public bool Verify(JoseHeader header, string payload, byte[] signature)
{
if (signature == null)
throw new ArgumentNullException(nameof(signature));
if (this.disposed)
throw new ObjectDisposedException(this.GetType().Name);
return Array.Empty<byte>().SequenceEqual(signature);
}
public string Serialize(string payload, JoseHeader header)
{
if (payload == null)
throw new ArgumentNullException(nameof(payload));
header.Algorithm = this.algorithm.Name;
var contentToSign = string.Join(".", header.ToJson().ToBase64Url(), payload.ToBase64Url());
var signature = this.algorithm.Sign(header, contentToSign).ToBase64Url();
return string.Join(".", header.ToJson().ToBase64Url(), payload.ToBase64Url(), signature);
}
public void Set(string src)
{
var token = src.Split('.');
if (token == null || token.Length != 3)
{
throw new IllegalEncryptionTokenException();
}
joseHeader = new JoseHeader();
joseHeader.SetSerialize(token[0]);
payload = Base64.base64urldecode(token[1]);
signature = Base64.base64urldecode(token[2]);
}
public void Set(string src)
{
var token = src.Split('.');
if (token == null || token.Length != 5)
{
throw new IllegalEncryptionTokenException();
}
joseHeader = new JoseHeader();
joseHeader.SetSerialize(token[0]);
cek = Base64.base64urldecode(token[1]);
iv = Base64.base64urldecode(token[2]);
cipherText = Base64.base64urldecode(token[3]);
at = Base64.base64urldecode(token[4]);
}
public JweSerializer(JoseHeader header, string payload, string key)
{
this.jweStructure.joseHeader = header;
this.payload = payload;
this.key = StringUtils.StringToByte(key);
}
public bool VerifyInternal(JoseHeader header, string data, byte[] signature)
{
if (string.IsNullOrWhiteSpace(data))
throw new ArgumentNullException(nameof(data));
if (signature == null || signature.Length == 0)
throw new ArgumentNullException(nameof(signature));
RSAPKCS1SignatureDeformatter rsaDeformatter = new RSAPKCS1SignatureDeformatter(this.publicKey);
rsaDeformatter.SetHashAlgorithm(this.hashAlgorithm);
return rsaDeformatter.VerifySignature(ASCII.GetBytes(data), signature);
}
public async Task<bool> VerifyAsync(JoseHeader header, string data, byte[] signature)
{
if (header == null)
throw new ArgumentNullException(nameof(header));
if (this.Disposed)
throw new ObjectDisposedException(this.GetType().Name);
// Get it from header :)
if (this.publicKey == null)
this.SetKey(await header.GetPublicKeyAsync());
return this.VerifyInternal(header, data, signature);
}
public byte[] Sign(JoseHeader header, string data)
{
if (header == null)
throw new ArgumentNullException(nameof(header));
if (string.IsNullOrWhiteSpace(data))
throw new ArgumentNullException(nameof(data));
if (this.privateKey == null)
throw new InvalidOperationException("Private key not defined");
if (this.Disposed)
throw new ObjectDisposedException(this.GetType().Name);
RSAPKCS1SignatureFormatter rsaFormatter = new RSAPKCS1SignatureFormatter(this.privateKey);
rsaFormatter.SetHashAlgorithm(this.hashAlgorithm);
return rsaFormatter.CreateSignature(ASCII.GetBytes(data));
}
public JwsSerializer(JoseHeader header, string payload, string key)
{
jwsStructure.joseHeader = header;
jwsStructure.payload = StringUtils.StringToByte(payload);
this.key = StringUtils.StringToByte(key);
}
public Task<bool> VerifyAsync(JoseHeader header, string payload, byte[] signature)
{
throw new InvalidOperationException();
}
public byte[] Sign(JoseHeader header, string payload)
{
// No signature for this algorithm type ;)
return Array.Empty<byte>();
}
public async Task Verify_RS512_Algorithm_Serialization()
{
var keySet = await JWKSet.GetAsync(this.keySetUri);
var key = keySet["rsa-512"];
var token = new JsonWebToken { Issuer = "joe", ExpirationTime = 1300819380 };
token.AddClaim("http://example.com/is_root", true);
var header = new JoseHeader() { JwkSetUrl = this.keySetUri, KeyId = "rsa-512" };
var serializer = new JWSCompactSerializer(new RS512Algorithm(privateKey: key));
var strToken = serializer.Serialize(token.ToJson(), header);
var deserializedToken = await serializer.DeserializeAsync(strToken);
Assert.AreEqual(token.ToJson(), deserializedToken.ToJson());
}
