private string GetComputedChallenge(string verifier) { using (var hash = CryptographyHelpers.CreateSHA256()) { return(Base64UrlEncoder.Encode(hash.ComputeHash(Encoding.ASCII.GetBytes(verifier)))); } }
private HashAlgorithm GetAlgorithm(string hashingAlgorithm) { switch (hashingAlgorithm) { case "RS256": return(CryptographyHelpers.CreateSHA256()); default: throw new InvalidOperationException($"Unsupported hashing algorithm '{hashingAlgorithm}'"); } }
public static IIdentityServiceBuilder AddSigningCertificates( this IIdentityServiceBuilder builder, Func <IEnumerable <X509Certificate2> > certificatesLoader) { builder.Services.Configure <IdentityServiceOptions>(o => { var certificates = certificatesLoader(); foreach (var certificate in certificates) { var algorithm = CryptographyHelpers.FindAlgorithm(certificate); o.SigningKeys.Add(new SigningCredentials(new X509SecurityKey(certificate), algorithm)); } }); return(builder); }
public static IIdentityServiceBuilder AddSigningCertificate( this IIdentityServiceBuilder builder, X509Certificate2 certificate) { CryptographyHelpers.ValidateRsaKeyLength(certificate); var key = new X509SecurityKey(certificate); builder.Services.Configure <IdentityServiceOptions>( options => { var algorithm = CryptographyHelpers.FindAlgorithm(certificate); options.SigningKeys.Add(new SigningCredentials(key, algorithm)); }); return(builder); }
private void RunTest(string testFlavor) { using (StartLog(out var loggerFactory, testFlavor)) { var logger = loggerFactory.CreateLogger(testFlavor); for (var i = 0; i < 100; i++) { var key = CryptoUtilities.CreateTestKey(); try { CryptographyHelpers.GetRSAParameters(new SigningCredentials(key, "RS256")); } catch (CryptographicException e) { LogKeyData(logger, i, key, e); throw; } } } }
private SigningCredentialsDescriptor CreateDescriptor(X509Certificate2 certificate) { CryptographyHelpers.ValidateRsaKeyLength(certificate); var credentials = new SigningCredentials(new X509SecurityKey(certificate), CryptographyHelpers.FindAlgorithm(certificate)); return(new SigningCredentialsDescriptor( credentials, CryptographyHelpers.GetAlgorithm(credentials), certificate.NotBefore, certificate.NotAfter, GetMetadata())); IDictionary <string, string> GetMetadata() { var rsaParameters = CryptographyHelpers.GetRSAParameters(credentials); return(new Dictionary <string, string> { [JsonWebKeyParameterNames.E] = Base64UrlEncoder.Encode(rsaParameters.Exponent), [JsonWebKeyParameterNames.N] = Base64UrlEncoder.Encode(rsaParameters.Modulus), }); } }
public Task <string> GenerateClientSecretAsync() { return(Task.FromResult(CryptographyHelpers.GenerateHighEntropyValue(byteLength: 32))); }