/// <summary> /// Verify the json web signature of an attachment /// </summary> /// <param name="content">The attachment content to be verified.</param> /// <returns>True - signature is valid; False - signature is missing or invalid.</returns> public static async Task <bool> VerifyJsonWebSignature(this AttachmentContent content) { try { var did = content.JsonWebSignature.Header.Kid; var verkey = DidUtils.ConvertDidKeyToVerkey(did); var message = $"{content.JsonWebSignature.Protected}.{content.Base64}"; return(await Crypto.VerifyAsync(verkey, Encoding.ASCII.GetBytes(message), content.JsonWebSignature.Signature.GetBytesFromBase64())); } catch (Exception) { return(false); } }
/// <summary> /// Sign attachment content using json web signature /// </summary> /// <param name="content">The attachment content to be signed.</param> /// <param name="wallet">The wallet.</param> /// <param name="verkey">The verkey to be used for the signing.</param> /// <exception cref="NullReferenceException">Throws if payload is null.</exception> public static async Task SignWithJsonWebSignature(this AttachmentContent content, Wallet wallet, string verkey) { var payload = content.Base64; if (payload == null) { throw new NullReferenceException("No data to sign"); } var did = DidUtils.ConvertVerkeyToDidKey(verkey); var protectedHeader = new { alg = "EdDSA", kid = did, jwk = new { kty = "OKP", crv = "Ed25519", x = Multibase.Base58.Decode(verkey).ToBase64UrlString(), kid = did } }.ToJson().ToBase64Url(); var message = $"{protectedHeader}.{payload}"; var signature = (await Crypto.SignAsync(wallet, verkey, Encoding.ASCII.GetBytes(message))).ToBase64UrlString(); content.JsonWebSignature = new JsonWebSignature { Header = new JsonWebSignatureHeader { Kid = did }, Protected = protectedHeader, Signature = signature }; }