up

src/__Libraries/StellaOps.Cryptography.Plugin.SmRemote/SmRemoteSigner.cs

@@ -0,0 +1,36 @@
+using System.Threading;
+using System.Threading.Tasks;
+using StellaOps.Cryptography;
+
+namespace StellaOps.Cryptography.Plugin.SmRemote;
+
+internal sealed class SmRemoteSigner : ICryptoSigner
+{
+    private readonly SmRemoteHttpClient client;
+    private readonly string remoteKeyId;
+
+    public SmRemoteSigner(SmRemoteHttpClient client, string remoteKeyId, string algorithmId)
+    {
+        this.client = client ?? throw new ArgumentNullException(nameof(client));
+        this.remoteKeyId = remoteKeyId ?? throw new ArgumentNullException(nameof(remoteKeyId));
+        AlgorithmId = algorithmId ?? throw new ArgumentNullException(nameof(algorithmId));
+    }
+
+    public string KeyId => remoteKeyId;
+    public string AlgorithmId { get; }
+
+    public async ValueTask<byte[]> SignAsync(ReadOnlyMemory<byte> data, CancellationToken cancellationToken = default)
+    {
+        var signatureBase64 = await client.SignAsync(remoteKeyId, AlgorithmId, data.ToArray(), cancellationToken).ConfigureAwait(false);
+        return Convert.FromBase64String(signatureBase64);
+    }
+
+    public async ValueTask<bool> VerifyAsync(ReadOnlyMemory<byte> data, ReadOnlyMemory<byte> signature, CancellationToken cancellationToken = default)
+    {
+        var sigBase64 = Convert.ToBase64String(signature.ToArray());
+        return await client.VerifyAsync(remoteKeyId, AlgorithmId, data.ToArray(), sigBase64, cancellationToken).ConfigureAwait(false);
+    }
+
+    public Microsoft.IdentityModel.Tokens.JsonWebKey ExportPublicJsonWebKey()
+        => new() { Kid = remoteKeyId, Alg = AlgorithmId, Kty = "EC" };
+}