示例#1
0
        public static byte[] Decrypt(byte[] secretKeyBytes, JweObject jweObject)
        {
            // Extract the encryption key
            byte[] aesKey = new byte[16];
            Array.Copy(secretKeyBytes, 16, aesKey, 0, aesKey.Length);

            byte[] plaintext;
            using (var aes = Aes.Create())
            {
                aes.Key     = aesKey;
                aes.Mode    = CipherMode.CBC;
                aes.Padding = PaddingMode.PKCS7;
                aes.IV      = Base64Utils.URLDecode(jweObject.Iv);

                byte[] ciphertext = Base64Utils.URLDecode(jweObject.CipherText);
                using (var decryptor = aes.CreateDecryptor())
                {
                    using (var memoryStream = new MemoryStream(ciphertext))
                    {
                        using (var cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
                        {
                            var output    = new MemoryStream();
                            var decrypted = new byte[Math.Min(1024, ciphertext.Length)];
                            int byteCount;
                            while ((byteCount = cryptoStream.Read(decrypted, 0, decrypted.Length)) > 0)
                            {
                                output.Write(decrypted, 0, byteCount);
                            }
                            plaintext = output.ToArray();
                        }
                    }
                }
            }
            return(plaintext);
        }
        public void TestDecrypt_ShouldReturnDecryptedPayload_WhenPayloadIsCbcEncrypted()
        {
            // GIVEN
            JweObject jweObject = TestUtils.GetTestCbcJweObject();

            // WHEN
            string decryptedPayload = jweObject.Decrypt(TestUtils.GetTestJweConfigBuilder().Build());

            // THEN
            Assert.AreEqual("bar", decryptedPayload);
        }
        internal static byte[] Decrypt(byte[] secretKeyBytes, JweObject jweObject)
        {
#if NETSTANDARD2_1
            byte[] plaintext;
            using (var aes = new System.Security.Cryptography.AesGcm(secretKeyBytes))
            {
                byte[] nonce      = Base64Utils.URLDecode(jweObject.Iv);
                byte[] aad        = Encoding.ASCII.GetBytes(jweObject.RawHeader);
                byte[] authTag    = Base64Utils.URLDecode(jweObject.AuthTag);
                byte[] ciphertext = Base64Utils.URLDecode(jweObject.CipherText);
                plaintext = new byte[ciphertext.Length];

                aes.Decrypt(nonce, ciphertext, authTag, plaintext, aad);
            }
            return(plaintext);
#else
            throw new EncryptionException("AES/GCM/NoPadding is unsupported on .NET Standard < 2.1");
#endif
        }
 internal static JweObject GetTestGcmJweObject()
 {
     return(JweObject.Parse("eyJraWQiOiI3NjFiMDAzYzFlYWRlM2E1NDkwZTUwMDBkMzc4ODdiYWE1ZTZlYzBlMjI2YzA3NzA2ZTU5OTQ1MWZjMDMyYTc5IiwiY3R5IjoiYXBwbGljYXRpb25cL2pzb24iLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAtMjU2In0.8c6vxeZOUBS8A9SXYUSrRnfl1ht9xxciB7TAEv84etZhQQ2civQKso-htpa2DWFBSUm-UYlxb6XtXNXZxuWu-A0WXjwi1K5ZAACc8KUoYnqPldEtC9Q2bhbQgc_qZF_GxeKrOZfuXc9oi45xfVysF_db4RZ6VkLvY2YpPeDGEMX_nLEjzqKaDz_2m0Ae_nknr0p_Nu0m5UJgMzZGR4Sk1DJWa9x-WJLEyo4w_nRDThOjHJshOHaOU6qR5rdEAZr_dwqnTHrjX9Qm9N9gflPGMaJNVa4mvpsjz6LJzjaW3nJ2yCoirbaeJyCrful6cCiwMWMaDMuiBDPKa2ovVTy0Sw.w0Nkjxl0T9HHNu4R.suRZaYu6Ui05Z3-vsw.akknMr3Dl4L0VVTGPUszcA"));
 }
 internal static JweObject GetTestCbcJweObject()
 {
     return(JweObject.Parse("eyJraWQiOiI3NjFiMDAzYzFlYWRlM2E1NDkwZTUwMDBkMzc4ODdiYWE1ZTZlYzBlMjI2YzA3NzA2ZTU5OTQ1MWZjMDMyYTc5IiwiY3R5IjoiYXBwbGljYXRpb25cL2pzb24iLCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiUlNBLU9BRVAtMjU2In0.5bsamlChk0HR3Nqg2UPJ2Fw4Y0MvC2pwWzNv84jYGkOXyqp1iwQSgETGaplIa7JyLg1ZWOqwNHEx3N7gsN4nzwAnVgz0eta6SsoQUE9YQ-5jek0COslUkoqIQjlQYJnYur7pqttDibj87fcw13G2agle5fL99j1QgFPjNPYqH88DMv481XGFa8O3VfJhW93m73KD2gvE5GasOPOkFK9wjKXc9lMGSgSArp3Awbc_oS2Cho_SbsvuEQwkhnQc2JKT3IaSWu8yK7edNGwD6OZJLhMJzWJlY30dUt2Eqe1r6kMT0IDRl7jHJnVIr2Qpe56CyeZ9V0aC5RH1mI5dYk4kHg.yI0CS3NdBrz9CCW2jwBSDw.6zr2pOSmAGdlJG0gbH53Eg.UFgf3-P9UjgMocEu7QA_vQ"));
 }