protected override SymmetricJwk GenerateKey(IConsole console) { SymmetricJwk key; var stopwatch = new Stopwatch(); if (_keyLength != 0) { console.Verbose($@"Generating 'oct' JWK of {_keyLength} bits..."); stopwatch.Start(); key = SymmetricJwk.GenerateKey(_keyLength, computeThumbprint: !_noKid); } else if (SignatureAlgorithm.TryParse(_alg, out var signatureAlgorithm)) { console.Verbose($@"Generating 'oct' JWK of {signatureAlgorithm.RequiredKeySizeInBits} bits for algorithm {signatureAlgorithm}..."); stopwatch.Start(); key = SymmetricJwk.GenerateKey(signatureAlgorithm, computeThumbprint: !_noKid); } else if (KeyManagementAlgorithm.TryParse(_alg, out var keyManagementAlgorithm)) { console.Verbose($@"Generating 'oct' JWK of {keyManagementAlgorithm.RequiredKeySizeInBits} bits for algorithm {signatureAlgorithm}..."); stopwatch.Start(); key = SymmetricJwk.GenerateKey(keyManagementAlgorithm, computeThumbprint: !_noKid); } else { throw new InvalidOperationException("Unable to found the way to generate the key. Please specify a valid key length or a valid algorithm."); } console.Verbose($"JWK generated in {stopwatch.ElapsedMilliseconds} ms."); if (_kid != null) { console.Verbose($"kid: {_kid}"); key.Kid = JsonEncodedText.Encode(_kid); } else if (!_noKid) { console.Verbose($"kid: {key.Kid}"); } if (_use != null) { console.Verbose($"use: {_use}"); key.Use = JsonEncodedText.Encode(_use); } if (_keyOps != null && _keyOps.Count != 0) { console.Verbose($"key_ops: {string.Join(", ", _keyOps)}"); foreach (var keyOps in _keyOps) { if (keyOps != null) { key.KeyOps.Add(JsonEncodedText.Encode(keyOps)); } } } return(key); }
protected override ECJwk GenerateKey(IConsole console) { ECJwk key; var stopwatch = new Stopwatch(); if (SignatureAlgorithm.TryParse(_alg, out var signatureAlgorithm)) { if (EllipticalCurve.TryParse(_curve, out var curve)) { if (EllipticalCurve.TryGetSupportedCurve(signatureAlgorithm, out var curve2)) { if (curve.Id != curve2.Id) { throw new InvalidOperationException($@"Unable to generate 'EC' JWK. Curve '{curve}' and algorithm '{signatureAlgorithm}' are not compatible'. Use algorithm '{curve.SupportedSignatureAlgorithm}' with curve '{curve}', or curve '{curve2}' with algorithm '{signatureAlgorithm}'."); } } else { throw new InvalidOperationException($@"Unable to generate 'EC' JWK. Curve '{curve}' and algorithm '{signatureAlgorithm}' are not compatible'. Use algorithm '{curve.SupportedSignatureAlgorithm}' with curve '{curve}'."); } } console.Verbose($@"Generating 'EC' JWK of {signatureAlgorithm.RequiredKeySizeInBits} bits for algorithm {signatureAlgorithm}..."); stopwatch.Start(); key = ECJwk.GeneratePrivateKey(signatureAlgorithm, computeThumbprint: !_noKid); } else if (EllipticalCurve.TryParse(_curve, out var curve)) { if (KeyManagementAlgorithm.TryParse(_alg, out var keyManagementAlgorithm)) { console.Verbose($@"Generating 'EC' JWK for algorithm {keyManagementAlgorithm} and curve {curve}..."); stopwatch.Start(); key = ECJwk.GeneratePrivateKey(curve, keyManagementAlgorithm, computeThumbprint: !_noKid); } else { console.Verbose($@"Generating 'EC' JWK for curve {curve}..."); stopwatch.Start(); key = ECJwk.GeneratePrivateKey(curve, computeThumbprint: !_noKid); } } else { throw new InvalidOperationException("Unable to found the way to generate the key. Please specify a valid curve or a valid algorithm."); } console.Verbose($"JWK generated in {stopwatch.ElapsedMilliseconds} ms."); if (_kid != null) { console.Verbose($"kid: {_kid}"); key.Kid = JsonEncodedText.Encode(_kid); } else if (!_noKid) { console.Verbose($"kid: {key.Kid}"); } if (_use != null) { console.Verbose($"use: {_use}"); key.Use = JsonEncodedText.Encode(_use); } if (_keyOps != null && _keyOps.Count != 0) { console.Verbose($"key_ops: {string.Join(", ", _keyOps)}"); foreach (var keyOps in _keyOps) { if (keyOps != null) { key.KeyOps.Add(JsonEncodedText.Encode(keyOps)); } } } return(key); }
internal static JwtHeader ReadJwtHeaderSlow(ref Utf8JsonReader reader) { var current = new JwtObject(3); var header = new JwtHeader(current); while (reader.Read()) { if (!(reader.TokenType is JsonTokenType.PropertyName)) { break; } if (reader.ValueTextEquals(HeaderParameters.AlgUtf8) && reader.Read()) { if (!(reader.TokenType is JsonTokenType.String)) { break; } var alg = reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan; if (SignatureAlgorithm.TryParse(alg, out var signatureAlgorithm)) { header.SignatureAlgorithm = signatureAlgorithm; } else if (KeyManagementAlgorithm.TryParse(alg, out var keyManagementAlgorithm)) { header.KeyManagementAlgorithm = keyManagementAlgorithm; } else if (SignatureAlgorithm.TryParseSlow(ref reader, out signatureAlgorithm)) { header.SignatureAlgorithm = signatureAlgorithm; } else if (KeyManagementAlgorithm.TryParseSlow(ref reader, out keyManagementAlgorithm)) { header.KeyManagementAlgorithm = keyManagementAlgorithm; } else { // TODO : Fix when the Utf8JsonReader will allow // to read an unescaped string without allocating a string current.Add(new JwtProperty(WellKnownProperty.Alg, Encoding.UTF8.GetBytes(reader.GetString()))); } } else if (reader.ValueTextEquals(HeaderParameters.EncUtf8) && reader.Read()) { if (!(reader.TokenType is JsonTokenType.String)) { break; } var enc = reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan; if (EncryptionAlgorithm.TryParse(enc, out var encryptionAlgorithm)) { header.EncryptionAlgorithm = encryptionAlgorithm; } else if (EncryptionAlgorithm.TryParseSlow(ref reader, out encryptionAlgorithm)) { header.EncryptionAlgorithm = encryptionAlgorithm; } else { // TODO : Fix when the Utf8JsonReader will allow // to read an unescaped string without allocating a string current.Add(new JwtProperty(WellKnownProperty.Enc, Encoding.UTF8.GetBytes(reader.GetString()))); } } else if (reader.ValueTextEquals(HeaderParameters.CtyUtf8) && reader.Read()) { if (!(reader.TokenType is JsonTokenType.String)) { break; } current.Add(new JwtProperty(WellKnownProperty.Cty, Encoding.UTF8.GetBytes(reader.GetString()))); } else if (reader.ValueTextEquals(HeaderParameters.TypUtf8) && reader.Read()) { if (!(reader.TokenType is JsonTokenType.String)) { break; } current.Add(new JwtProperty(WellKnownProperty.Typ, Encoding.UTF8.GetBytes(reader.GetString()))); } else if (reader.ValueTextEquals(HeaderParameters.KidUtf8) && reader.Read()) { if (!(reader.TokenType is JsonTokenType.String)) { break; } current.Add(new JwtProperty(WellKnownProperty.Kid, reader.GetString())); } else if (reader.ValueTextEquals(HeaderParameters.ZipUtf8) && reader.Read()) { if (!(reader.TokenType is JsonTokenType.String)) { break; } var zip = reader.HasValueSequence ? reader.ValueSequence.ToArray() : reader.ValueSpan; if (CompressionAlgorithm.TryParse(zip, out var compressionAlgorithm)) { current.Add(new JwtProperty(compressionAlgorithm)); } else if (CompressionAlgorithm.TryParseSlow(ref reader, out compressionAlgorithm)) { current.Add(new JwtProperty(compressionAlgorithm)); } else { // TODO : Fix when the Utf8JsonReader will allow // to read an unescaped string without allocating a string current.Add(new JwtProperty(WellKnownProperty.Zip, Encoding.UTF8.GetBytes(reader.GetString()))); } } else { var name = reader.GetString(); reader.Read(); switch (reader.TokenType) { case JsonTokenType.StartObject: current.Add(name, JsonParser.ReadJsonObject(ref reader)); break; case JsonTokenType.StartArray: current.Add(name, JsonParser.ReadJsonArray(ref reader)); break; case JsonTokenType.String: current.Add(name, reader.GetString()); break; case JsonTokenType.True: current.Add(name, true); break; case JsonTokenType.False: current.Add(name, false); break; case JsonTokenType.Null: current.Add(name); break; case JsonTokenType.Number: if (reader.TryGetInt64(out long longValue)) { current.Add(name, longValue); } else { if (reader.TryGetDouble(out double doubleValue)) { current.Add(name, doubleValue); } else { throw new FormatException($"NotSupportedNumberValue {Encoding.UTF8.GetBytes(name)}"); } } break; default: throw new FormatException("MalformedJson"); } } } if (!(reader.TokenType is JsonTokenType.EndObject)) { throw new FormatException("MalformedJson"); } return(header); }