protected override SymmetricJwk GenerateKey(IConsole console)
{
SymmetricJwk key;
var stopwatch = new Stopwatch();
if (_keyLength != 0)
{
console.Verbose($@"Generating 'oct' JWK of {_keyLength} bits...");
stopwatch.Start();
key = SymmetricJwk.GenerateKey(_keyLength, computeThumbprint: !_noKid);
}
else if (SignatureAlgorithm.TryParse(_alg, out var signatureAlgorithm))
{
console.Verbose($@"Generating 'oct' JWK of {signatureAlgorithm.RequiredKeySizeInBits} bits for algorithm {signatureAlgorithm}...");
stopwatch.Start();
key = SymmetricJwk.GenerateKey(signatureAlgorithm, computeThumbprint: !_noKid);
}
else if (KeyManagementAlgorithm.TryParse(_alg, out var keyManagementAlgorithm))
{
console.Verbose($@"Generating 'oct' JWK of {keyManagementAlgorithm.RequiredKeySizeInBits} bits for algorithm {signatureAlgorithm}...");
stopwatch.Start();
key = SymmetricJwk.GenerateKey(keyManagementAlgorithm, computeThumbprint: !_noKid);
}
else
{
throw new InvalidOperationException("Unable to found the way to generate the key. Please specify a valid key length or a valid algorithm.");
}
console.Verbose($"JWK generated in {stopwatch.ElapsedMilliseconds} ms.");
if (_kid != null)
{
console.Verbose($"kid: {_kid}");
key.Kid = JsonEncodedText.Encode(_kid);
}
else if (!_noKid)
{
console.Verbose($"kid: {key.Kid}");
}
if (_use != null)
{
console.Verbose($"use: {_use}");
key.Use = JsonEncodedText.Encode(_use);
}
if (_keyOps != null && _keyOps.Count != 0)
{
console.Verbose($"key_ops: {string.Join(", ", _keyOps)}");
foreach (var keyOps in _keyOps)
{
if (keyOps != null)
{
key.KeyOps.Add(JsonEncodedText.Encode(keyOps));
}
}
}
return(key);
}
protected override ECJwk GenerateKey(IConsole console)
{
ECJwk key;
var stopwatch = new Stopwatch();
if (SignatureAlgorithm.TryParse(_alg, out var signatureAlgorithm))
{
if (EllipticalCurve.TryParse(_curve, out var curve))
{
if (EllipticalCurve.TryGetSupportedCurve(signatureAlgorithm, out var curve2))
{
if (curve.Id != curve2.Id)
{
throw new InvalidOperationException($@"Unable to generate 'EC' JWK. Curve '{curve}' and algorithm '{signatureAlgorithm}' are not compatible'. Use algorithm '{curve.SupportedSignatureAlgorithm}' with curve '{curve}', or curve '{curve2}' with algorithm '{signatureAlgorithm}'.");
}
}
else
{
throw new InvalidOperationException($@"Unable to generate 'EC' JWK. Curve '{curve}' and algorithm '{signatureAlgorithm}' are not compatible'. Use algorithm '{curve.SupportedSignatureAlgorithm}' with curve '{curve}'.");
}
}
console.Verbose($@"Generating 'EC' JWK of {signatureAlgorithm.RequiredKeySizeInBits} bits for algorithm {signatureAlgorithm}...");
stopwatch.Start();
key = ECJwk.GeneratePrivateKey(signatureAlgorithm, computeThumbprint: !_noKid);
}
else if (EllipticalCurve.TryParse(_curve, out var curve))
{
if (KeyManagementAlgorithm.TryParse(_alg, out var keyManagementAlgorithm))
{
console.Verbose($@"Generating 'EC' JWK for algorithm {keyManagementAlgorithm} and curve {curve}...");
stopwatch.Start();
key = ECJwk.GeneratePrivateKey(curve, keyManagementAlgorithm, computeThumbprint: !_noKid);
}
else
{
console.Verbose($@"Generating 'EC' JWK for curve {curve}...");
stopwatch.Start();
key = ECJwk.GeneratePrivateKey(curve, computeThumbprint: !_noKid);
}
}
else
{
throw new InvalidOperationException("Unable to found the way to generate the key. Please specify a valid curve or a valid algorithm.");
}
console.Verbose($"JWK generated in {stopwatch.ElapsedMilliseconds} ms.");
if (_kid != null)
{
console.Verbose($"kid: {_kid}");
key.Kid = JsonEncodedText.Encode(_kid);
}
else if (!_noKid)
{
console.Verbose($"kid: {key.Kid}");
}
if (_use != null)
{
console.Verbose($"use: {_use}");
key.Use = JsonEncodedText.Encode(_use);
}
if (_keyOps != null && _keyOps.Count != 0)
{
console.Verbose($"key_ops: {string.Join(", ", _keyOps)}");
foreach (var keyOps in _keyOps)
{
if (keyOps != null)
{
key.KeyOps.Add(JsonEncodedText.Encode(keyOps));
}
}
}
return(key);
}
internal static JwtHeader ReadJwtHeaderSlow(ref Utf8JsonReader reader)
{
var current = new JwtObject(3);
var header = new JwtHeader(current);
while (reader.Read())
{
if (!(reader.TokenType is JsonTokenType.PropertyName))
{
break;
}
if (reader.ValueTextEquals(HeaderParameters.AlgUtf8) && reader.Read())
{
if (!(reader.TokenType is JsonTokenType.String))
{
break;
}
var alg = reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan;
if (SignatureAlgorithm.TryParse(alg, out var signatureAlgorithm))
{
header.SignatureAlgorithm = signatureAlgorithm;
}
else if (KeyManagementAlgorithm.TryParse(alg, out var keyManagementAlgorithm))
{
header.KeyManagementAlgorithm = keyManagementAlgorithm;
}
else if (SignatureAlgorithm.TryParseSlow(ref reader, out signatureAlgorithm))
{
header.SignatureAlgorithm = signatureAlgorithm;
}
else if (KeyManagementAlgorithm.TryParseSlow(ref reader, out keyManagementAlgorithm))
{
header.KeyManagementAlgorithm = keyManagementAlgorithm;
}
else
{
// TODO : Fix when the Utf8JsonReader will allow
// to read an unescaped string without allocating a string
current.Add(new JwtProperty(WellKnownProperty.Alg, Encoding.UTF8.GetBytes(reader.GetString())));
}
}
else if (reader.ValueTextEquals(HeaderParameters.EncUtf8) && reader.Read())
{
if (!(reader.TokenType is JsonTokenType.String))
{
break;
}
var enc = reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan;
if (EncryptionAlgorithm.TryParse(enc, out var encryptionAlgorithm))
{
header.EncryptionAlgorithm = encryptionAlgorithm;
}
else if (EncryptionAlgorithm.TryParseSlow(ref reader, out encryptionAlgorithm))
{
header.EncryptionAlgorithm = encryptionAlgorithm;
}
else
{
// TODO : Fix when the Utf8JsonReader will allow
// to read an unescaped string without allocating a string
current.Add(new JwtProperty(WellKnownProperty.Enc, Encoding.UTF8.GetBytes(reader.GetString())));
}
}
else if (reader.ValueTextEquals(HeaderParameters.CtyUtf8) && reader.Read())
{
if (!(reader.TokenType is JsonTokenType.String))
{
break;
}
current.Add(new JwtProperty(WellKnownProperty.Cty, Encoding.UTF8.GetBytes(reader.GetString())));
}
else if (reader.ValueTextEquals(HeaderParameters.TypUtf8) && reader.Read())
{
if (!(reader.TokenType is JsonTokenType.String))
{
break;
}
current.Add(new JwtProperty(WellKnownProperty.Typ, Encoding.UTF8.GetBytes(reader.GetString())));
}
else if (reader.ValueTextEquals(HeaderParameters.KidUtf8) && reader.Read())
{
if (!(reader.TokenType is JsonTokenType.String))
{
break;
}
current.Add(new JwtProperty(WellKnownProperty.Kid, reader.GetString()));
}
else if (reader.ValueTextEquals(HeaderParameters.ZipUtf8) && reader.Read())
{
if (!(reader.TokenType is JsonTokenType.String))
{
break;
}
var zip = reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan;
if (CompressionAlgorithm.TryParse(zip, out var compressionAlgorithm))
{
current.Add(new JwtProperty(compressionAlgorithm));
}
else if (CompressionAlgorithm.TryParseSlow(ref reader, out compressionAlgorithm))
{
current.Add(new JwtProperty(compressionAlgorithm));
}
else
{
// TODO : Fix when the Utf8JsonReader will allow
// to read an unescaped string without allocating a string
current.Add(new JwtProperty(WellKnownProperty.Zip, Encoding.UTF8.GetBytes(reader.GetString())));
}
}
else
{
var name = reader.GetString();
reader.Read();
switch (reader.TokenType)
{
case JsonTokenType.StartObject:
current.Add(name, JsonParser.ReadJsonObject(ref reader));
break;
case JsonTokenType.StartArray:
current.Add(name, JsonParser.ReadJsonArray(ref reader));
break;
case JsonTokenType.String:
current.Add(name, reader.GetString());
break;
case JsonTokenType.True:
current.Add(name, true);
break;
case JsonTokenType.False:
current.Add(name, false);
break;
case JsonTokenType.Null:
current.Add(name);
break;
case JsonTokenType.Number:
if (reader.TryGetInt64(out long longValue))
{
current.Add(name, longValue);
}
else
{
if (reader.TryGetDouble(out double doubleValue))
{
current.Add(name, doubleValue);
}
else
{
throw new FormatException($"NotSupportedNumberValue {Encoding.UTF8.GetBytes(name)}");
}
}
break;
default:
throw new FormatException("MalformedJson");
}
}
}
if (!(reader.TokenType is JsonTokenType.EndObject))
{
throw new FormatException("MalformedJson");
}
return(header);
}
