verify method
Verify the signature of body with key
return true if the signature is correct false otherwise
Implementation
@override
bool verify(JWTKey key, Uint8List body, Uint8List signature) {
assert(key is RSAPublicKey, 'key must be a RSAPublicKey');
final publicKey = key as RSAPublicKey;
try {
final algorithm = _getAlgorithm(name);
final signer = pc.Signer('${_getHash(name)}/${algorithm}');
pc.CipherParameters params = pc.PublicKeyParameter<pc.RSAPublicKey>(
publicKey.key,
);
if (algorithm == 'PSS') {
final secureRandom = pc.SecureRandom('Fortuna');
final random = Random.secure();
final seed = List.generate(32, (_) => random.nextInt(256));
secureRandom.seed(pc.KeyParameter(Uint8List.fromList(seed)));
params = pc.ParametersWithSaltConfiguration(
params,
secureRandom,
32,
);
}
signer.init(false, params);
final msg = Uint8List.fromList(body);
final sign = algorithm == 'PSS'
? pc.PSSSignature(Uint8List.fromList(signature))
: pc.RSASignature(Uint8List.fromList(signature));
return signer.verifySignature(msg, sign);
} catch (ex) {
return false;
}
}