public static void Sign(object obj) { string payloadB64U = Base64UrlConverter.Encode(CanonicalizeObject(obj)); // Create and initialize an empty signature object JWSHeader jwsHeader = new JWSHeader { Algorithm = ALGORITHM, KeyId = KEY_ID }; string jwsHeaderB64U = Base64UrlConverter.Encode( new UTF8Encoding(false, true).GetBytes(JsonConvert.SerializeObject(jwsHeader))); string jwsString = jwsHeaderB64U + ".." + Base64UrlConverter.Encode( HmacObject(new UTF8Encoding(false, true).GetBytes(jwsHeaderB64U + "." + payloadB64U))); if (obj is List <object> ) { // We are signing an array, append signature ((List <object>)obj).Add(jwsString); } else { // We are signing an object, assign signature to it GetSignatureProperty(obj).SetValue(obj, jwsString); } }
public static bool Verify(object obj) { string jwsString; if (obj is List <object> ) { // We are verifying a signed array, fetch the last element containing a JWS string jwsString = ((String)((List <object>)obj).Last()); // After that the last element is removed ((List <object>)obj).Remove(((List <object>)obj).Last()); } else { // We are verifying a signed object, get the JWS string jwsString = (String)GetSignatureProperty(obj).GetValue(obj); // After that set this element to GetSignatureProperty(obj).SetValue(obj, null); } // Canonicalize the object - Payload to be signed string payloadB64U = Base64UrlConverter.Encode(CanonicalizeObject(obj)); // Header - To be signed string jwsHeaderB64U = jwsString.Substring(0, jwsString.IndexOf('.')); JWSHeader jwsHeader = JsonConvert.DeserializeObject <JWSHeader>( new UTF8Encoding(false, true).GetString(Base64UrlConverter.Decode(jwsHeaderB64U)), new JsonSerializerSettings { MissingMemberHandling = MissingMemberHandling.Error, // Reject undeclared properties }); // Verify correctness of container if (!jwsHeader.Algorithm.Equals(ALGORITHM) || !jwsHeader.KeyId.Equals(KEY_ID)) { throw new CryptographicException("Unexpected JWS header arguments: " + JsonConvert.SerializeObject(jwsHeader)); } // Fetch signature value byte[] signatureValue = Base64UrlConverter.Decode(jwsString.Substring(jwsString.LastIndexOf('.') + 1)); // Data to be signed byte[] dataToBeSigned = new UTF8Encoding(false, true).GetBytes((jwsHeaderB64U + "." + payloadB64U)); // Verify signature value return(signatureValue.SequenceEqual(HmacObject(dataToBeSigned))); }