// private helper methods
private static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)
{
if (password == null)
{
throw new ArgumentNullException("password");
}
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
}
//using (var hmac = new System.Security.Cryptography.HMACSHA512())
//{
// passwordSalt = hmac.Key;
// passwordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
//}
BigInteger b = new BigInteger();
b.genRandomBits(512, new Random());
passwordSalt = b.getBytes();
GostCrypto.Gost34102012Signer signer = new GostCrypto.Gost34102012Signer(new BigInteger(passwordSalt));
passwordHash = Encoding.UTF8.GetBytes(signer.Sign(password));
}
internal static string WriteToken(GOSTSecurityToken token)
{
string header = JsonConvert.SerializeObject(new { alg = "gost34.11.2012", typ = "JWT" });
// TODO claims // audience
string payLoad = JsonConvert.SerializeObject(new
{
userId = token.Id,
iss = token.Issuer,
aud = "TemplateApp",
nbf = token.ValidFrom.ToString(),
exp = token.ValidTo.ToString()
}); //1
byte[] securityKey = ((SymmetricSecurityKey)token.SecurityKey).Key;
string unsignedToken = ToBase64(header) + '.' + ToBase64(payLoad);
GostCrypto.Gost34102012Signer signer = new GostCrypto.Gost34102012Signer(new BigInteger(securityKey));
string signature = signer.Sign(unsignedToken);
return(ToBase64(header) + "." + ToBase64(payLoad) + "." + ToBase64(signature));
}
