public virtual byte[] Unwrap(byte[] encryptedCek, object key, int cekSizeBits, IDictionary <string, string> header) { var privateKey = Ensure.Type <CngKey>(key, "EcdhKeyManagement alg expects key to be of CngKey type."); Ensure.Contains(header, new[] { "epk" }, "EcdhKeyManagement algorithm expects 'epk' key param in JWT header, but was not found"); Ensure.Contains(header, new[] { algIdHeader }, "EcdhKeyManagement algorithm expects 'enc' header to be present in JWT header, but was not found"); IDictionary <string, object> epk = new Dictionary <string, object>();// (IDictionary<string, object>)header["epk"]; Ensure.Contains(epk, new[] { "x", "y", "crv" }, "EcdhKeyManagement algorithm expects 'epk' key to contain 'x','y' and 'crv' fields."); var x = Base64Url.Decode((string)epk["x"]); var y = Base64Url.Decode((string)epk["y"]); var externalPublicKey = EccKey.New(x, y, usage: CngKeyUsages.KeyAgreement); return(DeriveKey(header, cekSizeBits, externalPublicKey, privateKey)); }
private byte[] NewKey(int keyLength, object key, IDictionary <string, string> header) { var recieverPubKey = Ensure.Type <CngKey>(key, "EcdhKeyManagement alg expects key to be of CngKey type."); EccKey ephemeral = EccKey.Generate(recieverPubKey); IDictionary <string, string> epk = new Dictionary <string, string>(); epk["kty"] = "EC"; epk["x"] = Base64Url.Encode(ephemeral.X); epk["y"] = Base64Url.Encode(ephemeral.Y); epk["crv"] = Curve(recieverPubKey); //header["epk"] = epk; //return DeriveKey(header, keyLength, recieverPubKey, ephemeral.Key); return(null); }