From 6b3eb03694bfac7d4d1d50dda83c98802d340033 Mon Sep 17 00:00:00 2001 From: rbellens Date: Sat, 28 Mar 2020 17:43:51 +0100 Subject: [PATCH] example jwt signing with rs512 algorithm --- example/jose_example.dart | 62 +++++++++++++++++++++++++++++++++++++++ example/jwtRS512.key | 51 ++++++++++++++++++++++++++++++++ example/jwtRS512.key.pub | 1 + pubspec.yaml | 1 + 4 files changed, 115 insertions(+) create mode 100644 example/jwtRS512.key create mode 100644 example/jwtRS512.key.pub diff --git a/example/jose_example.dart b/example/jose_example.dart index 6097fc9..9d4c24d 100644 --- a/example/jose_example.dart +++ b/example/jose_example.dart @@ -1,4 +1,9 @@ +import 'dart:convert'; +import 'dart:io'; + +import 'package:crypto_keys/crypto_keys.dart'; import 'package:jose/jose.dart'; +import 'package:x509/x509.dart'; void main() async { await example1(); @@ -7,6 +12,7 @@ void main() async { await example4(); await example5(); await example6(); + await example7(); } // decode and verify a JWS @@ -254,3 +260,59 @@ void example6() async { // output the compact serialization print('jwt compact serialization: ${jws.toCompactSerialization()}'); } + +// create a JWT, sign with RS512 +void example7() async { + var claims = JsonWebTokenClaims.fromJson({ + 'exp': Duration(hours: 4).inSeconds, + 'iss': 'alice', + }); + + // create a builder, decoding the JWT in a JWS, so using a + // JsonWebSignatureBuilder + var builder = JsonWebSignatureBuilder(); + + // set the content + builder.jsonContent = claims.toJson(); + + // add a key to sign, can only add one for JWT + var key = _readPrivateKeyFromFile('example/jwtRS512.key'); + builder.addRecipient(key, algorithm: 'RS512'); + + // build the jws + var jws = builder.build(); + + // output the compact serialization + print('jwt compact serialization: ${jws.toCompactSerialization()}'); +} + +JsonWebKey _readPrivateKeyFromFile(String path) { + var v = parsePem(File(path).readAsStringSync()).first; + var keyPair = (v is PrivateKeyInfo) ? v.keyPair : v as KeyPair; + var pKey = keyPair.privateKey as RsaPrivateKey; + print(pKey); + + String _bytesToBase64(List bytes) { + return base64Url.encode(bytes).replaceAll('=', ''); + } + + String _intToBase64(BigInt v) { + return _bytesToBase64(v + .toRadixString(16) + .replaceAllMapped(RegExp('[0-9a-f]{2}'), (m) => '${m.group(0)},') + .split(',') + .where((v) => v.isNotEmpty) + .map((v) => int.parse(v, radix: 16)) + .toList()); + } + + return JsonWebKey.fromJson({ + 'kty': 'RSA', + 'n': _intToBase64(pKey.modulus), + 'd': _intToBase64(pKey.privateExponent), + 'p': _intToBase64(pKey.firstPrimeFactor), + 'q': _intToBase64(pKey.secondPrimeFactor), + 'alg': 'RS512', + 'kid': 'some_id' + }); +} diff --git a/example/jwtRS512.key b/example/jwtRS512.key new file mode 100644 index 0000000..c9ef43c --- /dev/null +++ b/example/jwtRS512.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEArvhnCMdf0RaXU0FODFwf8s51hK9yMf9c3HP11fuwQxuXtdoY +BLxzZW7ViepldG6hyWRmOVn9O1oZ1WrXtNbUF+SdByswmCw6GAQ1vViDMkQZsRFi +Pc5Zve1FG0GyAsuTo6CJ2CsZVIuP+Gh2IeC2kPdIX1QboT85980X4PUgKOMvsxF1 +FIq08xZm4O8x3DvbnRp01/0gzSQQ4rRQ7PONruZqVTsqIZ8tbfNR7NJEYV4OkHWW +2RBw/385udOe08gVrpufnhvq1lBmPXcIcwYhmmCgUcDhrj1RkDLEjyaJUTcuxa9i +unSCWlzHX8Ei+1pKX8oMBiZW+7gM82bVC1h8HRCmrike5JVO1TbS8jbce8MfbWKI +d3xit9k0PO6xgB7+jTMxfXg2uqXExEECaChaSjO9gTgL2UMGtsgMnVWUScmgJbH8 +cUnzz4iKIlLleiKTvV2VdO22DnRZrkC1xt4NBNg8YIWbsY5LzYiZzgdGxlnuY9rR +Z1qalZ3Mn5urEADwdHRqT+HpYdUB6uuvdvYJEUkBWz/uWFba74aAaBBT1+HlHGxz +E4yo+RXZAXqfnCyGM06ENpWfdVjIzpFtmhk+bI/at09qhiLD26zatophp3snC2Cw +ZOPvbliO3RO7//c/NE34RPkciG43j9cid33vdspAlo8k7p6n7irMePatVQECAwEA +AQKCAgArMoCdljt9r4okr9bJDmWE2JwC6h3TYixW8PocnkriBonqB7IuWShUPozR +w+DQYg/nXLYwKptub8w4+GvQ5cjvLS3ney5AI4skKsXpvVSGsHF3WcdbYvqc/Vs2 +Y33DWudUWmotyFY0nVAqEAA6VPQ9zg88GdPId4ekOipPC7Wo4o4AM6soKyaJbVpw +5hz1NoH9w25ddM0IWIMitUnVdjvgllpiOH0qV9Yrcwsi4LapI0ONPrrDVF/RdGOY +ETsBJkDUHu/FZTcROkBDpIOdgkIBjyGFjY0qK1FbvGzyupzkRC9z9tz1E5arIITI +izJLw/rgs01Mp2KKOuJXpWerqWjai3pGF2O3dweDn0H2aHvRy5kxG8ZNmuYrlupN +1uKAu6oIBDj2v9rNrr+iEg6Rbv0Tyzvgukg2AvEkkvPnelUgzG2TLsLC2hHPWg+L ++n+YsEm69+eNIgCOpKTsZblcBEyyZTklhj9aYzhf5VLOb3G6CXicuETRwJRUCvxy +UFXMaxU2qSJb9zHHZUeVffH6BONByqaTeMY/ihYL0tA6dJz1Hy0JVV9yPyRG74PZ +z0xYVpyD7xc+sbqvYyiIC6IOV5YDUN8FeBCmcN9SZyDYZ/NVtUQm8rNu6OIeoaqp +yUhvFL9OTsbZV7u9Nxmt1zjqmjgL0FPyzPOvhCZXO0zKBliB0QKCAQEA3/Dqc2PB +8Nc58pjISZxonatDZDsbyWhp60jNu0VdNZAzS6iib5zev3lGOzdGXI572MNDa/ZA +dpFslQVGLWmdOVhHkXx+snhhflxVKGuVf1Ta0TmgrBdSkbpB+as9vMhPPSkHu0wF +79ldQcxA91CjLB029ccVdTqH8nUE2Du9g7LfxFRi/pOes8M02PHFM2SRD/4j+Ajz +mmX2UAT2FGVzGeQcSTRMqApLnHc+hIykKgpwUTbadhK2uyV1INF+qOymvgSx3F5f +Ey+9O0IECgm6T3GztZboNJh8yQwm9kjhnK+I984SXyXk6eIXIDW/AZkjxBibxyyS +WSmqhuBq8D4tVwKCAQEAyATJUPKoMzKk16nHCD0w1mxOHZNlbSy0oO5108nvbKWL +G1oaHmkqisJ19VQYZ6J/jo/7P1ElcCJj5ItB64b2NMrA4fDDvtY5xBK+xGY5MTnF +OFXtSzaNORS+ESe/Rzrba+7pqobY9Ko1lOu+Q8qyysrwQDbHhroKAms0CNwqafml +KzpcoUxKlMMAqmMxbiIFmoiX7pHI+qTaMCcP8ArYiG24pbuWPzVVYWo4oImz7aXv +O+gyhxEwUK5fxB3hMBOT92Rh3UZGTREPmHea4d/XxRbNdypsOZuOM6jBki5RmS22 +4qVar2akvN4YcHEG6ciXHbP8ifjLyZv0weuXP0pBZwKCAQEArsKLtFD9YL4VcsTY +SNnOqnyksuuN27eoMP030BVpkAtgfIK1gPSiwDocHMoeFsz6yUZYr0AVPnJukjzz +by0kjUPfViIZnZ1kOABGVKzgleXafbzDLolk3mTEZ9rC6zhG3ivO5NOHLo4qwNZt +PJOpQxvpcBRVIo7y2LuJdFXqp4RILCbOumzpRM/pxgOnKVwp+JkT6NTThoJbnkbA +41noYSQrDtXJnLmsGAbWuwomcsiCrl5oTgx8nb+1kE7s0VcdKNzxEFB1UbvHqR7z +mAHPa4AIBoYl4CW//AWHwltN9cDm2rvuimJAKmVONsy6qryftMCfkOevrfVeJrOr +wKBFMQKCAQEAwPZlJTPEcwgDoY9H1Tn7OJFp1vyQ1/9ODweeIoDo+17FUdDd68K3 +aQBrfg7wMGLDPkzHLXFidcinqB90q/0a3xlPdWmp3hybw/31jlG0ETpTeqLi9zGc +kpnhN3mp/dTZREpLoNjQy1C9unqnpo0RabTYjIqMePxXlbfIjlegj3ZpEsgN/woz +1Uo/BSIG2OH3l/r44A5C3xNU7ylwJbrA5PU9Mp5DN52DTiSEltPiAn2Xy6qZvFYn +z146Q2A0FAZ/NCbihu85+TVhX0zb3dbuOVRjSfhiSj04tbuzawxGakmA6yxszVRv +z0lQOIHCEp4Ss3QlSRH9v/U17jMTSdqgNwKCAQB3qZdt4L4UC6Ln6n5dAlMclALU +uISG6VjkpfVyq/Qoz/CyunDPuNhAwEtCCLhrOOv0VXgmB2A+YcdMusQbOM33Xlc8 ++0ny+J81JOLwDhGT/g0YwCCSraAdxU6dkTNyD25hFOUMr6rbQPmfV4SXh4K1zN6A +xD+4LmK8LO35zk6xKSMk3b118dEdimBA6H0Fyzf0hS3jNF8zjHZQY6d7KFWzm0UF +yX2sHW7cOoq5o8A1kUPAifi6qETeEP9v8I5q3a5oTQvMDqWxxbHLYHjmdcgt2cVY +UzhdQTPSu98tfRH2Bc1LIi/QsAqlY+vTPyLtP0xWzGjzeQmCcmu7Lla0wECV +-----END RSA PRIVATE KEY----- diff --git a/example/jwtRS512.key.pub b/example/jwtRS512.key.pub new file mode 100644 index 0000000..e718dae --- /dev/null +++ b/example/jwtRS512.key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCu+GcIx1/RFpdTQU4MXB/yznWEr3Ix/1zcc/XV+7BDG5e12hgEvHNlbtWJ6mV0bqHJZGY5Wf07WhnVate01tQX5J0HKzCYLDoYBDW9WIMyRBmxEWI9zlm97UUbQbICy5OjoInYKxlUi4/4aHYh4LaQ90hfVBuhPzn3zRfg9SAo4y+zEXUUirTzFmbg7zHcO9udGnTX/SDNJBDitFDs842u5mpVOyohny1t81Hs0kRhXg6QdZbZEHD/fzm5057TyBWum5+eG+rWUGY9dwhzBiGaYKBRwOGuPVGQMsSPJolRNy7Fr2K6dIJaXMdfwSL7WkpfygwGJlb7uAzzZtULWHwdEKauKR7klU7VNtLyNtx7wx9tYoh3fGK32TQ87rGAHv6NMzF9eDa6pcTEQQJoKFpKM72BOAvZQwa2yAydVZRJyaAlsfxxSfPPiIoiUuV6IpO9XZV07bYOdFmuQLXG3g0E2DxghZuxjkvNiJnOB0bGWe5j2tFnWpqVncyfm6sQAPB0dGpP4elh1QHq66929gkRSQFbP+5YVtrvhoBoEFPX4eUcbHMTjKj5FdkBep+cLIYzToQ2lZ91WMjOkW2aGT5sj9q3T2qGIsPbrNq2imGneycLYLBk4+9uWI7dE7v/9z80TfhE+RyIbjeP1yJ3fe92ykCWjyTunqfuKsx49q1VAQ== rbellens@madrid-2.local diff --git a/pubspec.yaml b/pubspec.yaml index 8792622..6f29fd6 100644 --- a/pubspec.yaml +++ b/pubspec.yaml @@ -15,4 +15,5 @@ dependencies: dev_dependencies: test: ^1.0.0 pedantic: ^1.9.0 + x509: ^0.1.0+1