Пример #1
0
        public KeySetKey(IKeySet keySet)
        {
            KeySet = keySet;
            var primaryKey = keySet.GetPrimaryKey();

            KeyId   = KeySet.Metadata.Name;
            KeySize = primaryKey?.Size ?? -1;
            CryptoProviderFactory.CustomCryptoProvider = new KeyzureCryptoProvider();
        }
Пример #2
0
        public override byte[] Sign(byte[] input)
        {
            if (!_signing)
            {
                throw new InvalidOperationException();
            }

            JwtAlg chosenAlg = Algorithm;

            if (!Jwt.IsValidAlg(chosenAlg, _keySet.GetPrimaryKey()))
            {
                throw new InvalidKeyTypeException("Key doesn't match chosen algorithm");
            }

            using (var vanillaSigner = new VanillaSigner(_keySet))
            {
                var sig = vanillaSigner.Sign(input);
                return(sig);
            }
        }
Пример #3
0
 public KeyzureSigningCredentials(IKeySet keySet)
     : base(new KeySetKey(keySet), Jwt.AlgForKey(keySet.GetPrimaryKey())?.ToString())
 {
 }
Пример #4
0
        public static bool ExportPrimaryAsPkcs(this IKeySet keySet, Stream stream, Func <string> passwordPrompt)
        {
            using (var key = keySet.GetPrimaryKey())
            {
                using (var writer = new StreamWriter(stream))
                {
                    var pemWriter = new Org.BouncyCastle.Utilities.IO.Pem.PemWriter(writer);

                    string password = null;
                    if (key is IPrivateKey)
                    {
                        password = (passwordPrompt?.Invoke() ?? String.Empty);
                    }
                    AsymmetricKeyParameter writeKey;
                    if (!(key is IPrivateKey) || String.IsNullOrWhiteSpace(password))
                    {
                        switch (key)
                        {
                        case DsaPublicKey dsa:
                            writeKey = BouncyCastleFromKey(dsa);
                            break;

                        case IRsaPublicKey rsa:
                            writeKey = BouncyCastleFromKey(rsa);
                            break;

                        case DsaPrivateKey dsa:
                            writeKey = BouncyCastleFromKey(dsa.PublicKey);
                            pemWriter.WriteObject(new MiscPemGenerator(writeKey));
                            writeKey = BouncyCastleFromKey(dsa);
                            break;

                        case IRsaPrivateKey rsa:
                            writeKey = BouncyCastleFromKey(rsa.PublicKey);
                            pemWriter.WriteObject(new MiscPemGenerator(writeKey));
                            writeKey = BouncyCastleFromKey(rsa);
                            break;

                        default:
                            throw new InvalidKeyTypeException("Non exportable key type.");
                        }

                        pemWriter.WriteObject(new MiscPemGenerator(writeKey));
                    }
                    else
                    {
                        switch (key)
                        {
                        case DsaPrivateKey dsa:
                            writeKey = BouncyCastleFromKey(dsa);
                            break;

                        case IRsaPrivateKey rsa:
                            writeKey = BouncyCastleFromKey(rsa);
                            break;

                        default:
                            throw new InvalidKeyTypeException("Non exportable key type.");
                        }

                        pemWriter.WriteObject(new Pkcs8Generator(writeKey, Pkcs8Generator.PbeSha1_RC2_128)
                        {
                            Password       = (password)?.ToCharArray(),
                            SecureRandom   = Secure.Random,
                            IterationCount = 4096
                        });
                    }
                }
            }

            return(true);
        }