public static bool ValidateMaaJwt(string attestDnsName, AttestationToken token, AttestationSigner signer, bool includeDetails)
{
var tenantName = attestDnsName.Split('.')[0];
var attestUri = new Uri($"https://{attestDnsName}");
AttestationResult result = token.GetBody <AttestationResult>();
ValidateJwtIssuerIsTenant(result, attestUri, includeDetails);
ValidateSigningCertIssuerMatchesJwtIssuer(result, signer, includeDetails);
X509Certificate2 signingCertificate = signer.SigningCertificates[0];
byte[] certificateBytes = signingCertificate.RawData;
string x5c = Convert.ToBase64String(certificateBytes);
#if LOG_BOUNCY_CASTLE
if (includeDetails)
{
var bouncyCertParser = new X509CertificateParser();
var bouncyCert = bouncyCertParser.ReadCertificate(certificateBytes);
var bouncyAsn1Sequence = (DerSequence)bouncyCert.CertificateStructure.ToAsn1Object();
for (int i = 0; i < bouncyAsn1Sequence.Count; i++)
{
var asn1 = bouncyAsn1Sequence[i];
Logger.WriteLine(53, 128, $"{asn1.GetType().ToString(),50} : ", BitConverter.ToString(asn1.GetEncoded()).Replace("-", ""));
}
}
#endif
Logger.WriteBanner("VALIDATING MAA JWT TOKEN - MAA EMBEDDED QUOTE IN SIGNING CERTIFICATE FOR JWT");
MaaQuoteValidator.ValidateMaaQuote(x5c, includeDetails);
return(true);
}
public static bool ValidateMaaJwt(string attestDnsName, AttestationToken serviceToken, AttestationSigner tokenSigner, bool includeDetails)
{
var tenantName = attestDnsName.Split('.')[0];
var attestUri = new Uri($"https://{attestDnsName}");
AttestationResult result = serviceToken.GetBody <AttestationResult>();
ValidateJwtIssuerIsTenant(result, attestUri, includeDetails);
ValidateSigningCertIssuerMatchesJwtIssuer(result, tokenSigner, includeDetails);
return(true);
}