lengthChecks function

void lengthChecks(String jwt)

Implementation

void lengthChecks(String jwt) {
  List<String> parts = jwt.split('.');
  final header = parts[0];
  final payload = parts[1];
  // Is the header small enough
  if (header.length > MAX_HEADER_LEN_B64) {
    throw Exception('Header is too long');
  }

  // Is the combined length of (header, payload, SHA2 padding) small enough?
  // unsigned_jwt = header + '.' + payload;
  int L = (header.length + 1 + payload.length) * 8;
  int K = (512 + 448 - ((L % 512) + 1)) % 512;

  // The SHA2 padding is 1 followed by K zeros, followed by the length of the message
  int paddedUnsignedJwtLen = (L + 1 + K + 64) ~/ 8;

  // The padded unsigned JWT must be less than the max_padded_unsigned_jwt_len
  if (paddedUnsignedJwtLen > MAX_PADDED_UNSIGNED_JWT_LEN) {
    throw Exception('JWT is too long');
  }
}