Basic optimizations

Author: tpeczek

Lib.Net.Http.WebPush/Authentication/VapidAuthentication.cs

@@ -1,8 +1,7 @@
 using System;
 using System.Text;
-using System.Collections.Generic;
+using System.Globalization;
 using System.Security.Cryptography;
-using Newtonsoft.Json;
 using Org.BouncyCastle.Math;
 using Org.BouncyCastle.Crypto.Parameters;
 using Org.BouncyCastle.Crypto.Signers;
@@ -42,29 +41,29 @@ internal WebPushSchemeHeadersValues(string authenticationHeaderValueParameter, s
 
         #region Fields
         private const string URI_SCHEME_HTTPS = "https";
-        private const string AUDIENCE_CLAIM = "aud";
-        private const string EXPIRATION_CLAIM = "exp";
-        private const string SUBJECT_CLAIM = "sub";
-        private const char JWT_SEPARATOR = '.';
-
-        private const string P256ECDSA_PREFIX = "p256ecdsa=";
-        private const string VAPID_AUTHENTICATION_HEADER_VALUE_PARAMETER_FORMAT = "t={0}, k={1}";
 
         private const int DEFAULT_EXPIRATION = 43200;
         private const int MAXIMUM_EXPIRATION = 86400;
 
+        private const string JWT_HEADER = "{\"typ\":\"JWT\",\"alg\":\"ES256\"}";
+        private const string JWT_SEPARATOR = ".";
+        private const string JWT_BODY_AUDIENCE_PART = "{\"aud\":\"";
+        private const string JWT_BODY_EXPIRATION_PART = "\",\"exp\":";
+        private const string JWT_BODY_SUBJECT_PART = ",\"sub\":\"";
+        private const string JWT_BODY_WITH_SUBJECT_CLOSING = "\"}";
+        private const string JWT_BODY_WITHOUT_SUBJECT_CLOSING = "}";
+
+        private const string P256ECDSA_PREFIX = "p256ecdsa=";
+        private const string VAPID_AUTHENTICATION_HEADER_VALUE_PARAMETER_FORMAT = "t={0}, k={1}";
+
         private string _subject;
         private string _publicKey;
         private string _privateKey;
         private ECPrivateKeyParameters _privateSigningKey;
         private int _expiration;
 
         private static readonly DateTime _unixEpoch = new DateTime(1970, 1, 1, 0, 0, 0);
-        private static readonly Dictionary<string, string> _jwtHeader = new Dictionary<string, string>
-        {
-            { "typ", "JWT" },
-            { "alg", "ES256" }
-        };
+        private static readonly string _jwtHeaderSegment = UrlBase64Converter.ToUrlBase64String(Encoding.UTF8.GetBytes(JWT_HEADER));
         #endregion
 
         #region Properties
@@ -212,25 +211,28 @@ private string GetToken(string audience)
                 throw new ArgumentException(nameof(audience), "Audience should be an absolute URL");
             }
 
-            Dictionary<string, object> jwtBody = GetJwtBody(audience);
+            string jwtBodySegment = GetJwtBodySegment(audience);
 
-            return GenerateJwtToken(_jwtHeader, jwtBody);
+            return GenerateJwtToken(jwtBodySegment);
         }
 
-        private Dictionary<string, object> GetJwtBody(string audience)
+        private string GetJwtBodySegment(string audience)
         {
-            Dictionary<string, object> jwtBody = new Dictionary<string, object>
-            {
-                { AUDIENCE_CLAIM, audience },
-                { EXPIRATION_CLAIM, GetAbsoluteExpiration(_expiration) }
-            };
+            StringBuilder jwtBodyBuilder = new StringBuilder();
+
+            jwtBodyBuilder.Append(JWT_BODY_AUDIENCE_PART).Append(audience)
+                .Append(JWT_BODY_EXPIRATION_PART).Append(GetAbsoluteExpiration(_expiration).ToString(CultureInfo.InvariantCulture));
 
             if (_subject != null)
             {
-                jwtBody.Add(SUBJECT_CLAIM, _subject);
+                jwtBodyBuilder.Append(JWT_BODY_SUBJECT_PART).Append(_subject).Append(JWT_BODY_WITH_SUBJECT_CLOSING);
+            }
+            else
+            {
+                jwtBodyBuilder.Append(JWT_BODY_WITHOUT_SUBJECT_CLOSING);
             }
 
-            return jwtBody;
+            return UrlBase64Converter.ToUrlBase64String(Encoding.UTF8.GetBytes(jwtBodyBuilder.ToString()));
         }
 
         private static long GetAbsoluteExpiration(int expirationSeconds)
@@ -240,11 +242,9 @@ private static long GetAbsoluteExpiration(int expirationSeconds)
             return (long)unixEpochOffset.TotalSeconds + expirationSeconds;
         }
 
-        private string GenerateJwtToken(Dictionary<string, string> jwtHeader, Dictionary<string, object> jwtBody)
+        private string GenerateJwtToken(string jwtBodySegment)
         {
-            string jwtInput = UrlBase64Converter.ToUrlBase64String(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(jwtHeader)))
-                + JWT_SEPARATOR
-                + UrlBase64Converter.ToUrlBase64String(Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(jwtBody)));
+            string jwtInput = _jwtHeaderSegment + JWT_SEPARATOR + jwtBodySegment;
 
             byte[] jwtInputHash;
             using (var sha256Hasher = SHA256.Create())

Lib.Net.Http.WebPush/Internals/ECKeyHelper.cs

@@ -12,17 +12,28 @@ namespace Lib.Net.Http.WebPush.Internals
 {
     internal static class ECKeyHelper
     {
+        private const string PRIVATE_DER_IDENTIFIER = "1.2.840.10045.3.1.7";
+        private const string PRIVATE_PEM_KEY_PREFIX = "-----BEGIN EC PRIVATE KEY-----\n";
+        private const string PRIVATE_PEM_KEY_SUFFIX = "\n-----END EC PRIVATE KEY----";
+
+        private const string PUBLIC_DER_IDENTIFIER = "1.2.840.10045.2.1";
+        private const string PUBLIC_PEM_KEY_PREFIX = "-----BEGIN PUBLIC KEY-----\n";
+        private const string PUBLIC_PEM_KEY_SUFFIX = "\n-----END PUBLIC KEY-----";
+
+        private const string P256_CURVE_NAME = "P-256";
+        private const string ECDH_ALGORITHM_NAME = "ECDH";
+
         internal static ECPrivateKeyParameters GetECPrivateKeyParameters(byte[] privateKey)
         {
             Asn1Object derSequence = new DerSequence(
                 new DerInteger(1),
                 new DerOctetString(privateKey),
-                new DerTaggedObject(0, new DerObjectIdentifier("1.2.840.10045.3.1.7"))
+                new DerTaggedObject(0, new DerObjectIdentifier(PRIVATE_DER_IDENTIFIER))
             );
 
-            string pemKey = "-----BEGIN EC PRIVATE KEY-----\n"
+            string pemKey = PRIVATE_PEM_KEY_PREFIX
                 + Convert.ToBase64String(derSequence.GetDerEncoded())
-                + "\n-----END EC PRIVATE KEY----";
+                + PRIVATE_PEM_KEY_SUFFIX;
 
             PemReader pemKeyReader = new PemReader(new StringReader(pemKey));
             AsymmetricCipherKeyPair keyPair = (AsymmetricCipherKeyPair)pemKeyReader.ReadObject();
@@ -33,24 +44,24 @@ internal static ECPrivateKeyParameters GetECPrivateKeyParameters(byte[] privateK
         internal static ECPublicKeyParameters GetECPublicKeyParameters(byte[] publicKey)
         {
             Asn1Object derSequence = new DerSequence(
-                new DerSequence(new DerObjectIdentifier(@"1.2.840.10045.2.1"), new DerObjectIdentifier(@"1.2.840.10045.3.1.7")),
+                new DerSequence(new DerObjectIdentifier(PUBLIC_DER_IDENTIFIER), new DerObjectIdentifier(PRIVATE_DER_IDENTIFIER)),
                 new DerBitString(publicKey)
             );
 
-            string pemKey = "-----BEGIN PUBLIC KEY-----\n"
+            string pemKey = PUBLIC_PEM_KEY_PREFIX
                 + Convert.ToBase64String(derSequence.GetDerEncoded())
-                + "\n-----END PUBLIC KEY-----";
+                + PUBLIC_PEM_KEY_SUFFIX;
 
             PemReader pemKeyReader = new PemReader(new StringReader(pemKey));
             return (ECPublicKeyParameters)pemKeyReader.ReadObject();
         }
 
         internal static AsymmetricCipherKeyPair GenerateAsymmetricCipherKeyPair()
         {
-            X9ECParameters ecParameters = NistNamedCurves.GetByName("P-256");
+            X9ECParameters ecParameters = NistNamedCurves.GetByName(P256_CURVE_NAME);
             ECDomainParameters ecDomainParameters = new ECDomainParameters(ecParameters.Curve, ecParameters.G, ecParameters.N, ecParameters.H, ecParameters.GetSeed());
 
-            IAsymmetricCipherKeyPairGenerator keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator("ECDH");
+            IAsymmetricCipherKeyPairGenerator keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator(ECDH_ALGORITHM_NAME);
             keyPairGenerator.Init(new ECKeyGenerationParameters(ecDomainParameters, new SecureRandom()));
 
             return keyPairGenerator.GenerateKeyPair();

Lib.Net.Http.WebPush/Lib.Net.Http.WebPush.csproj

@@ -22,7 +22,6 @@
     <LangVersion>latest</LangVersion>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="Newtonsoft.Json" Version="10.0.1" />
     <PackageReference Include="Lib.Net.Http.EncryptedContentEncoding" Version="1.1.0" />
   </ItemGroup>
   <ItemGroup Condition=" '$(TargetFramework)' == 'net451' ">