/// <summary>HSXXXのJWS生成メソッド</summary>
/// <param name="payloadJson">ペイロード部のJson文字列</param>
/// <returns>JWSの文字列表現</returns>
public override string Create(string payloadJson)
{
// ヘッダー
JWS_Header headerObject = new JWS_Header {
alg = this.JwtConstHSnnn
};
string headerJson = JsonConvert.SerializeObject(
headerObject,
new JsonSerializerSettings()
{
Formatting = Formatting.None,
NullValueHandling = NullValueHandling.Ignore
});
byte[] headerBytes = CustomEncode.StringToByte(headerJson, CustomEncode.UTF_8);
string headerEncoded = CustomEncode.ToBase64UrlString(headerBytes);
// ペイロード
byte[] payloadBytes = CustomEncode.StringToByte(payloadJson, CustomEncode.UTF_8);
string payloadEncoded = CustomEncode.ToBase64UrlString(payloadBytes);
// 署名
byte[] data = CustomEncode.StringToByte(headerEncoded + "." + payloadEncoded, CustomEncode.UTF_8);
HMAC sa = this.CreateHMACSHA(this.Key);
string signEncoded = CustomEncode.ToBase64UrlString(sa.ComputeHash(data));
return(headerEncoded + "." + payloadEncoded + "." + signEncoded);
}
/// <summary>Init</summary>
/// <param name="jwtConstRSnnn">string</param>
public void Init(string jwtConstRSnnn)
{
this.JwtConstRSnnn = jwtConstRSnnn;
this._JWSHeader = new JWS_Header()
{
alg = jwtConstRSnnn
};
}
/// <summary>ES256のJWS検証メソッド</summary>
/// <param name="jwtString">JWSの文字列表現</param>
/// <returns>署名の検証結果</returns>
public override bool Verify(string jwtString)
{
string[] temp = jwtString.Split('.');
// 検証
JWS_Header headerObject = (JWS_Header)JsonConvert.DeserializeObject(
CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(JWS_Header));
if (headerObject.alg.ToUpper() == JwtConst.ES256 && headerObject.typ.ToUpper() == JwtConst.JWT)
{
byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8);
byte[] sign = CustomEncode.FromBase64UrlString(temp[2]);
return(this.Verify2(data, sign)); // 派生を呼ぶ
}
else
{
return(false);
}
}
/// <summary>RS256のJWS検証メソッド</summary>
/// <param name="jwtString">JWSの文字列表現</param>
/// <returns>署名の検証結果</returns>
public override bool Verify(string jwtString)
{
string[] temp = jwtString.Split('.');
// 検証
JWS_Header headerObject = (JWS_Header)JsonConvert.DeserializeObject(
CustomEncode.ByteToString(CustomEncode.FromBase64UrlString(temp[0]), CustomEncode.UTF_8), typeof(JWS_Header));
if (headerObject.alg.ToUpper() == JwtConst.HS256 && headerObject.typ.ToUpper() == JwtConst.JWT)
{
byte[] data = CustomEncode.StringToByte(temp[0] + "." + temp[1], CustomEncode.UTF_8);
byte[] sign = CustomEncode.FromBase64UrlString(temp[2]);
HMACSHA256 sa = new HMACSHA256(this.Key);
return(CustomEncode.ToBase64UrlString(sign)
== CustomEncode.ToBase64UrlString(sa.ComputeHash(data)));
}
else
{
return(false);
}
}