public bool IsSupportedAlgorithm(string algorithm, params object[] args) { JwtAlg intendedAlg = algorithm; //currently only support signing, these are the expected args if (args.Length > 2 || args.Length < 1 || !(args[0] is KeySetKey key)) { return(false); } var shouldSign = false; if (args.Length == 2) { if (!(args[1] is bool ss)) { return(false); } shouldSign = ss; } var isSymm = key.KeySet.Metadata.Kind == KeyKind.Symmetric; var isPrivate = key.KeySet.Metadata.Kind == KeyKind.Private; var isPublic = key.KeySet.Metadata.Kind == KeyKind.Public; var isSign = key.KeySet.Metadata.Purpose == KeyPurpose.SignAndVerify; var isVerify = key.KeySet.Metadata.Purpose == KeyPurpose.Verify; if (!isSign && !isVerify) { return(false); //Right now only support signing algorithms } // ReSharper disable once ConditionIsAlwaysTrueOrFalse -- code may have other options in future if (isSymm && (isSign || isVerify)) { return(Jwt.IsValidAlg(intendedAlg, key.KeySet.GetPrimaryKey())); } else if (shouldSign && isPrivate && isSign) { return(Jwt.IsValidAlg(intendedAlg, key.KeySet.GetPrimaryKey())); } else if (!shouldSign && (isSign || isVerify) && (isPrivate || isPublic)) { return(key.KeySet.Metadata.Versions.Select(it => key.KeySet.GetKey(it.VersionNumber)) .Any(it => Jwt.AlgForKey(it) == intendedAlg)); } return(false); }
public override byte[] Sign(byte[] input) { if (!_signing) { throw new InvalidOperationException(); } JwtAlg chosenAlg = Algorithm; if (!Jwt.IsValidAlg(chosenAlg, _keySet.GetPrimaryKey())) { throw new InvalidKeyTypeException("Key doesn't match chosen algorithm"); } using (var vanillaSigner = new VanillaSigner(_keySet)) { var sig = vanillaSigner.Sign(input); return(sig); } }