public void SetRsaPublicKeyInformation(Dictionary <string, object> result, JsonWebKey jsonWebKey)
{
RSAParameters rsaParameters;
#if NET461
using (var provider = new RSACryptoServiceProvider())
{
provider.FromXmlString(jsonWebKey.SerializedKey);
rsaParameters = provider.ExportParameters(false);
}
#else
using (var provider = new RSAOpenSsl())
{
provider.FromXmlString(jsonWebKey.SerializedKey);
rsaParameters = provider.ExportParameters(false);
}
#endif
// Export the modulus
var modulus = rsaParameters.Modulus.Base64EncodeBytes();
// Export the exponent
var exponent = rsaParameters.Exponent.Base64EncodeBytes();
result.Add(SimpleIdentityServer.Core.Jwt.Constants.JsonWebKeyParameterNames.RsaKey.ModulusName, modulus);
result.Add(SimpleIdentityServer.Core.Jwt.Constants.JsonWebKeyParameterNames.RsaKey.ExponentName, exponent);
}
public async Task <DecryptedResponse> Execute(DecryptOfficeDocumentParameter decryptOfficeDocumentParameter, string accessToken, AuthenticateParameter authenticateParameter)
{
if (decryptOfficeDocumentParameter == null)
{
throw new ArgumentNullException(nameof(decryptOfficeDocumentParameter));
}
if (authenticateParameter == null)
{
throw new ArgumentNullException(nameof(authenticateParameter));
}
_decryptOfficeDocumentParameterValidator.Check(decryptOfficeDocumentParameter);
await _getOfficeDocumentAction.Execute(decryptOfficeDocumentParameter.DocumentId);
var jsonWebKey = await _jsonWebKeyRepository.Get(decryptOfficeDocumentParameter.Kid);
if (jsonWebKey == null)
{
throw new BaseDocumentManagementApiException(ErrorCodes.InvalidRequest, string.Format(ErrorDescriptions.TheJsonWebKeyDoesntExist, decryptOfficeDocumentParameter.Kid));
}
var payload = Convert.FromBase64String(decryptOfficeDocumentParameter.Credentials);
byte[] decryptedPayload = null;
if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
{
using (var provider = new RSACryptoServiceProvider())
{
provider.FromXmlStringCore(jsonWebKey.SerializedKey);
decryptedPayload = provider.Decrypt(payload, true);
}
}
else
{
using (var rsa = new RSAOpenSsl())
{
rsa.FromXmlString(jsonWebKey.SerializedKey);
decryptedPayload = rsa.Decrypt(payload, RSAEncryptionPadding.OaepSHA1);
}
}
var decryptedContent = Encoding.UTF8.GetString(decryptedPayload);
var splitted = decryptedContent.Split('.');
return(new DecryptedResponse
{
Password = splitted[0],
Salt = splitted[1]
});
}
public byte[] Decrypt(
byte[] toBeDecrypted,
JsonWebKey jsonWebKey)
{
#if UAP
return(null);
#elif NET46 || NET45
using (var rsa = new RSACryptoServiceProvider())
{
rsa.FromXmlString(jsonWebKey.SerializedKey);
return(rsa.Decrypt(toBeDecrypted, _oaep));
}
#elif NETSTANDARD
using (var rsa = new RSAOpenSsl())
{
rsa.FromXmlString(jsonWebKey.SerializedKey);
return(rsa.Decrypt(toBeDecrypted, RSAEncryptionPadding.Pkcs1));
}
#endif
}
public string SignWithRsa(
JwsAlg algorithm,
string serializedKeys,
string combinedJwsNotSigned)
{
if (!_mappingJwsAlgorithmToRsaHashingAlgorithms.ContainsKey(algorithm))
{
return(null);
}
if (string.IsNullOrWhiteSpace(serializedKeys))
{
throw new ArgumentNullException("serializedKeys");
}
var hashMethod = _mappingJwsAlgorithmToRsaHashingAlgorithms[algorithm];
#if UAP
// TODO : Implement
return(null);
#elif NET46 || NET45
using (var rsa = new RSACryptoServiceProvider())
{
var bytesToBeSigned = ASCIIEncoding.ASCII.GetBytes(combinedJwsNotSigned);
rsa.FromXmlString(serializedKeys);
var byteToBeConverted = rsa.SignData(bytesToBeSigned, hashMethod);
return(byteToBeConverted.Base64EncodeBytes());
}
#elif NETSTANDARD
using (var rsa = new RSAOpenSsl())
{
var bytesToBeSigned = ASCIIEncoding.ASCII.GetBytes(combinedJwsNotSigned);
rsa.FromXmlString(serializedKeys);
var byteToBeConverted = rsa.SignData(bytesToBeSigned, 0, bytesToBeSigned.Length, hashMethod, RSASignaturePadding.Pkcs1);
return(byteToBeConverted.Base64EncodeBytes());
}
#endif
}
public bool VerifyWithRsa(
JwsAlg algorithm,
string serializedKeys,
string input,
byte[] signature)
{
if (!_mappingJwsAlgorithmToRsaHashingAlgorithms.ContainsKey(algorithm))
{
return(false);
}
if (string.IsNullOrWhiteSpace(serializedKeys))
{
throw new ArgumentNullException("serializedKeys");
}
var plainBytes = ASCIIEncoding.ASCII.GetBytes(input);
var hashMethod = _mappingJwsAlgorithmToRsaHashingAlgorithms[algorithm];
#if UAP
// TODO : Implement
return(false);
#elif NET46 || NET45
using (var rsa = new RSACryptoServiceProvider())
{
rsa.FromXmlString(serializedKeys);
return(rsa.VerifyData(plainBytes, hashMethod, signature));
}
#elif NETSTANDARD
using (var rsa = new RSAOpenSsl())
{
rsa.FromXmlString(serializedKeys);
return(rsa.VerifyData(plainBytes, signature, hashMethod, RSASignaturePadding.Pkcs1));
}
#endif
}