public static void Sign(object obj)
{
string payloadB64U = Base64UrlConverter.Encode(CanonicalizeObject(obj));
// Create and initialize an empty signature object
JWSHeader jwsHeader = new JWSHeader
{
Algorithm = ALGORITHM,
KeyId = KEY_ID
};
string jwsHeaderB64U = Base64UrlConverter.Encode(
new UTF8Encoding(false, true).GetBytes(JsonConvert.SerializeObject(jwsHeader)));
string jwsString = jwsHeaderB64U + ".." + Base64UrlConverter.Encode(
HmacObject(new UTF8Encoding(false, true).GetBytes(jwsHeaderB64U + "." + payloadB64U)));
if (obj is List <object> )
{
// We are signing an array, append signature
((List <object>)obj).Add(jwsString);
}
else
{
// We are signing an object, assign signature to it
GetSignatureProperty(obj).SetValue(obj, jwsString);
}
}
public static bool Verify(object obj)
{
string jwsString;
if (obj is List <object> )
{
// We are verifying a signed array, fetch the last element containing a JWS string
jwsString = ((String)((List <object>)obj).Last());
// After that the last element is removed
((List <object>)obj).Remove(((List <object>)obj).Last());
}
else
{
// We are verifying a signed object, get the JWS string
jwsString = (String)GetSignatureProperty(obj).GetValue(obj);
// After that set this element to
GetSignatureProperty(obj).SetValue(obj, null);
}
// Canonicalize the object - Payload to be signed
string payloadB64U = Base64UrlConverter.Encode(CanonicalizeObject(obj));
// Header - To be signed
string jwsHeaderB64U = jwsString.Substring(0, jwsString.IndexOf('.'));
JWSHeader jwsHeader = JsonConvert.DeserializeObject <JWSHeader>(
new UTF8Encoding(false, true).GetString(Base64UrlConverter.Decode(jwsHeaderB64U)),
new JsonSerializerSettings
{
MissingMemberHandling = MissingMemberHandling.Error, // Reject undeclared properties
});
// Verify correctness of container
if (!jwsHeader.Algorithm.Equals(ALGORITHM) || !jwsHeader.KeyId.Equals(KEY_ID))
{
throw new CryptographicException("Unexpected JWS header arguments: " +
JsonConvert.SerializeObject(jwsHeader));
}
// Fetch signature value
byte[] signatureValue = Base64UrlConverter.Decode(jwsString.Substring(jwsString.LastIndexOf('.') + 1));
// Data to be signed
byte[] dataToBeSigned = new UTF8Encoding(false, true).GetBytes((jwsHeaderB64U + "." + payloadB64U));
// Verify signature value
return(signatureValue.SequenceEqual(HmacObject(dataToBeSigned)));
}
