public static T FromEncryptedString <T>(string b64MessageToDecrypt, List <X509Certificate2> issuerEncryptionCerts, IJweCryptoPolicy cryptoPolicy)
{
var parts = b64MessageToDecrypt.SplitInToSections();
var jwsHeader = JwsHeader.CreateJweHeaderFromEncryptedHeader(parts[0]);
var verifiedPayload = JWT.Decode(
b64MessageToDecrypt, jwsHeader.SigningPublicCert.GetRSAPublicKey());
var message = new JweMessage
{
CryptoPolicy = cryptoPolicy,
EncryptedMessage = b64MessageToDecrypt,
Header = jwsHeader,
Payload = JweEncryptedPayload.CreateFromEncryptedPayload(verifiedPayload, issuerEncryptionCerts),
Signature = new JweSignature(parts[2])
};
if (!message.IsSignatureValidAndTrusted())
{
throw new Rsa3dSecureException(RsaErrorCodes.VerifySignatureFailed, "Message Signature is not valid.");
}
return(message.GetDecryptedJsonObjectAs <T>());
}
public static JweMessage FromEncryptedString(string b64MessageToDecrypt, List <X509Certificate2> issuerEncryptionCerts, IJweCryptoPolicy cryptoPolicy)
{
var parts = b64MessageToDecrypt.SplitInToSections();
var jwsHeader = JwsHeader.CreateJweHeaderFromEncryptedHeader(parts[0]);
var verifiedPayload = JWT.Decode(
b64MessageToDecrypt, jwsHeader.SigningPublicCert.GetRSAPublicKey());
return(new JweMessage
{
CryptoPolicy = cryptoPolicy,
EncryptedMessage = b64MessageToDecrypt,
Header = jwsHeader,
Payload = JweEncryptedPayload.CreateFromEncryptedPayload(verifiedPayload, issuerEncryptionCerts),
Signature = new JweSignature(parts[2])
});
}