"); } try { List <string> files = new List <string>(); files.Add(location); string customUITemplatesPath = ""; if (HttpContext.Current != null) { customUITemplatesPath = HttpContext.Current.Server.MapPath(MiniProfiler.Settings.CustomUITemplates); } if (System.IO.Directory.Exists(customUITemplatesPath)) { files.AddRange(System.IO.Directory.EnumerateFiles(customUITemplatesPath)); } using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider()) { byte[] hash = new byte[sha256.HashSize / 8]; foreach (string file in files) { // sha256 can throw a FIPS exception, but SHA256CryptoServiceProvider is FIPS BABY - FIPS byte[] contents = System.IO.File.ReadAllBytes(file); byte[] hashfile = sha256.ComputeHash(contents); for (int i = 0; i < (sha256.HashSize / 8); i++) { hash[i] = (byte)(hashfile[i] ^ hash[i]); } } Version = System.Convert.ToBase64String(hash); } } catch { Version = Guid.NewGuid().ToString(); } typesToExclude = new HashSet <string> { // while we like our Dapper friend, we don't want to see him all the time "SqlMapper" }; methodsToExclude = new HashSet <string> { "lambda_method", ".ctor" }; assembliesToExclude = new HashSet <string> { // our assembly typeof(Settings).Assembly.GetName().Name, // reflection emit "Anonymously Hosted DynamicMethods Assembly", // the man "System.Core", "System.Data", "System.Data.Linq", "System.Web", "System.Web.Mvc", }; // for normal usage, this will return a System.Diagnostics.Stopwatch to collect times - unit tests can explicitly set how much time elapses StopwatchProvider = StopwatchWrapper.StartNew; }
public void TestRfc7515Example_A_2_1() { string protectedSample = // From the RFC example "{\"alg\":\"RS256\"}"; byte[] protectedBytesExpected = // From the RFC example { 123, 34, 97, 108, 103, 34, 58, 34, 82, 83, 50, 53, 54, 34, 125 }; byte[] protectedBytesActual = Encoding.UTF8.GetBytes(protectedSample); CollectionAssert.AreEqual(protectedBytesExpected, protectedBytesActual); string protectedB64uExpected = "eyJhbGciOiJSUzI1NiJ9"; // From the RFC example string protectedB64uActual = JOSE.JwsHelper.Base64UrlEncode(protectedBytesActual); Assert.AreEqual(protectedB64uExpected, protectedB64uActual); string payloadSample = // From the RFC example "{\"iss\":\"joe\",\r\n" + " \"exp\":1300819380,\r\n" + " \"http://example.com/is_root\":true}"; byte[] payloadBytesActual = Encoding.UTF8.GetBytes(payloadSample); string payloadB64uActual = JOSE.JwsHelper.Base64UrlEncode(payloadBytesActual); string signingInput = $"{protectedB64uActual}.{payloadB64uActual}"; byte[] signingBytesExpected = // From the RFC example { 101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 122, 73, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79,105, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76, 121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118, 98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73, 106, 112, 48, 99, 110, 86, 108, 102, 81 }; byte[] signingBytesActual = Encoding.ASCII.GetBytes(signingInput); CollectionAssert.AreEqual(signingBytesExpected, signingBytesActual); byte[] sigExpected = // From the RFC example { 112, 46, 33, 137, 67, 232, 143, 209, 30, 181, 216, 45, 191, 120, 69, 243, 65, 6, 174, 27, 129, 255, 247, 115, 17, 22, 173, 209, 113, 125, 131, 101, 109, 66, 10, 253, 60, 150, 238, 221, 115, 162, 102, 62, 81, 102, 104, 123, 0, 11, 135, 34, 110, 1, 135, 237, 16, 115, 249, 69, 229, 130, 173, 252, 239, 22, 216, 90, 121, 142, 232, 198, 109, 219, 61, 184, 151, 91, 23, 208, 148, 2, 190, 237, 213, 217, 217, 112, 7, 16, 141, 178, 129, 96, 213, 248, 4, 12, 167, 68, 87, 98, 184, 31, 190, 127, 249, 217, 46, 10, 231, 111, 36, 242, 91, 51, 187, 230, 244, 74, 230, 30, 177, 4, 10, 203, 32, 4, 77, 62, 249, 18, 142, 212,1, 48, 121, 91, 212, 189, 59, 65, 238, 202, 208, 102, 171, 101, 25, 129, 253, 228, 141, 247, 127, 55, 45, 195, 139, 159, 175, 221, 59, 239, 177, 139, 93, 163, 204, 60, 46, 176, 47, 158, 58, 65, 214, 18, 202, 173, 21, 145, 18, 115, 160, 95, 35, 185, 232, 56, 250, 175, 132, 157, 105, 132, 41, 239, 90, 30, 136, 121, 130, 54, 195, 212, 14, 96, 69, 34, 165, 68, 200, 242, 122, 122, 45, 184, 6, 99, 209, 108, 247, 202, 234, 86, 222, 64, 92, 178, 33, 90, 69, 178, 194, 85, 102, 181, 90, 193, 167, 72, 160, 112, 223, 200, 163, 42, 70, 149, 67, 208, 25, 238, 251, 71 }; byte[] sigActual = null; using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider()) { rsa.ImportParameters(GetRsaParamsForRfc7515Example_A_2_1()); using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider()) { sigActual = rsa.SignData(signingBytesExpected, sha256); } } CollectionAssert.AreEqual(sigExpected, sigActual); string sigB64uExpected = // From the RFC example "cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7" + "AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4" + "BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K" + "0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv" + "hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB" + "p0igcN_IoypGlUPQGe77Rw"; string sigB64uActual = JOSE.JwsHelper.Base64UrlEncode(sigActual); Assert.AreEqual(sigB64uExpected, sigB64uActual); }
private string GetFileHash(string filePath) { FileInfo fi = new System.IO.FileInfo(filePath); String retVal = null; // Bootstrapper is always signed with the SHA-256 algorithm, no matter which version of // the .NET Framework we are targeting. In ideal situations, bootstrapper files will be // pre-signed anwyay; this is a fallback in case we ever encounter a bootstrapper that is // not signed. System.Security.Cryptography.SHA256CryptoServiceProvider sha = new System.Security.Cryptography.SHA256CryptoServiceProvider(); using (Stream s = fi.OpenRead()) { retVal = ByteArrayToString(sha.ComputeHash(s)); } return retVal; }
public static byte[] Hash256(byte[] byteContents) { using var hash = new System.Security.Cryptography.SHA256CryptoServiceProvider(); return(hash.ComputeHash(byteContents)); }
private string HashString(string input) { string result = ""; using (System.Security.Cryptography.SHA256 sha = new System.Security.Cryptography.SHA256CryptoServiceProvider()) { byte[] data = sha.ComputeHash(Encoding.UTF8.GetBytes(input)); StringBuilder stringBuilder = new StringBuilder(); for (int counter = 0; counter < data.Length; counter++) { stringBuilder.Append(data[counter].ToString("x2")); } result = stringBuilder.ToString(); } return result; }