diff options
author | vman <public@vaughnnugent.com> | 2022-12-09 13:55:05 -0500 |
---|---|---|
committer | vman <public@vaughnnugent.com> | 2022-12-09 13:55:05 -0500 |
commit | e7c24d79f65ebec8d2605dad3d23e8eeea260843 (patch) | |
tree | db7da6183085738c6d0c95152335ef6042f663b8 /VNLib.Data.Caching.Extensions/ListServerRequest.cs | |
parent | 8a306b5c1ccc9220f788ed055ba4859381412fbd (diff) |
Negotiation + key signing updates
Diffstat (limited to 'VNLib.Data.Caching.Extensions/ListServerRequest.cs')
-rw-r--r-- | VNLib.Data.Caching.Extensions/ListServerRequest.cs | 116 |
1 files changed, 116 insertions, 0 deletions
diff --git a/VNLib.Data.Caching.Extensions/ListServerRequest.cs b/VNLib.Data.Caching.Extensions/ListServerRequest.cs new file mode 100644 index 0000000..4d0d0ea --- /dev/null +++ b/VNLib.Data.Caching.Extensions/ListServerRequest.cs @@ -0,0 +1,116 @@ +/* +* Copyright (c) 2022 Vaughn Nugent +* +* Library: VNLib +* Package: VNLib.Data.Caching.Extensions +* File: ListServerRequest.cs +* +* ListServerRequest.cs is part of VNLib.Data.Caching.Extensions which is part of the larger +* VNLib collection of libraries and utilities. +* +* VNLib.Data.Caching.Extensions is free software: you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published +* by the Free Software Foundation, either version 2 of the License, +* or (at your option) any later version. +* +* VNLib.Data.Caching.Extensions is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with VNLib.Data.Caching.Extensions. If not, see http://www.gnu.org/licenses/. +*/ + +using System.Security.Cryptography; +using System.Security.Cryptography.X509Certificates; + +using VNLib.Utils; +using VNLib.Hashing.IdentityUtility; + +namespace VNLib.Data.Caching.Extensions +{ + /// <summary> + /// A request container for a ListServer request + /// </summary> + public sealed class ListServerRequest : VnDisposeable + { + private readonly bool _ownsKeys; + + private ReadOnlyJsonWebKey? VerificationKey; + private ReadOnlyJsonWebKey? SigningAlg; + + /// <summary> + /// The address of the broker server to connect to + /// </summary> + public Uri BrokerAddress { get; } + + public ListServerRequest(Uri brokerAddress) + { + BrokerAddress = brokerAddress; + _ownsKeys = true; + } + + private ListServerRequest(ClientCacheConfiguration conf) + { + //Broker verification key is required + VerificationKey = conf.BrokerVerificationKey; + SigningAlg = conf.SigningKey; + BrokerAddress = conf.BrokerAddress ?? throw new ArgumentException("Broker address must be specified"); + _ownsKeys = false; + } + + internal static ListServerRequest FromConfig(ClientCacheConfiguration conf) => new (conf); + + /// <summary> + /// Sets the public key used to verify the signature of the response. + /// </summary> + /// <param name="jwk">The key used to verify messages </param> + public ListServerRequest WithVerificationKey(ReadOnlyJsonWebKey jwk) + { + VerificationKey = jwk ?? throw new ArgumentNullException(nameof(jwk)); + return this; + } + /// <summary> + /// Sets the private key used to sign the request. + /// </summary> + /// <param name="jwk">The <see cref="ReadOnlyJsonWebKey"/> containing the private key used to sign the message</param> + /// <exception cref="ArgumentNullException"></exception> + public ListServerRequest WithSigningKey(ReadOnlyJsonWebKey jwk) + { + SigningAlg = jwk ?? throw new ArgumentNullException(nameof(jwk)); + return this; + } + + /// <summary> + /// Signs the <see cref="JsonWebToken"/> using the private key. + /// </summary> + /// <param name="jwt">The message to sign</param> + internal void SignJwt(JsonWebToken jwt) + { + jwt.SignFromJwk(SigningAlg); + } + + /// <summary> + /// Verifies the signature of the <see cref="JsonWebToken"/> + /// </summary> + /// <param name="jwt"></param> + /// <returns>A value that indicates if the signature is verified</returns> + internal bool VerifyJwt(JsonWebToken jwt) + { + return jwt.VerifyFromJwk(VerificationKey); + } + + internal IReadOnlyDictionary<string, string?> JwtHeader => SigningAlg!.JwtHeader; + + ///<inheritdoc/> + protected override void Free() + { + if (_ownsKeys) + { + VerificationKey?.Dispose(); + SigningAlg?.Dispose(); + } + } + } +} |