JsonSignature

JsonSignature is a C# library that implements the SIGJSON signature format for securing JSON files with hidden signatures. This allows you to embed cryptographic signatures directly into JSON data as comments, ensuring data integrity and authenticity without altering the JSON structure.

Features

• Hidden Signatures: Signatures are embedded as comments at the beginning of the JSON file, making them invisible to standard JSON parsers.
• Multiple Algorithms: Supports RSA with SHA256, SHA384, and SHA512.
• Multiple Keys: Can sign with multiple keys and verify against multiple public keys.
• Stream-Based: Works with any seekable stream, allowing integration with various data sources.

Installation

Add the JsonSignature package to your .NET project:

dotnet add package JsonSignature

Or manually reference the DLL in your project.

Usage

Signing Data

To sign a JSON stream:

using JsonSignature;

// Generate or load your RSA keys
string publicKey = "..."; // Your RSA public key in XML format
string privateKey = "..."; // Your RSA private key in XML format

// Prepare the data to sign
using var source = new MemoryStream(Encoding.UTF8.GetBytes("{\"key\": \"value\"}"));
using var target = new MemoryStream();

// Create a sign operation
var signOp = new JSONSignature.SignOperation(JSONSignature.RSA_SHA256, publicKey, privateKey);

// Sign the data
await JSONSignature.SignAsync(source, target, [signOp]);

// The signed data is now in the target stream

Verifying Data

To verify a signed JSON stream:

// Reset the target stream to the beginning
target.Position = 0;

// Create a verify operation
var verifyOp = new JSONSignature.VerifyOperation(JSONSignature.RSA_SHA256, publicKey);

// Verify the signature
var matches = JSONSignature.Verify(target, [verifyOp]);

if (matches.Any())
{
    Console.WriteLine("Signature is valid!");
}
else
{
    Console.WriteLine("Signature is invalid.");
}

Advanced Usage

Signing with Multiple Keys

var signOps = new[]
{
    new JSONSignature.SignOperation(JSONSignature.RSA_SHA256, publicKey1, privateKey1),
    new JSONSignature.SignOperation(JSONSignature.RSA_SHA384, publicKey2, privateKey2)
};

await JSONSignature.SignAsync(source, target, signOps);

Verifying with Multiple Keys

var verifyOps = new[]
{
    new JSONSignature.VerifyOperation(JSONSignature.RSA_SHA256, publicKey1),
    new JSONSignature.VerifyOperation(JSONSignature.RSA_SHA384, publicKey2)
};

var matches = JSONSignature.Verify(target, verifyOps);