Miscelanious trials

2026-02-06 19:58:01 +01:00 · 2026-02-06 19:58:01 +01:00 · f99c97f392
commit f99c97f392
33 changed files with 881 additions and 0 deletions
--- a/IdentityShroud.Core.Tests/IdentityShroud.Core.Tests.csproj
+++ b/IdentityShroud.Core.Tests/IdentityShroud.Core.Tests.csproj
@ -0,0 +1,27 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <TargetFramework>net10.0</TargetFramework>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>enable</Nullable>
+        <IsPackable>false</IsPackable>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="coverlet.collector" Version="6.0.4"/>
+        <PackageReference Include="jose-jwt" Version="5.2.0" />
+        <PackageReference Include="Microsoft.AspNetCore.WebUtilities" Version="10.0.2" />
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.14.1"/>
+        <PackageReference Include="xunit" Version="2.9.3"/>
+        <PackageReference Include="xunit.runner.visualstudio" Version="3.1.4"/>
+    </ItemGroup>
+
+    <ItemGroup>
+        <Using Include="Xunit"/>
+    </ItemGroup>
+
+    <ItemGroup>
+      <ProjectReference Include="..\IdentityShroud.Core\IdentityShroud.Core.csproj" />
+    </ItemGroup>
+
+</Project>
--- a/IdentityShroud.Core.Tests/Security/AesGcmHelperTests.cs
+++ b/IdentityShroud.Core.Tests/Security/AesGcmHelperTests.cs
@ -0,0 +1,21 @@
+using System.Security.Cryptography;
+using System.Text;
+using IdentityShroud.Core.Security;
+
+namespace IdentityShroud.Core.Tests.Security;
+
+public class AesGcmHelperTests
+{
+    [Fact]
+    public void EncryptDecryptCycleWorks()
+    {
+        string input = "Hello, world!";
+
+        var encryptionKey = RandomNumberGenerator.GetBytes(32);
+
+        var cypher = AesGcmHelper.EncryptAesGcm(Encoding.UTF8.GetBytes(input), encryptionKey);
+        var output = AesGcmHelper.DecryptAesGcm(cypher, encryptionKey);
+        
+        Assert.Equal(input, Encoding.UTF8.GetString(output));
+    }
+}
--- a/IdentityShroud.Core.Tests/UnitTest1.cs
+++ b/IdentityShroud.Core.Tests/UnitTest1.cs
@ -0,0 +1,107 @@
+using System.Security.Cryptography;
+using System.Text;
+using System.Text.Json;
+using IdentityShroud.Core.Messages;
+using Microsoft.AspNetCore.WebUtilities;
+
+namespace IdentityShroud.Core.Tests;
+
+public class UnitTest1
+{
+    private const string TestJwt = @"eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJybVZ3TU5rM0o1WHlmMWhyS3NVbEVYN1BNUm42dlZKY0h3U3FYMUVQRnFJIn0.eyJleHAiOjE3Njk5MzY5MDksImlhdCI6MTc2OTkzNjYwOSwianRpIjoiMjNiZDJmNjktODdhYi00YmM2LWE0MWQtZGZkNzkxNDc4ZDM0IiwiaXNzIjoiaHR0cHM6Ly9pYW0ua2Fzc2FjbG91ZC5ubC9hdXRoL3JlYWxtcy9tcGx1c2thc3NhIiwiYXVkIjpbImthc3NhLW1hbmFnZW1lbnQtc2VydmljZSIsImFwYWNoZTItaW50cmFuZXQtYXV0aCIsImFjY291bnQiXSwic3ViIjoiMDkzY2NmMTUtYzRhOS00YWI0LTk3MWYtZDVhMDIyMzZkODVhIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibXBvYmFja2VuZCIsInNpZCI6IjI2NmUyNjJiLTU5NjMtNDUyZi04ZTI3LWIwZTkzMjBkNTZkNiIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJkZWZhdWx0LXJvbGVzLW1wbHVza2Fzc2EiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIiwiZGVhbGVyLW1lZGV3ZXJrZXItcm9sZSIsIm1wbHVza2Fzc2EtbWVkZXdlcmtlci1yb2xlIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYXBhY2hlMi1pbnRyYW5ldC1hdXRoIjp7InJvbGVzIjpbImludHJhbmV0IiwicmVsZWFzZW5vdGVzX3dyaXRlIl19LCJrYXNzYS1tYW5hZ2VtZW50LXNlcnZpY2UiOnsicm9sZXMiOlsicG9zYWNjb3VudF9wYXNzd29yZHJlc2V0IiwiZHJhZnRfbGljZW5zZV93cml0ZSIsImxpY2Vuc2VfcmVhZCIsImtub3dsZWRnZUl0ZW1fcmVhZCIsIm1haWxpbmdfcmVhZCIsIm1wbHVzYXBpX3JlYWQiLCJkYXRhYmFzZV91c2VyX3dyaXRlIiwiZW52aXJvbm1lbnRfd3JpdGUiLCJna3NfYXV0aGNvZGVfcmVhZCIsImVtcGxveWVlX3JlYWQiLCJkYXRhYmFzZV91c2VyX3JlYWQiLCJhcGlhY2NvdW50X3Bhc3N3b3JkcmVzZXQiLCJtcGx1c2FwaV93cml0ZSIsImVudmlyb25tZW50X3JlYWQiLCJrbm93bGVkZ2VJdGVtX3dyaXRlIiwiZGF0YWJhc2VfdXNlcl9wYXNzd29yZF9yZWFkIiwibGljZW5zZV93cml0ZSIsImN1c3RvbWVyX3dyaXRlIiwiZGVhbGVyX3JlYWQiLCJlbXBsb3llZV93cml0ZSIsImRhdGFiYXNlX2NvbmZpZ3VyYXRpb25fd3JpdGUiLCJyZWxhdGlvbnNfcmVhZCIsImRhdGFiYXNlX3VzZXJfcGFzc3dvcmRfbXBsdXNfZW5jcnlwdGVkX3JlYWQiLCJkcmFmdF9saWNlbnNlX3JlYWQiLCJkYXRhYmFzZV9jb25maWd1cmF0aW9uX3JlYWQiXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoia21zIGVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZGVhbGVySWQiOjEsIm5hbWUiOiJFZWxrZSBLbGVpbiIsInByZWZlcnJlZF91c2VybmFtZSI6ImVlbGtlQGJvbHQubmwiLCJsb2NhbGUiOiJlbiIsImdpdmVuX25hbWUiOiJFZWxrZSIsImZhbWlseV9uYW1lIjoiS2xlaW4iLCJlbWFpbCI6ImVlbGtlQGJvbHQubmwiLCJlbXBsb3llZU51bWJlciI6NTR9.Z1mjZkpFLIMsx2EWRNwFXYinwUO4iRmteClGWoj70c9AffhjEN5hmSL2ErLn9RjofODY5JovbDo3RDBrTWMDdGHYavxaZRzn8EJe6Ndp9b2n7kUNHJpBrqIGEMhD5sY_5YRTfMIe7j7k2oRW8QIpcQ5_bYUBKEWfHYQqfi8IfpRjLhgd6zKMC3Faj4e442p5zY2dEdWHEr5j6--_Py4HhNsomtTY6WPFH8nTCJ9pbMM9ThSDmdjbSiMbNLeSAQzJNVXp5GGsSVlkJNRlMI_Mmfd7jWpSDZpNPzxJ-HmkDhY9oiInZW0livnf9-eesKWljO3TAXKEuiqigsblSbLjsQ";
+    [Fact]
+    public void DecodeTest()
+    {
+        var decoded = JwtReader.Decode(TestJwt);
+        
+        Assert.Equal("RS256", decoded.Header.Algorithm);
+        Assert.Equal("https://iam.kassacloud.nl/auth/realms/mpluskassa", decoded.Payload.Issuer);
+    }
+
+    [Fact]
+    public void CreateTest()
+    {
+        using (RSA rsa = RSA.Create())
+        {
+            // Option 1: Load from PEM string
+            // string privateKeyPem = @"-----BEGIN PRIVATE KEY-----
+            // ... your key here ...
+            // -----END PRIVATE KEY-----";
+            // rsa.ImportFromPem(privateKeyPem);
+            
+            // Option 2: Load from XML
+            // string xmlKey = "<RSAKeyValue>...</RSAKeyValue>";
+            // rsa.FromXmlString(xmlKey);
+            
+            // Option 3: Generate a new key for testing
+            rsa.KeySize = 2048;
+            
+            // Your already encoded header and payload
+            string header = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJybVZ3TU5rM0o1WHlmMWhyS3NVbEVYN1BNUm42dlZKY0h3U3FYMUVQRnFJIn0";
+            string payload = "eyJleHAiOjE3Njk5MzY5MDksImlhdCI6MTc2OTkzNjYwOSwianRpIjoiMjNiZDJmNjktODdhYi00YmM2LWE0MWQtZGZkNzkxNDc4ZDM0IiwiaXNzIjoiaHR0cHM6Ly9pYW0ua2Fzc2FjbG91ZC5ubC9hdXRoL3JlYWxtcy9tcGx1c2thc3NhIiwiYXVkIjpbImthc3NhLW1hbmFnZW1lbnQtc2VydmljZSIsImFwYWNoZTItaW50cmFuZXQtYXV0aCIsImFjY291bnQiXSwic3ViIjoiMDkzY2NmMTUtYzRhOS00YWI0LTk3MWYtZDVhMDIyMzZkODVhIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoibXBvYmFja2VuZCIsInNpZCI6IjI2NmUyNjJiLTU5NjMtNDUyZi04ZTI3LWIwZTkzMjBkNTZkNiIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJkZWZhdWx0LXJvbGVzLW1wbHVza2Fzc2EiLCJvZmZsaW5lX2FjY2VzcyIsInVtYV9hdXRob3JpemF0aW9uIiwiZGVhbGVyLW1lZGV3ZXJrZXItcm9sZSIsIm1wbHVza2Fzc2EtbWVkZXdlcmtlci1yb2xlIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYXBhY2hlMi1pbnRyYW5ldC1hdXRoIjp7InJvbGVzIjpbImludHJhbmV0IiwicmVsZWFzZW5vdGVzX3dyaXRlIl19LCJrYXNzYS1tYW5hZ2VtZW50LXNlcnZpY2UiOnsicm9sZXMiOlsicG9zYWNjb3VudF9wYXNzd29yZHJlc2V0IiwiZHJhZnRfbGljZW5zZV93cml0ZSIsImxpY2Vuc2VfcmVhZCIsImtub3dsZWRnZUl0ZW1fcmVhZCIsIm1haWxpbmdfcmVhZCIsIm1wbHVzYXBpX3JlYWQiLCJkYXRhYmFzZV91c2VyX3dyaXRlIiwiZW52aXJvbm1lbnRfd3JpdGUiLCJna3NfYXV0aGNvZGVfcmVhZCIsImVtcGxveWVlX3JlYWQiLCJkYXRhYmFzZV91c2VyX3JlYWQiLCJhcGlhY2NvdW50X3Bhc3N3b3JkcmVzZXQiLCJtcGx1c2FwaV93cml0ZSIsImVudmlyb25tZW50X3JlYWQiLCJrbm93bGVkZ2VJdGVtX3dyaXRlIiwiZGF0YWJhc2VfdXNlcl9wYXNzd29yZF9yZWFkIiwibGljZW5zZV93cml0ZSIsImN1c3RvbWVyX3dyaXRlIiwiZGVhbGVyX3JlYWQiLCJlbXBsb3llZV93cml0ZSIsImRhdGFiYXNlX2NvbmZpZ3VyYXRpb25fd3JpdGUiLCJyZWxhdGlvbnNfcmVhZCIsImRhdGFiYXNlX3VzZXJfcGFzc3dvcmRfbXBsdXNfZW5jcnlwdGVkX3JlYWQiLCJkcmFmdF9saWNlbnNlX3JlYWQiLCJkYXRhYmFzZV9jb25maWd1cmF0aW9uX3JlYWQiXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoia21zIGVtYWlsIHByb2ZpbGUiLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZSwiZGVhbGVySWQiOjEsIm5hbWUiOiJFZWxrZSBLbGVpbiIsInByZWZlcnJlZF91c2VybmFtZSI6ImVlbGtlQGJvbHQubmwiLCJsb2NhbGUiOiJlbiIsImdpdmVuX25hbWUiOiJFZWxrZSIsImZhbWlseV9uYW1lIjoiS2xlaW4iLCJlbWFpbCI6ImVlbGtlQGJvbHQubmwiLCJlbXBsb3llZU51bWJlciI6NTR9";
+            
+            // Generate signature
+            string signature = JwtSignatureGenerator.GenerateRS256Signature(header, payload, rsa);
+            
+            string publicKeyPem = rsa.ExportSubjectPublicKeyInfoPem();
+            string token = $"{header}.{payload}.{signature}";
+            
+            Console.WriteLine($"Signature: {signature}");
+            
+            // Or generate complete JWT
+            // string completeJwt = JwtSignatureGenerator.GenerateCompleteJwt(header, payload, rsa);
+            // Console.WriteLine($"Complete JWT: {completeJwt}");
+        }
+    }        
+}
+
+public static class JwtReader
+{
+
+    public static JsonWebToken Decode(string jwt)
+    {
+        // there should only be two, if not one of the base64 decode calls should fail.
+        int firstDot = jwt.IndexOf('.');
+        int secondDot = jwt.LastIndexOf('.');
+        return new JsonWebToken()
+        {
+            Header = JsonSerializer.Deserialize<JsonWebTokenHeader>(
+                Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(jwt, 0, firstDot))),
+            Payload = JsonSerializer.Deserialize<JsonWebTokenPayload>(
+                Encoding.UTF8.GetString(WebEncoders.Base64UrlDecode(jwt, firstDot + 1, secondDot - (firstDot + 1)))),
+            Signature = WebEncoders.Base64UrlDecode(jwt, secondDot + 1, jwt.Length - (secondDot + 1))
+        };
+    }
+}
+
+public static class RsaKeyLoader
+{
+    /// <summary>
+    /// Load RSA private key from PEM format (.NET 5+)
+    /// </summary>
+    public static RSA LoadFromPem(string pemKey)
+    {
+        var rsa = RSA.Create();
+        rsa.ImportFromPem(pemKey);
+        return rsa;
+    }
+    
+    /// <summary>
+    /// Load RSA private key from file
+    /// </summary>
+    public static RSA LoadFromPemFile(string filePath)
+    {
+        string pemContent = System.IO.File.ReadAllText(filePath);
+        return LoadFromPem(pemContent);
+    }
+    
+    /// <summary>
+    /// Load RSA private key from PKCS#8 format
+    /// </summary>
+    public static RSA LoadFromPkcs8(byte[] pkcs8Key)
+    {
+        var rsa = RSA.Create();
+        rsa.ImportPkcs8PrivateKey(pkcs8Key, out _);
+        return rsa;
+    }
+}