public bool IsSupportedAlgorithm(string algorithm, params object[] args)
{
JwtAlg intendedAlg = algorithm;
//currently only support signing, these are the expected args
if (args.Length > 2 ||
args.Length < 1 ||
!(args[0] is KeySetKey key))
{
return(false);
}
var shouldSign = false;
if (args.Length == 2)
{
if (!(args[1] is bool ss))
{
return(false);
}
shouldSign = ss;
}
var isSymm = key.KeySet.Metadata.Kind == KeyKind.Symmetric;
var isPrivate = key.KeySet.Metadata.Kind == KeyKind.Private;
var isPublic = key.KeySet.Metadata.Kind == KeyKind.Public;
var isSign = key.KeySet.Metadata.Purpose == KeyPurpose.SignAndVerify;
var isVerify = key.KeySet.Metadata.Purpose == KeyPurpose.Verify;
if (!isSign && !isVerify)
{
return(false); //Right now only support signing algorithms
}
// ReSharper disable once ConditionIsAlwaysTrueOrFalse -- code may have other options in future
if (isSymm && (isSign || isVerify))
{
return(Jwt.IsValidAlg(intendedAlg, key.KeySet.GetPrimaryKey()));
}
else if (shouldSign && isPrivate && isSign)
{
return(Jwt.IsValidAlg(intendedAlg, key.KeySet.GetPrimaryKey()));
}
else if (!shouldSign && (isSign || isVerify) && (isPrivate || isPublic))
{
return(key.KeySet.Metadata.Versions.Select(it => key.KeySet.GetKey(it.VersionNumber))
.Any(it => Jwt.AlgForKey(it) == intendedAlg));
}
return(false);
}
public override byte[] Sign(byte[] input)
{
if (!_signing)
{
throw new InvalidOperationException();
}
JwtAlg chosenAlg = Algorithm;
if (!Jwt.IsValidAlg(chosenAlg, _keySet.GetPrimaryKey()))
{
throw new InvalidKeyTypeException("Key doesn't match chosen algorithm");
}
using (var vanillaSigner = new VanillaSigner(_keySet))
{
var sig = vanillaSigner.Sign(input);
return(sig);
}
}
