public void When_Passing_Empty_String_To_The_Method_Check_EC_Signature_Then_Exception_Is_Thrown() { // ARRANGE InitializeFakeObjects(); // ACTS & ASSERTS Assert.Throws <ArgumentNullException>(() => _createJwsSignature.VerifyWithEllipticCurve(null, null, null)); Assert.Throws <ArgumentNullException>(() => _createJwsSignature.VerifyWithEllipticCurve("serialized", null, null)); Assert.Throws <ArgumentNullException>(() => _createJwsSignature.VerifyWithEllipticCurve("serialized", "message", null)); }
/// <summary> /// Validate the signature and returns the JWSPayLoad. /// </summary> /// <param name="jws"></param> /// <param name="jsonWebKey"></param> /// <returns></returns> public JwsPayload ValidateSignature(string jws, JsonWebKey jsonWebKey) { if (string.IsNullOrWhiteSpace(jws)) { throw new ArgumentNullException(nameof(jws)); } if (jsonWebKey == null) { throw new ArgumentNullException(nameof(jsonWebKey)); } var parts = GetParts(jws); if (!parts.Any()) { return(null); } var base64EncodedProtectedHeader = parts[0]; var base64EncodedSerialized = parts[1]; var combinedProtectedHeaderAndPayLoad = string.Format("{0}.{1}", base64EncodedProtectedHeader, base64EncodedSerialized); var serializedProtectedHeader = base64EncodedProtectedHeader.Base64Decode(); var serializedPayload = base64EncodedSerialized.Base64Decode(); var signature = parts[2].Base64DecodeBytes(); var protectedHeader = JsonConvert.DeserializeObject <JwsProtectedHeader>(serializedProtectedHeader); JwsAlg jwsAlg; if (!Enum.TryParse(protectedHeader.Alg, out jwsAlg)) { return(null); } var signatureIsCorrect = false; switch (jsonWebKey.Kty) { case KeyType.RSA: // To validate we need the parameters : modulus & exponent. signatureIsCorrect = _createJwsSignature.VerifyWithRsa( jwsAlg, jsonWebKey.SerializedKey, combinedProtectedHeaderAndPayLoad, signature); break; #if NET46 || NET45 case KeyType.EC: signatureIsCorrect = _createJwsSignature.VerifyWithEllipticCurve( jsonWebKey.SerializedKey, combinedProtectedHeaderAndPayLoad, signature); break; #endif } if (!signatureIsCorrect) { return(null); } return(JsonConvert.DeserializeObject <JwsPayload>(serializedPayload)); }