(refactor): use anonymous obj for thumbpring json

2025-12-30 19:50:07 +01:00 · 2025-11-12 23:39:16 +01:00 · 2025-11-12 23:39:16 +01:00 · 0bbb412e97
commit 0bbb412e97
parent e5f400749e
2 changed files with 17 additions and 5 deletions
--- a/src/LetsEncrypt/Entities/LetsEncrypt/State.cs
+++ b/src/LetsEncrypt/Entities/LetsEncrypt/State.cs
@ -1,5 +1,7 @@
-using MaksIT.LetsEncrypt.Models.Responses;
+using MaksIT.Core.Security.JWK;
+using MaksIT.LetsEncrypt.Models.Responses;
 using MaksIT.LetsEncrypt.Services;
+using System.Security.Cryptography;


 namespace MaksIT.LetsEncrypt.Entities.LetsEncrypt;
@ -12,4 +14,9 @@ public class State {
  public List<AuthorizationChallengeChallenge> Challenges { get; } = new List<AuthorizationChallengeChallenge>();
  public string? Nonce { get; set; }
  public RegistrationCache? Cache { get; set; }
+
+
+
+  public Jwk? Jwk;
+  private RSA? RSA;
 }
--- a/src/LetsEncrypt/Services/JwsService.cs
+++ b/src/LetsEncrypt/Services/JwsService.cs
@ -26,12 +26,12 @@ public class JwsService : IJwsService {
  private RSA _rsa;

  public JwsService(RSA rsa) {
-    _rsa = rsa ?? throw new ArgumentNullException(nameof(rsa));
+    _rsa = rsa;

    var publicParameters = rsa.ExportParameters(false);

-    var exp = publicParameters.Exponent ?? throw new ArgumentNullException(nameof(publicParameters.Exponent));
-    var mod = publicParameters.Modulus ?? throw new ArgumentNullException(nameof(publicParameters.Modulus));
+    var exp = publicParameters.Exponent;
+    var mod = publicParameters.Modulus;

    _jwk = new Jwk() {
      KeyType = JwkKeyType.Rsa.Name,
@ -80,6 +80,11 @@ public class JwsService : IJwsService {
  public string GetKeyAuthorization(string token) =>
    $"{token}.{GetSha256Thumbprint()}";

+
+  /// <summary>
+  /// For thumbprint calculation, always build the JSON string manually or use an anonymous object with the correct property order
+  /// </summary>
+  /// <returns></returns>
  private string GetSha256Thumbprint() {

    var thumbprint = new {
@ -88,7 +93,7 @@ public class JwsService : IJwsService {
      n = _jwk.RsaModulus
    };

-    var json = "{\"e\":\"" + _jwk.RsaExponent + "\",\"kty\":\"RSA\",\"n\":\"" + _jwk.RsaModulus + "\"}";
+    var json = thumbprint.ToJson();
    return Base64UrlUtility.Encode(SHA256.HashData(Encoding.UTF8.GetBytes(json)));
  }
 }