Пример #1
0
        public static String ToJWTBase64(dynamic data, ILogger logger, ISecurityVault securityVault, String issuer, String secret, String salt, String senderPrivateKeyName, String receiverPublicKeyName)
        {
            IJWTService jwtService = new RSAJWTService();

            var longSecretData = JsonConvert.SerializeObject(data);
            var symCryptoKey   = SymmetricCryptoService.CreateSymmetricKey(securityVault.GetSecret(secret), securityVault.GetSecret(salt));
            var encryptedData  = SymmetricCryptoService.Encrypt(longSecretData, symCryptoKey.Key, symCryptoKey.IV);

            logger.LogInformation($"encryptedData:{encryptedData}");
            //var decryptedData = SymmetricCryptoService.Decrypt(encryptedData, symCryptoKey.Key, symCryptoKey.IV);
            //logger.LogInformation($"decryptedData:{decryptedData}");

            var rsaPrivateKeySet1Contents = securityVault.GetSecret(senderPrivateKeyName);
            var rsaPublicKeySet2Contents  = securityVault.GetSecret(receiverPublicKeyName);
            var validationParameters      = getValidationParameters(issuer);

            var payload = new JwtPayload {
                { "iss", issuer },
                { "encrypted_key_bas64", jwtService.Encrypt(secret, rsaPublicKeySet2Contents) },                             // Receivers public key
                { "encrypted_iv_bas64", jwtService.Encrypt(salt, rsaPublicKeySet2Contents) },                                // Receivers public key
                { "sym_encrypted_data", SymmetricCryptoService.Encrypt(longSecretData, symCryptoKey.Key, symCryptoKey.IV) }, // These data can be large
                { "exp", (Int32)(DateTime.UtcNow.AddHours(1).Subtract(new DateTime(1970, 1, 1))).TotalSeconds },
                { "iat", (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds }
            };
            // Creating signed JWT
            var jwt           = jwtService.GenerateJWTFromRSA(payload, rsaPrivateKeySet1Contents, "RS256"); // Senders private  key
            var serializedJWT = new JwtSecurityTokenHandler().WriteToken(jwt);

            logger.LogInformation($"serializedJWT:{serializedJWT}");
            return(serializedJWT);
        }
Пример #2
0
        private static void SimulateSender()
        {
            IJWTService jwtService     = new RSAJWTService();
            var         longSecretData = File.ReadAllText($@"{LocalFileStorePath}\data\large-text1.txt");

            var secret       = "my-awesome-pw123"; // Should be exactly 16 bytes
            var salt         = "my-tasty-salt123"; // Should be exactly 16 bytes
            var symCryptoKey = SymmetricCryptoService.CreateSymmetricKey(secret, salt);

            if (longSecretData != null && longSecretData.Length > 100)
            {
                Console.WriteLine("longSecretData=" + longSecretData.Substring(0, 100));
            }
            else
            {
                Console.WriteLine("longSecretData=" + longSecretData);
            }
            Console.WriteLine("longSecretData.length=" + longSecretData.Length);

            // This key is only known by one party "A"
            var rsaPrivateKeySet1Contents = File.ReadAllText($@"{LocalFileStorePath}\keys\rsa-prv-key-set1.key");
            var contentHashBase64         = jwtService.GenerateBase64Hash(longSecretData, HashAlgorithmEnum.SHA512);
            var payload = new JwtPayload {
                { "iss", "commentor.dk" },
                { "encrypted_secret_base64", jwtService.Encrypt(secret, RSAPublicKeySet2Contents) }, // Receivers public key
                { "encrypted_salt_base64", jwtService.Encrypt(salt, RSAPublicKeySet2Contents) },     // Receivers public key
                { "content_hash_base64", contentHashBase64 },
                { "content_hash_algorithm", HashAlgorithmEnum.SHA512.ToString() },
                { "exp", (Int32)(DateTime.UtcNow.AddHours(1).Subtract(new DateTime(1970, 1, 1))).TotalSeconds },
                { "iat", (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds }
            };
            // Creating signed JWT
            var jwt           = jwtService.GenerateJWTFromRSA(payload, rsaPrivateKeySet1Contents, "RS256"); // Senders private  key
            var serializedJWT = new JwtSecurityTokenHandler().WriteToken(jwt);

            Console.WriteLine($"serializedJWT:{serializedJWT}");
            var rijndaelEncryptedDataBase64 = SymmetricCryptoService.Encrypt(longSecretData, Encoding.UTF8.GetBytes(secret), Encoding.UTF8.GetBytes(salt));

            Console.WriteLine($"rijndaelEncryptedDataBase64HashBase64:{jwtService.GenerateBase64Hash(rijndaelEncryptedDataBase64, HashAlgorithmEnum.SHA512)}");
            Console.WriteLine($"contentHashBase64:{contentHashBase64}");
            var simpleMessage = new SimpleMessage {
                AuthorizationHeader = serializedJWT, BodyContents = rijndaelEncryptedDataBase64
            };

            SendRequest(simpleMessage);
        }