public void When_Trying_To_Check_The_Signature_With_A_Not_Supported_Algorithm_Then_False_Is_Returned()
{
// ARRANGE
InitializeFakeObjects();
// ACT
var result = _createJwsSignature.VerifyWithRsa(JwsAlg.ES512, string.Empty, string.Empty, new byte[0]);
// ASSERT
Assert.False(result);
}
/// <summary>
/// Validate the signature and returns the JWSPayLoad.
/// </summary>
/// <param name="jws"></param>
/// <param name="jsonWebKey"></param>
/// <returns></returns>
public JwsPayload ValidateSignature(string jws, JsonWebKey jsonWebKey)
{
if (string.IsNullOrWhiteSpace(jws))
{
throw new ArgumentNullException(nameof(jws));
}
if (jsonWebKey == null)
{
throw new ArgumentNullException(nameof(jsonWebKey));
}
var parts = GetParts(jws);
if (!parts.Any())
{
return(null);
}
var base64EncodedProtectedHeader = parts[0];
var base64EncodedSerialized = parts[1];
var combinedProtectedHeaderAndPayLoad = string.Format("{0}.{1}", base64EncodedProtectedHeader,
base64EncodedSerialized);
var serializedProtectedHeader = base64EncodedProtectedHeader.Base64Decode();
var serializedPayload = base64EncodedSerialized.Base64Decode();
var signature = parts[2].Base64DecodeBytes();
var protectedHeader = JsonConvert.DeserializeObject <JwsProtectedHeader>(serializedProtectedHeader);
JwsAlg jwsAlg;
if (!Enum.TryParse(protectedHeader.Alg, out jwsAlg))
{
return(null);
}
var signatureIsCorrect = false;
switch (jsonWebKey.Kty)
{
case KeyType.RSA:
// To validate we need the parameters : modulus & exponent.
signatureIsCorrect = _createJwsSignature.VerifyWithRsa(
jwsAlg,
jsonWebKey.SerializedKey,
combinedProtectedHeaderAndPayLoad,
signature);
break;
#if NET46 || NET45
case KeyType.EC:
signatureIsCorrect = _createJwsSignature.VerifyWithEllipticCurve(
jsonWebKey.SerializedKey,
combinedProtectedHeaderAndPayLoad,
signature);
break;
#endif
}
if (!signatureIsCorrect)
{
return(null);
}
return(JsonConvert.DeserializeObject <JwsPayload>(serializedPayload));
}