private HashAlgorithmName GetHashAlgorithmName()
{
JsonWebSignatureProtected @protected = GetProtected();
switch (@protected.Algorithm)
{
case AlgorithmsEnum.RS1:
return(HashAlgorithmName.SHA1);
case AlgorithmsEnum.RS256:
case AlgorithmsEnum.ES256:
case AlgorithmsEnum.PS256:
return(HashAlgorithmName.SHA256);
case AlgorithmsEnum.RS384:
case AlgorithmsEnum.ES384:
case AlgorithmsEnum.PS384:
return(HashAlgorithmName.SHA384);
case AlgorithmsEnum.RS512:
case AlgorithmsEnum.ES512:
case AlgorithmsEnum.PS512:
return(HashAlgorithmName.SHA512);
default:
throw new CryptographicException($"Unsupported hash algorithm: {@protected.Algorithm}");
}
}
private RSASignaturePadding GetRSASignaturePadding()
{
JsonWebSignatureProtected @protected = GetProtected();
switch (@protected.Algorithm)
{
case AlgorithmsEnum.PS256:
case AlgorithmsEnum.PS384:
case AlgorithmsEnum.PS512:
return(RSASignaturePadding.Pss);
default:
return(RSASignaturePadding.Pkcs1);
}
}
public bool Verify()
{
JsonWebSignatureProtected @protected = GetProtected();
if (@protected.Key.KeyType == KeyTypesEnum.RSA)
{
RSA rsaKey = @protected.Key.GetRsaKey();
return(Verify(rsaKey));
}
if (@protected.Key.KeyType == KeyTypesEnum.EC)
{
ECDsa ecdsaKey = @protected.Key.GetEcdsaKey();
return(Verify(ecdsaKey));
}
throw new ArgumentException($"Unsupported key type: {@protected.Key.KeyType}");
}
public void SignWithRSA()
{
JsonWebSignature jws = new JsonWebSignature();
var @protected = new JsonWebSignatureProtected
{
Algorithm = AlgorithmsEnum.RS256,
Key = new JsonWebKey
{
Algorithm = AlgorithmsEnum.RS256,
KeyType = KeyTypesEnum.RSA,
}
};
jws.SetProtected(@protected);
AsymmetricAlgorithm key = AsymmetricAlgorithm.Create("RSA");
jws.Sign(key);
Assert.True(jws.Verify(key));
}
public void SetProtected(JsonWebSignatureProtected @protected)
{
Protected = Base64Url.Encode(JsonConvert.SerializeObject(@protected));
}
