From e7c24d79f65ebec8d2605dad3d23e8eeea260843 Mon Sep 17 00:00:00 2001 From: vman Date: Fri, 9 Dec 2022 13:55:05 -0500 Subject: Negotiation + key signing updates --- VNLib.Data.Caching.Extensions/ListServerRequest.cs | 116 +++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 VNLib.Data.Caching.Extensions/ListServerRequest.cs (limited to 'VNLib.Data.Caching.Extensions/ListServerRequest.cs') diff --git a/VNLib.Data.Caching.Extensions/ListServerRequest.cs b/VNLib.Data.Caching.Extensions/ListServerRequest.cs new file mode 100644 index 0000000..4d0d0ea --- /dev/null +++ b/VNLib.Data.Caching.Extensions/ListServerRequest.cs @@ -0,0 +1,116 @@ +/* +* Copyright (c) 2022 Vaughn Nugent +* +* Library: VNLib +* Package: VNLib.Data.Caching.Extensions +* File: ListServerRequest.cs +* +* ListServerRequest.cs is part of VNLib.Data.Caching.Extensions which is part of the larger +* VNLib collection of libraries and utilities. +* +* VNLib.Data.Caching.Extensions is free software: you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published +* by the Free Software Foundation, either version 2 of the License, +* or (at your option) any later version. +* +* VNLib.Data.Caching.Extensions is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with VNLib.Data.Caching.Extensions. If not, see http://www.gnu.org/licenses/. +*/ + +using System.Security.Cryptography; +using System.Security.Cryptography.X509Certificates; + +using VNLib.Utils; +using VNLib.Hashing.IdentityUtility; + +namespace VNLib.Data.Caching.Extensions +{ + /// + /// A request container for a ListServer request + /// + public sealed class ListServerRequest : VnDisposeable + { + private readonly bool _ownsKeys; + + private ReadOnlyJsonWebKey? VerificationKey; + private ReadOnlyJsonWebKey? SigningAlg; + + /// + /// The address of the broker server to connect to + /// + public Uri BrokerAddress { get; } + + public ListServerRequest(Uri brokerAddress) + { + BrokerAddress = brokerAddress; + _ownsKeys = true; + } + + private ListServerRequest(ClientCacheConfiguration conf) + { + //Broker verification key is required + VerificationKey = conf.BrokerVerificationKey; + SigningAlg = conf.SigningKey; + BrokerAddress = conf.BrokerAddress ?? throw new ArgumentException("Broker address must be specified"); + _ownsKeys = false; + } + + internal static ListServerRequest FromConfig(ClientCacheConfiguration conf) => new (conf); + + /// + /// Sets the public key used to verify the signature of the response. + /// + /// The key used to verify messages + public ListServerRequest WithVerificationKey(ReadOnlyJsonWebKey jwk) + { + VerificationKey = jwk ?? throw new ArgumentNullException(nameof(jwk)); + return this; + } + /// + /// Sets the private key used to sign the request. + /// + /// The containing the private key used to sign the message + /// + public ListServerRequest WithSigningKey(ReadOnlyJsonWebKey jwk) + { + SigningAlg = jwk ?? throw new ArgumentNullException(nameof(jwk)); + return this; + } + + /// + /// Signs the using the private key. + /// + /// The message to sign + internal void SignJwt(JsonWebToken jwt) + { + jwt.SignFromJwk(SigningAlg); + } + + /// + /// Verifies the signature of the + /// + /// + /// A value that indicates if the signature is verified + internal bool VerifyJwt(JsonWebToken jwt) + { + return jwt.VerifyFromJwk(VerificationKey); + } + + internal IReadOnlyDictionary JwtHeader => SigningAlg!.JwtHeader; + + /// + protected override void Free() + { + if (_ownsKeys) + { + VerificationKey?.Dispose(); + SigningAlg?.Dispose(); + } + } + } +} -- cgit