public static async Task <string> Run(CanonicalizeOptions options)
{
var serviceProvider = new ServiceCollection()
.AddHttpMessageSigning()
.BuildServiceProvider();
var requestSignerFactory = serviceProvider.GetRequiredService <IRequestSignerFactory>();
string signingString = null;
var signingSettings = new SigningSettings {
SignatureAlgorithm = new CustomSignatureAlgorithm(options.Algorithm ?? "hs2019"),
EnableNonce = false,
DigestHashAlgorithm = default,
public Verify()
{
_signature = (Signature)TestModels.Signature.Clone();
_signedRequest = (HttpRequestForSigning)TestModels.Request.Clone();
_signatureAlgorithm = new CustomSignatureAlgorithm("TEST");
_client = new Client(TestModels.Client.Id, TestModels.Client.Name, _signatureAlgorithm, TimeSpan.FromMinutes(1));
_method = (request, signature, client) => _sut.Verify(request, signature, client);
_composedSignatureString = "abc123";
A.CallTo(() => _signingStringComposer.Compose(A <HttpRequestForSigning> ._, A <string> ._, A <HeaderName[]> ._, A <DateTimeOffset> ._, A <TimeSpan> ._, A <string> ._))
.Returns(_composedSignatureString);
_signature.String = _base64Converter.ToBase64(_client.SignatureAlgorithm.ComputeHash(_composedSignatureString));
}
public Verify()
{
_now = new DateTimeOffset(2020, 2, 24, 10, 20, 14, TimeSpan.FromHours(0));
_signature = (Signature)TestModels.Signature.Clone();
_signedRequest = (HttpRequestForVerification)TestModels.RequestForVerification.Clone();
_signatureAlgorithm = new CustomSignatureAlgorithm("TEST");
_client = new Client(
TestModels.Client.Id,
TestModels.Client.Name,
_signatureAlgorithm,
TestModels.Client.NonceLifetime,
TestModels.Client.ClockSkew,
TestModels.Client.RequestTargetEscaping,
TestModels.Client.Claims);
_method = (request, signature, client) => _sut.Verify(request, signature, client);
_composedSignatureString = "abc123";
_composeCall = () => A.CallTo(() => _signingStringComposer.Compose(A <SigningStringCompositionRequest> ._));
_composeCall().Returns(_composedSignatureString);
_signature.String = _base64Converter.ToBase64(_client.SignatureAlgorithm.ComputeHash(_composedSignatureString));
}
public static async Task <string> Run(SignOptions options)
{
var serviceProvider = new ServiceCollection()
.AddHttpMessageSigning()
.BuildServiceProvider();
var requestSignerFactory = serviceProvider.GetRequiredService <IRequestSignerFactory>();
ISignatureAlgorithm signatureAlgorithm;
if (string.IsNullOrEmpty(options.KeyType) || options.KeyType.Equals("RSA", StringComparison.OrdinalIgnoreCase))
{
signatureAlgorithm = RSASignatureAlgorithm.CreateForSigning(HashAlgorithmName.SHA512, KeyReader.ReadRSA(options.PrivateKey));
}
else if (options.KeyType.Equals("P256", StringComparison.OrdinalIgnoreCase) || options.KeyType.Equals("ECDSA", StringComparison.OrdinalIgnoreCase))
{
signatureAlgorithm = ECDsaSignatureAlgorithm.CreateForSigning(HashAlgorithmName.SHA512, KeyReader.ReadECDsaPrivate(options.PrivateKey));
}
else if (options.KeyType.Equals("HMAC", StringComparison.OrdinalIgnoreCase))
{
signatureAlgorithm = SignatureAlgorithm.CreateForSigning(options.PrivateKey, HashAlgorithmName.SHA512);
}
else
{
throw new NotSupportedException("The specified key type is not supported.");
}
if (!string.IsNullOrEmpty(options.Algorithm) &&
!options.Algorithm.StartsWith("rsa", StringComparison.OrdinalIgnoreCase) &&
!options.Algorithm.StartsWith("hmac", StringComparison.OrdinalIgnoreCase) &&
!options.Algorithm.StartsWith("ecdsa", StringComparison.OrdinalIgnoreCase))
{
signatureAlgorithm = new CustomSignatureAlgorithm(options.Algorithm);
}
var signingSettings = new SigningSettings {
SignatureAlgorithm = signatureAlgorithm,
EnableNonce = false,
DigestHashAlgorithm = HashAlgorithmName.SHA256,
AutomaticallyAddRecommendedHeaders = false,
Headers = options.Headers
?.Split(new[] { ' ', ',' }, StringSplitOptions.RemoveEmptyEntries)
.Select(h => new HeaderName(h))
.ToArray()
};
var signer = requestSignerFactory.Create(
new KeyId("test"),
signingSettings);
var created = DateTimeOffset.UtcNow;
if (!string.IsNullOrEmpty(options.Created))
{
var createdUnix = int.Parse(options.Created);
created = DateTimeOffset.FromUnixTimeSeconds(createdUnix);
}
var expires = signingSettings.Expires;
if (!string.IsNullOrEmpty(options.Expires))
{
var expiresUnix = int.Parse(options.Expires);
var expiresAbsolute = DateTimeOffset.FromUnixTimeSeconds(expiresUnix);
expires = expiresAbsolute - created;
}
await signer.Sign(options.Message, created, expires);
var serializedMessage = HttpMessageSerializer.Serialize(options.Message);
return(serializedMessage);
}
