private async Task VerifySignatureAsync( string[] segments, string keyId, CancellationToken cancellationToken) { byte[] hash; using (var hashAlg = SHA256.Create()) { hash = hashAlg.ComputeHash( Encoding.ASCII.GetBytes($"{segments[0]}.{segments[1]}")); } var signature = JwtUtils.Base64DecodeToBytes(segments[2]); var keys = await this.keySource.GetPublicKeysAsync(cancellationToken) .ConfigureAwait(false); var verified = keys.Any(key => #if NETSTANDARD1_5 || NETSTANDARD2_0 key.Id == keyId && key.RSA.VerifyHash( hash, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1) #elif NET45 key.Id == keyId && ((RSACryptoServiceProvider)key.RSA).VerifyHash(hash, Sha256Oid, signature) #else #error Unsupported target #endif ); if (!verified) { throw this.CreateException($"Failed to verify {this.shortName} signature."); } }
private async Task VerifySignatureAsync( string[] segments, string keyId, CancellationToken cancellationToken) { if (this.IsEmulatorMode) { cancellationToken.ThrowIfCancellationRequested(); return; } byte[] hash; using (var hashAlg = SHA256.Create()) { hash = hashAlg.ComputeHash( Encoding.ASCII.GetBytes($"{segments[0]}.{segments[1]}")); } var signature = JwtUtils.Base64DecodeToBytes(segments[2]); var keys = await this.keySource.GetPublicKeysAsync(cancellationToken) .ConfigureAwait(false); var verified = keys.Any(key => key.Id == keyId && key.RSA.VerifyHash( hash, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1) ); if (!verified) { throw this.CreateException($"Failed to verify {this.shortName} signature."); } }