public void TestSignFlagJson()
{
Func<byte[], byte[]> sigFunc = (x) =>
{
using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider())
{
rsa.ImportParameters(JwsUnitTests.GetRsaParamsForRfc7515Example_A_2_1());
using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider())
{
return rsa.SignData(x, sha256);
}
}
};
object protectedSample = new // From the RFC example
{
alg = "RS256"
};
object headerSample = new // From the RFC example
{
kid = "2010-12-29"
};
string payloadSample = // From the RFC example
"{\"iss\":\"joe\",\r\n" +
" \"exp\":1300819380,\r\n" +
" \"http://example.com/is_root\":true}";
var wsRegex = new Regex("\\s+");
var sigExpected = // Derived from the RFC example in A.6.4
wsRegex.Replace(@"{
""payload"":""eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ"",
""protected"":""eyJhbGciOiJSUzI1NiJ9"",
""header"":{""kid"":""2010-12-29""},
""signature"":
""cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZ
mh7AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjb
KBYNX4BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHl
b1L07Qe7K0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZES
c6BfI7noOPqvhJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AX
LIhWkWywlVmtVrBp0igcN_IoypGlUPQGe77Rw""
}", "");
var sigActual = wsRegex.Replace(JwsHelper.SignFlatJson(
sigFunc, payloadSample, protectedSample, headerSample), "");
Assert.AreEqual(sigExpected, sigActual);
}
public string SHA256(string str)
{
var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider();
var bs = sha256.ComputeHash(System.Text.Encoding.UTF8.GetBytes(str));
sha256.Clear();
return bs.Aggregate("", (current, b) => current + (b.ToString("x2")));
}
/// <summary>
/// 计算SHA-256码
/// </summary>
/// <param name="word">字符串</param>
/// <param name="toUpper">返回哈希值格式 true:英文大写,false:英文小写</param>
/// <returns></returns>
public static string Hash_SHA_256(string word, bool toUpper = true)
{
try
{
System.Security.Cryptography.SHA256CryptoServiceProvider SHA256CSP
= new System.Security.Cryptography.SHA256CryptoServiceProvider();
byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(word);
byte[] bytHash = SHA256CSP.ComputeHash(bytValue);
SHA256CSP.Clear();
//根据计算得到的Hash码翻译为SHA-1码
string sHash = "", sTemp = "";
for (int counter = 0; counter < bytHash.Count(); counter++)
{
long i = bytHash[counter] / 16;
if (i > 9)
{
sTemp = ((char)(i - 10 + 0x41)).ToString();
}
else
{
sTemp = ((char)(i + 0x30)).ToString();
}
i = bytHash[counter] % 16;
if (i > 9)
{
sTemp += ((char)(i - 10 + 0x41)).ToString();
}
else
{
sTemp += ((char)(i + 0x30)).ToString();
}
sHash += sTemp;
}
//根据大小写规则决定返回的字符串
return toUpper ? sHash : sHash.ToLower();
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
static Settings()
{
var props = from p in typeof(Settings).GetProperties(BindingFlags.Public | BindingFlags.Static)
let t = typeof(DefaultValueAttribute)
where p.IsDefined(t, inherit: false)
let a = p.GetCustomAttributes(t, inherit: false).Single() as DefaultValueAttribute
select new { PropertyInfo = p, DefaultValue = a };
foreach (var pair in props)
{
pair.PropertyInfo.SetValue(null, Convert.ChangeType(pair.DefaultValue.Value, pair.PropertyInfo.PropertyType), null);
}
// this assists in debug and is also good for prd, the version is a hash of the main assembly
string location;
try
{
location = typeof (Settings).Assembly.Location;
}
catch
{
location = HttpContext.Current.Server.MapPath("~/bin/MiniProfiler.dll");
}
try
{
List<string> files = new List<string>();
files.Add(location);
string customUITemplatesPath = "";
if (HttpContext.Current != null)
customUITemplatesPath = HttpContext.Current.Server.MapPath(MiniProfiler.Settings.CustomUITemplates);
if (System.IO.Directory.Exists(customUITemplatesPath))
{
files.AddRange(System.IO.Directory.EnumerateFiles(customUITemplatesPath));
}
using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider())
{
byte[] hash = new byte[sha256.HashSize / 8];
foreach (string file in files)
{
// sha256 can throw a FIPS exception, but SHA256CryptoServiceProvider is FIPS BABY - FIPS
byte[] contents = System.IO.File.ReadAllBytes(file);
byte[] hashfile = sha256.ComputeHash(contents);
for (int i = 0; i < (sha256.HashSize / 8); i++)
{
hash[i] = (byte)(hashfile[i] ^ hash[i]);
}
}
Version = System.Convert.ToBase64String(hash);
}
}
catch
{
Version = Guid.NewGuid().ToString();
}
typesToExclude = new HashSet<string>
{
// while we like our Dapper friend, we don't want to see him all the time
"SqlMapper"
};
methodsToExclude = new HashSet<string>
{
"lambda_method",
".ctor"
};
assembliesToExclude = new HashSet<string>
{
// our assembly
typeof(Settings).Assembly.GetName().Name,
// reflection emit
"Anonymously Hosted DynamicMethods Assembly",
// the man
"System.Core",
"System.Data",
"System.Data.Linq",
"System.Web",
"System.Web.Mvc",
};
// for normal usage, this will return a System.Diagnostics.Stopwatch to collect times - unit tests can explicitly set how much time elapses
StopwatchProvider = StopwatchWrapper.StartNew;
}
/// <summary>
/// Return unique Int64 value for input string
/// </summary>
/// <param name="strText"></param>
/// <returns></returns>
private static UInt64 GetInt64HashCode(string strText)
{
UInt64 hashCode = 0;
if (!string.IsNullOrEmpty(strText)) {
//Unicode Encode Covering all characterset
byte[] byteContents = Encoding.Unicode.GetBytes(strText);
System.Security.Cryptography.SHA256 hash = new System.Security.Cryptography.SHA256CryptoServiceProvider();
byte[] hashText = hash.ComputeHash(byteContents);
//32Byte hashText separate
//hashCodeStart = 0~7 8Byte
//hashCodeMedium = 8~23 8Byte
//hashCodeEnd = 24~31 8Byte
//and Fold
UInt64 hashCodeStart = BitConverter.ToUInt64(hashText, 0);
UInt64 hashCodeMedium = BitConverter.ToUInt64(hashText, 8);
UInt64 hashCodeEnd = BitConverter.ToUInt64(hashText, 24);
hashCode = hashCodeStart ^ hashCodeMedium ^ hashCodeEnd;
}
return (hashCode);
}
public void TestRfc7515Example_A_2_1()
{
string protectedSample = // From the RFC example
"{\"alg\":\"RS256\"}";
byte[] protectedBytesExpected = // From the RFC example
{
123, 34, 97, 108, 103, 34, 58, 34, 82, 83, 50, 53, 54, 34, 125
};
byte[] protectedBytesActual = Encoding.UTF8.GetBytes(protectedSample);
CollectionAssert.AreEqual(protectedBytesExpected, protectedBytesActual);
string protectedB64uExpected = "eyJhbGciOiJSUzI1NiJ9"; // From the RFC example
string protectedB64uActual = JOSE.JwsHelper.Base64UrlEncode(protectedBytesActual);
Assert.AreEqual(protectedB64uExpected, protectedB64uActual);
string payloadSample = // From the RFC example
"{\"iss\":\"joe\",\r\n" +
" \"exp\":1300819380,\r\n" +
" \"http://example.com/is_root\":true}";
byte[] payloadBytesActual = Encoding.UTF8.GetBytes(payloadSample);
string payloadB64uActual = JOSE.JwsHelper.Base64UrlEncode(payloadBytesActual);
string signingInput = $"{protectedB64uActual}.{payloadB64uActual}";
byte[] signingBytesExpected = // From the RFC example
{
101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 122, 73,
49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105,
74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72,
65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68,
65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76,
121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118,
98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73, 106, 112, 48,
99, 110, 86, 108, 102, 81
};
byte[] signingBytesActual = Encoding.ASCII.GetBytes(signingInput);
CollectionAssert.AreEqual(signingBytesExpected, signingBytesActual);
byte[] sigExpected = // From the RFC example
{
112, 46, 33, 137, 67, 232, 143, 209, 30, 181, 216, 45, 191, 120, 69,
243, 65, 6, 174, 27, 129, 255, 247, 115, 17, 22, 173, 209, 113, 125,
131, 101, 109, 66, 10, 253, 60, 150, 238, 221, 115, 162, 102, 62, 81,
102, 104, 123, 0, 11, 135, 34, 110, 1, 135, 237, 16, 115, 249, 69,
229, 130, 173, 252, 239, 22, 216, 90, 121, 142, 232, 198, 109, 219,
61, 184, 151, 91, 23, 208, 148, 2, 190, 237, 213, 217, 217, 112, 7,
16, 141, 178, 129, 96, 213, 248, 4, 12, 167, 68, 87, 98, 184, 31,
190, 127, 249, 217, 46, 10, 231, 111, 36, 242, 91, 51, 187, 230, 244,
74, 230, 30, 177, 4, 10, 203, 32, 4, 77, 62, 249, 18, 142, 212, 1,
48, 121, 91, 212, 189, 59, 65, 238, 202, 208, 102, 171, 101, 25, 129,
253, 228, 141, 247, 127, 55, 45, 195, 139, 159, 175, 221, 59, 239,
177, 139, 93, 163, 204, 60, 46, 176, 47, 158, 58, 65, 214, 18, 202,
173, 21, 145, 18, 115, 160, 95, 35, 185, 232, 56, 250, 175, 132, 157,
105, 132, 41, 239, 90, 30, 136, 121, 130, 54, 195, 212, 14, 96, 69,
34, 165, 68, 200, 242, 122, 122, 45, 184, 6, 99, 209, 108, 247, 202,
234, 86, 222, 64, 92, 178, 33, 90, 69, 178, 194, 85, 102, 181, 90,
193, 167, 72, 160, 112, 223, 200, 163, 42, 70, 149, 67, 208, 25, 238,
251, 71
};
byte[] sigActual = null;
using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider())
{
rsa.ImportParameters(GetRsaParamsForRfc7515Example_A_2_1());
using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider())
{
sigActual = rsa.SignData(signingBytesExpected, sha256);
}
}
CollectionAssert.AreEqual(sigExpected, sigActual);
string sigB64uExpected = // From the RFC example
"cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7" +
"AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4" +
"BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K" +
"0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv" +
"hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB" +
"p0igcN_IoypGlUPQGe77Rw";
string sigB64uActual = JOSE.JwsHelper.Base64UrlEncode(sigActual);
Assert.AreEqual(sigB64uExpected, sigB64uActual);
}
static ImageDownloader()
{
_hashMaker = new System.Security.Cryptography.SHA256CryptoServiceProvider();
}
static Settings()
{
var props = from p in typeof(Settings).GetProperties(BindingFlags.Public | BindingFlags.Static)
let t = typeof(DefaultValueAttribute)
where p.IsDefined(t, inherit: false)
let a = p.GetCustomAttributes(t, inherit: false).Single() as DefaultValueAttribute
select new { PropertyInfo = p, DefaultValue = a };
foreach (var pair in props)
{
pair.PropertyInfo.SetValue(null, Convert.ChangeType(pair.DefaultValue.Value, pair.PropertyInfo.PropertyType), null);
}
// this assists in debug and is also good for prd, the version is a hash of the main assembly
string location;
try
{
location = typeof(Settings).Assembly.Location;
}
catch
{
location = HttpContext.Current.Server.MapPath("~/bin/MiniProfiler.dll");
}
try
{
List <string> files = new List <string>();
files.Add(location);
string customUITemplatesPath = "";
if (HttpContext.Current != null)
{
customUITemplatesPath = HttpContext.Current.Server.MapPath(MiniProfiler.Settings.CustomUITemplates);
}
if (System.IO.Directory.Exists(customUITemplatesPath))
{
files.AddRange(System.IO.Directory.EnumerateFiles(customUITemplatesPath));
}
using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider())
{
byte[] hash = new byte[sha256.HashSize / 8];
foreach (string file in files)
{
// sha256 can throw a FIPS exception, but SHA256CryptoServiceProvider is FIPS BABY - FIPS
byte[] contents = System.IO.File.ReadAllBytes(file);
byte[] hashfile = sha256.ComputeHash(contents);
for (int i = 0; i < (sha256.HashSize / 8); i++)
{
hash[i] = (byte)(hashfile[i] ^ hash[i]);
}
}
Version = System.Convert.ToBase64String(hash);
}
}
catch
{
Version = Guid.NewGuid().ToString();
}
typesToExclude = new HashSet <string>
{
// while we like our Dapper friend, we don't want to see him all the time
"SqlMapper"
};
methodsToExclude = new HashSet <string>
{
"lambda_method",
".ctor"
};
assembliesToExclude = new HashSet <string>
{
// our assembly
typeof(Settings).Assembly.GetName().Name,
// reflection emit
"Anonymously Hosted DynamicMethods Assembly",
// the man
"System.Core",
"System.Data",
"System.Data.Linq",
"System.Web",
"System.Web.Mvc",
};
// for normal usage, this will return a System.Diagnostics.Stopwatch to collect times - unit tests can explicitly set how much time elapses
StopwatchProvider = StopwatchWrapper.StartNew;
}
public void TestRfc7515Example_A_2_1()
{
string protectedSample = // From the RFC example
"{\"alg\":\"RS256\"}";
byte[] protectedBytesExpected = // From the RFC example
{
123, 34, 97, 108, 103, 34, 58, 34, 82, 83, 50, 53, 54, 34, 125
};
byte[] protectedBytesActual = Encoding.UTF8.GetBytes(protectedSample);
CollectionAssert.AreEqual(protectedBytesExpected, protectedBytesActual);
string protectedB64uExpected = "eyJhbGciOiJSUzI1NiJ9"; // From the RFC example
string protectedB64uActual = JOSE.JwsHelper.Base64UrlEncode(protectedBytesActual);
Assert.AreEqual(protectedB64uExpected, protectedB64uActual);
string payloadSample = // From the RFC example
"{\"iss\":\"joe\",\r\n" +
" \"exp\":1300819380,\r\n" +
" \"http://example.com/is_root\":true}";
byte[] payloadBytesActual = Encoding.UTF8.GetBytes(payloadSample);
string payloadB64uActual = JOSE.JwsHelper.Base64UrlEncode(payloadBytesActual);
string signingInput = $"{protectedB64uActual}.{payloadB64uActual}";
byte[] signingBytesExpected = // From the RFC example
{
101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 83, 85, 122, 73,
49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79,105,
74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72,
65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68,
65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76,
121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118,
98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73, 106, 112, 48,
99, 110, 86, 108, 102, 81
};
byte[] signingBytesActual = Encoding.ASCII.GetBytes(signingInput);
CollectionAssert.AreEqual(signingBytesExpected, signingBytesActual);
byte[] sigExpected = // From the RFC example
{
112, 46, 33, 137, 67, 232, 143, 209, 30, 181, 216, 45, 191, 120, 69,
243, 65, 6, 174, 27, 129, 255, 247, 115, 17, 22, 173, 209, 113, 125,
131, 101, 109, 66, 10, 253, 60, 150, 238, 221, 115, 162, 102, 62, 81,
102, 104, 123, 0, 11, 135, 34, 110, 1, 135, 237, 16, 115, 249, 69,
229, 130, 173, 252, 239, 22, 216, 90, 121, 142, 232, 198, 109, 219,
61, 184, 151, 91, 23, 208, 148, 2, 190, 237, 213, 217, 217, 112, 7,
16, 141, 178, 129, 96, 213, 248, 4, 12, 167, 68, 87, 98, 184, 31,
190, 127, 249, 217, 46, 10, 231, 111, 36, 242, 91, 51, 187, 230, 244,
74, 230, 30, 177, 4, 10, 203, 32, 4, 77, 62, 249, 18, 142, 212,1,
48, 121, 91, 212, 189, 59, 65, 238, 202, 208, 102, 171, 101, 25, 129,
253, 228, 141, 247, 127, 55, 45, 195, 139, 159, 175, 221, 59, 239,
177, 139, 93, 163, 204, 60, 46, 176, 47, 158, 58, 65, 214, 18, 202,
173, 21, 145, 18, 115, 160, 95, 35, 185, 232, 56, 250, 175, 132, 157,
105, 132, 41, 239, 90, 30, 136, 121, 130, 54, 195, 212, 14, 96, 69,
34, 165, 68, 200, 242, 122, 122, 45, 184, 6, 99, 209, 108, 247, 202,
234, 86, 222, 64, 92, 178, 33, 90, 69, 178, 194, 85, 102, 181, 90,
193, 167, 72, 160, 112, 223, 200, 163, 42, 70, 149, 67, 208, 25, 238,
251, 71
};
byte[] sigActual = null;
using (var rsa = new System.Security.Cryptography.RSACryptoServiceProvider())
{
rsa.ImportParameters(GetRsaParamsForRfc7515Example_A_2_1());
using (var sha256 = new System.Security.Cryptography.SHA256CryptoServiceProvider())
{
sigActual = rsa.SignData(signingBytesExpected, sha256);
}
}
CollectionAssert.AreEqual(sigExpected, sigActual);
string sigB64uExpected = // From the RFC example
"cC4hiUPoj9Eetdgtv3hF80EGrhuB__dzERat0XF9g2VtQgr9PJbu3XOiZj5RZmh7" +
"AAuHIm4Bh-0Qc_lF5YKt_O8W2Fp5jujGbds9uJdbF9CUAr7t1dnZcAcQjbKBYNX4" +
"BAynRFdiuB--f_nZLgrnbyTyWzO75vRK5h6xBArLIARNPvkSjtQBMHlb1L07Qe7K" +
"0GarZRmB_eSN9383LcOLn6_dO--xi12jzDwusC-eOkHWEsqtFZESc6BfI7noOPqv" +
"hJ1phCnvWh6IeYI2w9QOYEUipUTI8np6LbgGY9Fs98rqVt5AXLIhWkWywlVmtVrB" +
"p0igcN_IoypGlUPQGe77Rw";
string sigB64uActual = JOSE.JwsHelper.Base64UrlEncode(sigActual);
Assert.AreEqual(sigB64uExpected, sigB64uActual);
}
private string GetFileHash(string filePath)
{
FileInfo fi = new System.IO.FileInfo(filePath);
String retVal = null;
// Bootstrapper is always signed with the SHA-256 algorithm, no matter which version of
// the .NET Framework we are targeting. In ideal situations, bootstrapper files will be
// pre-signed anwyay; this is a fallback in case we ever encounter a bootstrapper that is
// not signed.
System.Security.Cryptography.SHA256CryptoServiceProvider sha = new System.Security.Cryptography.SHA256CryptoServiceProvider();
using (Stream s = fi.OpenRead())
{
retVal = ByteArrayToString(sha.ComputeHash(s));
}
return retVal;
}
public static byte[] Hash256(byte[] byteContents)
{
using var hash = new System.Security.Cryptography.SHA256CryptoServiceProvider();
return(hash.ComputeHash(byteContents));
}
private string HashString(string input)
{
string result = "";
using (System.Security.Cryptography.SHA256 sha = new System.Security.Cryptography.SHA256CryptoServiceProvider())
{
byte[] data = sha.ComputeHash(Encoding.UTF8.GetBytes(input));
StringBuilder stringBuilder = new StringBuilder();
for (int counter = 0; counter < data.Length; counter++)
{
stringBuilder.Append(data[counter].ToString("x2"));
}
result = stringBuilder.ToString();
}
return result;
}
