verifyES256JWT static method

Implementation

static bool verifyES256JWT(String jwt, Uint8List publicKeyBytes) {
  try {
    final parts = jwt.split(_jwtDelimiter);
    if (parts.length != 3) throw Exception('Unable to split jwt: $jwt');
    final header = parts[0];
    final claims = parts[1];
    final signatureBase64 = parts[2];

    final signatureBytes = base64Url.decode(
      _normalizeBase64(signatureBase64),
    );
    final data = utf8.encode('$header.$claims');

    final r = BigInt.parse(
      hex.encode(signatureBytes.sublist(0, signatureBytes.length ~/ 2)),
      radix: 16,
    );
    final s = BigInt.parse(
      hex.encode(signatureBytes.sublist(signatureBytes.length ~/ 2)),
      radix: 16,
    );

    final ecDomain = ECDomainParameters('prime256v1');
    final q = ecDomain.curve.decodePoint(publicKeyBytes)!;
    final pubKeyParams = ECPublicKey(q, ecDomain);

    final signer = ECDSASigner(null, HMac(SHA256Digest(), 64));
    signer.init(false, PublicKeyParameter(pubKeyParams));

    final hash = SHA256Digest().process(Uint8List.fromList(data));

    return signer.verifySignature(hash, ECSignature(r, s));
  } catch (_) {
    return false;
  }
}