Support for RS384 and RS512 algorithms

Author: codingstill

JwtManager/RsJwt.cs

@@ -15,11 +15,12 @@ public class RsJwt : Jwt
  {
  public string PrivateKey { get; set; }
  public string PublicKey { get; set; }
+ public int KeySize { get; set; }
 
  public override string Sign(string payload)
  {
  List<string> segments = new List<string>();
- var header = new JwtHeader { alg = "RS256", typ = "JWT" };
+ JwtHeader header = Header;
 
  DateTime issued = DateTime.Now;
  DateTime expire = DateTime.Now.AddHours(10);
@@ -39,7 +40,7 @@ public override string Sign(string payload)
  var privKeyObj = Asn1Object.FromByteArray(keyBytes);
  var privStruct = RsaPrivateKeyStructure.GetInstance((Asn1Sequence)privKeyObj);
 
- ISigner sig = SignerUtilities.GetSigner("SHA256withRSA");
+ ISigner sig = SignerUtilities.GetSigner(SignerName);
 
  sig.Init(true, new RsaKeyParameters(true, privStruct.Modulus, privStruct.PrivateExponent));
 
@@ -74,11 +75,10 @@ public override string Validate(string token)
  RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
  rsa.ImportParameters(rsaParameters);
 
- SHA256 sha256 = SHA256.Create();
- byte[] hash = sha256.ComputeHash(Encoding.UTF8.GetBytes(header + '.' + payload));
+ byte[] hash = ComputeHash(header, payload);
 
  RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(rsa);
- rsaDeformatter.SetHashAlgorithm("SHA256");
+ rsaDeformatter.SetHashAlgorithm(AlgorithmName);
  byte[] tmp = Helpers.Base64Helper.UrlDecode(signature);
  if (!rsaDeformatter.VerifySignature(hash, tmp))
  {
@@ -87,5 +87,38 @@ public override string Validate(string token)
 
  return payloadJson;
  }
+
+ private JwtHeader Header
+ {
+ get
+ {
+ return new JwtHeader { alg = "RS" + KeySize.ToString(), typ = "JWT" };
+ }
+ }
+
+ private string SignerName
+ {
+ get
+ {
+ return "SHA" + KeySize.ToString() + "withRSA";
+ }
+ }
+
+ private string AlgorithmName
+ {
+ get
+ {
+ return "SHA" + KeySize.ToString();
+ }
+ }
+
+ private byte[] ComputeHash(string header, string payload)
+ {
+ HashAlgorithm sha = HashAlgorithm.Create(AlgorithmName);
+
+ if (sha == null) throw new Exception("Given key size is not valid.");
+
+ return sha.ComputeHash(Encoding.UTF8.GetBytes(header + '.' + payload));
+ }
  }
 }

JwtManagerTests/RsJwtTests.cs

@@ -8,22 +8,26 @@
 namespace JwtManagerTests
 {
  [TestClass]
- public class RsJwtTests
+ public abstract class RsJwtTests
  {
- #region Keys
+ #region Private Members
  private static string PrivateKey = string.Empty;
  private static string PublicKey = string.Empty;
+
  private static string KeySize = string.Empty;
  private static string OpenSslBinPath = string.Empty;
+
  private static string CurrentPath = string.Empty;
  #endregion
 
  #region Setup Methods
  [ClassInitialize]
- public static void ClassInit(TestContext context)
+ public static void BaseClassInitialize(TestContext context)
  {
- KeySize = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location).AppSettings.Settings["KeySize"].Value;
- OpenSslBinPath = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location).AppSettings.Settings["OpenSslBinPath"].Value;
+ AppSettingsSection AppSettings = ConfigurationManager.OpenExeConfiguration(Assembly.GetExecutingAssembly().Location).AppSettings;
+
+ KeySize = AppSettings.Settings["KeySize"].Value;
+ OpenSslBinPath = AppSettings.Settings["OpenSslBinPath"].Value;
 
  CurrentPath = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
  string commands = string.Format(@"{0}openssl genrsa -out private{1}.key {1}
@@ -50,13 +54,13 @@ public static void ClassInit(TestContext context)
  }
 
  [TestInitialize]
- public void Initialize() { }
+ public void BaseTestInitialize() { }
 
  [TestCleanup]
- public void Cleanup() { }
+ public void BaseTestCleanup() { }
 
  [ClassCleanup]
- public static void ClassCleanup()
+ public static void BaseClassCleanup()
  {
  File.Delete(string.Format("{0}\\private{1}.key", CurrentPath, KeySize));
  File.Delete(string.Format("{0}\\public{1}.pem", CurrentPath, KeySize));
@@ -77,6 +81,7 @@ public void SignData()
  {
  JwtManager.RsJwt jwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PrivateKey = PrivateKey
  };
 
@@ -92,13 +97,14 @@ public void ValidateData()
  string data = "{a:1,b:2}";
  JwtManager.RsJwt signJwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PrivateKey = PrivateKey
  };
  string signedData = signJwt.Sign(data);
 
  JwtManager.RsJwt jwt = new JwtManager.RsJwt
  {
- PrivateKey = PrivateKey,
+ KeySize = HashKeySize(),
  PublicKey = PublicKey
  };
  string validatedData = jwt.Validate(signedData);
@@ -112,6 +118,7 @@ public void ValidateInvalidData()
  Exception e = null;
  JwtManager.RsJwt jwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PublicKey = PublicKey
  };
 
@@ -136,6 +143,7 @@ public void SignInvalidPrivateKey()
  Exception e = null;
  JwtManager.RsJwt jwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PrivateKey = PrivateKey + "a"
  };
 
@@ -159,6 +167,7 @@ public void ValidateInvalidPublicKey()
  Exception e = null;
  JwtManager.RsJwt jwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PublicKey = PublicKey + "a"
  };
 
@@ -182,10 +191,12 @@ public void ValidateOtherPublicKey1()
  Exception e = null;
  JwtManager.RsJwt sJwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PrivateKey = PrivateKey
  };
  JwtManager.RsJwt vJwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PrivateKey = PrivateKey
  };
 
@@ -210,6 +221,7 @@ public void ValidateOtherPublicKey2()
  Exception e = null;
  JwtManager.RsJwt sJwt = new JwtManager.RsJwt
  {
+ KeySize = HashKeySize(),
  PublicKey = PublicKey
  };
 
@@ -225,5 +237,168 @@ public void ValidateOtherPublicKey2()
 
  Assert.IsNotNull(e, "An exception should be thrown");
  }
+
+ [TestMethod]
+ public void SignDataWithInvalidHashAlgorithm()
+ {
+ Exception e = null;
+ JwtManager.RsJwt jwt = new JwtManager.RsJwt
+ {
+ KeySize = 555,
+ PrivateKey = PrivateKey
+ };
+
+ try
+ {
+ string data = "{a:1,b:2}";
+ string signedData = jwt.Sign(data);
+ }
+ catch (Exception ex)
+ {
+ e = ex;
+ }
+
+
+ Assert.IsNotNull(e, "An exception should be thrown");
+ Assert.AreEqual(e.Message, "Signer SHA555WITHRSA not recognised.");
+ }
+
+ [TestMethod]
+ public void ValidateWithInvalidHashAlgorithm()
+ {
+ Exception e = null;
+ JwtManager.RsJwt sJwt = new JwtManager.RsJwt
+ {
+ KeySize = HashKeySize(),
+ PrivateKey = PrivateKey
+ };
+ JwtManager.RsJwt vJwt = new JwtManager.RsJwt
+ {
+ KeySize = 555,
+ PublicKey = PublicKey
+ };
+
+ try
+ {
+ string data = "{a:1,b:2}";
+ string signedData = sJwt.Sign(data);
+ Assert.IsNull(e, "An exception should not be thrown here");
+ string validatedData = vJwt.Validate(signedData);
+ }
+ catch (Exception ex)
+ {
+ e = ex;
+ }
+
+ Assert.IsNotNull(e, "An exception should be thrown");
+ Assert.AreEqual(e.Message, "Given key size is not valid.");
+ }
+
+ protected abstract int HashKeySize();
+ }
+
+ [TestClass]
+ public class Rs256Tests : RsJwtTests
+ {
+ #region Setup Methods
+ [ClassInitialize]
+ public static void ClassInit(TestContext context)
+ {
+ BaseClassInitialize(context);
+ }
+
+ [TestInitialize]
+ public void Initialize()
+ {
+ BaseTestInitialize();
+ }
+
+ [TestCleanup]
+ public void Cleanup()
+ {
+ BaseTestCleanup();
+ }
+
+ [ClassCleanup]
+ public static void ClassCleanup()
+ {
+ BaseClassCleanup();
+ }
+ #endregion
+
+ protected override int HashKeySize()
+ {
+ return 256;
+ }
+ }
+
+ [TestClass]
+ public class Rs384Tests : RsJwtTests
+ {
+ #region Setup Methods
+ [ClassInitialize]
+ public static void ClassInit(TestContext context)
+ {
+ BaseClassInitialize(context);
+ }
+
+ [TestInitialize]
+ public void Initialize()
+ {
+ BaseTestInitialize();
+ }
+
+ [TestCleanup]
+ public void Cleanup()
+ {
+ BaseTestCleanup();
+ }
+
+ [ClassCleanup]
+ public static void ClassCleanup()
+ {
+ BaseClassCleanup();
+ }
+ #endregion
+
+ protected override int HashKeySize()
+ {
+ return 384;
+ }
+ }
+
+ [TestClass]
+ public class Rs512Tests : RsJwtTests
+ {
+ #region Setup Methods
+ [ClassInitialize]
+ public static void ClassInit(TestContext context)
+ {
+ BaseClassInitialize(context);
+ }
+
+ [TestInitialize]
+ public void Initialize()
+ {
+ BaseTestInitialize();
+ }
+
+ [TestCleanup]
+ public void Cleanup()
+ {
+ BaseTestCleanup();
+ }
+
+ [ClassCleanup]
+ public static void ClassCleanup()
+ {
+ BaseClassCleanup();
+ }
+ #endregion
+
+ protected override int HashKeySize()
+ {
+ return 512;
+ }
  }
 }

Readme.md

@@ -18,6 +18,7 @@ using Newtonsoft.Json;
 
 JwtManager.RsJwt jwt = new JwtManager.RsJwt
 {
+ KeySize = 256, // This can be also 384 or 512
  PrivateKey = PrivateKey
 };
 
@@ -32,6 +33,7 @@ using Newtonsoft.Json;
 
 JwtManager.RsJwt jwt = new JwtManager.RsJwt
 {
+ KeySize = 256, // This can be also 384 or 512
  PublicKey = PublicKey
 };