/// <summary>HSXXXのJWS生成メソッド</summary> /// <param name="payloadJson">ペイロード部のJson文字列</param> /// <returns>JWSの文字列表現</returns> public override string Create(string payloadJson) { // ヘッダー JWS_Header headerObject = new JWS_Header { alg = this.JwtConstHSnnn }; string headerJson = JsonConvert.SerializeObject( headerObject, new JsonSerializerSettings() { Formatting = Formatting.None, NullValueHandling = NullValueHandling.Ignore }); byte[] headerBytes = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8); string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes); // ペイロード byte[] payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8); string payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes); // 署名 byte[] data = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8); HMAC sa = this.CreateHMACSHA(this.Key); string signEncoded = CustomEncode.ToBase64UrlString(sa.ComputeHash(data)); return(headerEncoded + "." + payloadEncoded + "." + signEncoded); }
/// <summary>Init</summary> /// <param name="jwtConstRSnnn">string</param> public void Init(string jwtConstRSnnn) { this.JwtConstRSnnn = jwtConstRSnnn; this._JWSHeader = new JWS_Header() { alg = jwtConstRSnnn }; }
/// <summary>ES256のJWS検証メソッド</summary> /// <param name="jwtString">JWSの文字列表現</param> /// <returns>署名の検証結果</returns> public override bool Verify(string jwtString) { string[] temp = jwtString.Split('.'); // 検証 JWS_Header headerObject = (JWS_Header)JsonConvert.DeserializeObject( CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(JWS_Header)); if (headerObject.alg.ToUpper() == JwtConst.ES256 && headerObject.typ.ToUpper() == JwtConst.JWT) { byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8); byte[] sign = CustomEncode.FromBase64UrlString(temp[2]); return(this.Verify2(data, sign)); // 派生を呼ぶ } else { return(false); } }
/// <summary>RS256のJWS検証メソッド</summary> /// <param name="jwtString">JWSの文字列表現</param> /// <returns>署名の検証結果</returns> public override bool Verify(string jwtString) { string[] temp = jwtString.Split('.'); // 検証 JWS_Header headerObject = (JWS_Header)JsonConvert.DeserializeObject( CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(JWS_Header)); if (headerObject.alg.ToUpper() == JwtConst.HS256 && headerObject.typ.ToUpper() == JwtConst.JWT) { byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8); byte[] sign = CustomEncode.FromBase64UrlString(temp[2]); HMACSHA256 sa = new HMACSHA256(this.Key); return(CustomEncode.ToBase64UrlString(sign) == CustomEncode.ToBase64UrlString(sa.ComputeHash(data))); } else { return(false); } }