Skip to content

Commit

Permalink
Merge pull request #1056 from GekySan/master
Browse files Browse the repository at this point in the history 
Implemented RSA signing for JWT
  • Loading branch information
@openbullet
openbullet authored Jul 10, 2024
2 parents 5123dac + a91922c commit a0ae36b
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 13 deletions.
2 changes: 1 addition & 1 deletion RuriLib/Blocks/Functions/Crypto/Methods.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -217,7 +217,7 @@ public static string AESDecryptString(BotData data, byte[] cipherText, byte[] ke
}

[Block("Generates a JSON Web Token using a secret key, payload, optional extra headers and specified algorithm type",
name = "JWT Encode", extraInfo = "The header already contains the selected algorithm and token type (JWT) by default")]
name = "JWT Encode", extraInfo = "The header already contains the selected algorithm and token type (JWT) by default. For JWTs using asymmetric key signatures, the secret must be provided in PEM format.")]
public static string JwtEncode(BotData data, JwtAlgorithmName algorithm, string secret, string extraHeaders = "{}", string payload = "{}")
{
var extraHeadersDictionary = JsonConvert.DeserializeObject<Dictionary<string, object>>(extraHeaders);
Expand Down
70 changes: 58 additions & 12 deletions RuriLib/Functions/Crypto/Crypto.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -626,19 +626,65 @@ private static byte[] PerformCryptography(byte[] data, ICryptoTransform cryptoTr
#region JWT
public static string JwtEncode(JwtAlgorithmName algorithmName, string secret, IDictionary<string, object> extraHeaders, IDictionary<string, object> payload)
{
IJwtAlgorithm algorithm = algorithmName switch
IJwtAlgorithm algorithm = null;
RSA rsa = null;
try
{
JwtAlgorithmName.HS256 => new HMACSHA256Algorithm(),
JwtAlgorithmName.HS384 => new HMACSHA384Algorithm(),
JwtAlgorithmName.HS512 => new HMACSHA512Algorithm(),
_ => throw new NotSupportedException("This algorithm is not supported at the moment")
};

var jsonSerializer = new JsonNetSerializer();
var urlEncoder = new JwtBase64UrlEncoder();
var jwtEncoder = new JwtEncoder(algorithm, jsonSerializer, urlEncoder);

return jwtEncoder.Encode(extraHeaders, payload, secret);
switch (algorithmName)
{
case JwtAlgorithmName.HS256:
algorithm = new HMACSHA256Algorithm();
break;
case JwtAlgorithmName.HS384:
algorithm = new HMACSHA384Algorithm();
break;
case JwtAlgorithmName.HS512:
algorithm = new HMACSHA512Algorithm();
break;
case JwtAlgorithmName.RS256:
rsa = RSA.Create();
rsa.ImportFromPem(secret.ToCharArray());
algorithm = new RS256Algorithm(rsa, rsa);
break;
case JwtAlgorithmName.RS384:
rsa = RSA.Create();
rsa.ImportFromPem(secret.ToCharArray());
algorithm = new RS384Algorithm(rsa, rsa);
break;
case JwtAlgorithmName.RS512:
rsa = RSA.Create();
rsa.ImportFromPem(secret.ToCharArray());
algorithm = new RS512Algorithm(rsa, rsa);
break;
case JwtAlgorithmName.RS1024:
rsa = RSA.Create();
rsa.ImportFromPem(secret.ToCharArray());
algorithm = new RS1024Algorithm(rsa, rsa);
break;
case JwtAlgorithmName.RS2048:
rsa = RSA.Create();
rsa.ImportFromPem(secret.ToCharArray());
algorithm = new RS2048Algorithm(rsa, rsa);
break;
case JwtAlgorithmName.RS4096:
rsa = RSA.Create();
rsa.ImportFromPem(secret.ToCharArray());
algorithm = new RS4096Algorithm(rsa, rsa);
break;
default:
throw new NotSupportedException("This algorithm is not supported at the moment");
}

var jsonSerializer = new JsonNetSerializer();
var urlEncoder = new JwtBase64UrlEncoder();
var jwtEncoder = new JwtEncoder(algorithm, jsonSerializer, urlEncoder);

return jwtEncoder.Encode(extraHeaders, payload, secret);
}
finally
{
rsa?.Dispose();
}
}
#endregion

Expand Down

0 comments on commit a0ae36b

Please sign in to comment.