public async Task <Tuple <byte[], string> > SignAsync(string hex)
{
this.EnsureUsable();
if (this.NotAfter < DateTime.UtcNow)
{
throw new EncryptionException($"Operation is not allowed on expired key; Key '{this.Actor}/{this.KeyId}'.");
}
var crypto = this.GetRSACryptoServiceProvider();
var signer = new Signing.Signer(crypto);
var algorithm = BasicHasher.GetNormalAlgorithm(hex);
return(await Task.FromResult(signer.SignHash(hex, algorithm)));
}
public async Task <bool> VerifyAsync(string hex, string signature, CancellationToken token)
{
this.EnsureNotDisposed();
string algorithm = BasicHasher.GetNormalAlgorithm(hex);
var verifier = new Signing.Verifier(_rsa);
var res = await Task.FromResult(verifier.VerifyHash(hex, signature, algorithm));
if (!res)
{
// legacy code used a double digest hash, so hash once more and check
var hashHexLegacy = BasicHasher.GetHash(hex, algorithm);
res = await Task.FromResult(verifier.VerifyHash(hashHexLegacy, signature, algorithm));
return(res);
}
return(res);
}