static JwtKey LoadPKCS8Key(byte[] keyBytes, string secret = null, bool isPrivate = false)
{
MemoryStream memoryStream = new MemoryStream(keyBytes);
StreamReader streamReader = new StreamReader(memoryStream);
bool isPrivateWithSecret = secret != null && isPrivate;
PemReader pemReader = isPrivateWithSecret? new PemReader(streamReader, new Password(secret)) : new PemReader(streamReader);
//ICipherParameters key;
JwtKey key = null;
if (isPrivate)
{
AsymmetricCipherKeyPair keyPair = (AsymmetricCipherKeyPair)pemReader.ReadObject();
key = new JwtKey
{
PrivateKey = keyPair.Private,
PublicKey = keyPair.Public,
};
}
else
{
key = new JwtKey
{
PublicKey = (AsymmetricKeyParameter)pemReader.ReadObject(),
};
}
return key;
}
public bool Verify(byte[] signature, byte[] input, JwtKey key)
{
ISigner signer = SignerUtilities.GetSigner(method);
signer.Init(false, key.PublicKey);
signer.BlockUpdate(input, 0, input.Length);
return signer.VerifySignature(signature);
}
public string Sign(byte[] input, JwtKey key)
{
ISigner signer = SignerUtilities.GetSigner(method);
signer.Init(true, key.PrivateKey);
signer.BlockUpdate(input, 0, input.Length);
byte[] signedBytes = signer.GenerateSignature();
return Helpers.Base64UrlEncode(signedBytes);
}
public bool Verify(byte[] signature, byte[] input, JwtKey key)
{
return Helpers.Base64UrlEncode(signature).Equals(Sign(input, key));
}
public string Sign(byte[] input, JwtKey key)
{
byte[] signedBytes = MacUtilities.CalculateMac(method, key.PrivateKey, input);
return Helpers.Base64UrlEncode(signedBytes);
}