private void ValidateSignature(string signature, string payload)
{
var match = Regex.Match (payload, @"[^A-Za-z0-9+=/\n]");
if (match.Success)
{
throw new InvalidSignatureException ("payload contains illegal characters");
}
string matchingSignature = null;
string[] signaturePairs = signature.Split('&');
foreach (var signaturePair in signaturePairs)
{
if (signaturePair.IndexOf('|') >= 0)
{
string[] candidatePair = signaturePair.Split('|');
if (service.PublicKey.Equals(candidatePair[0]))
{
matchingSignature = candidatePair[1];
break;
}
}
}
if (matchingSignature == null)
{
throw new InvalidSignatureException ("no matching public key");
}
if (!(PayloadMatches(matchingSignature, payload) || PayloadMatches(matchingSignature, payload + "\n")))
{
throw new InvalidSignatureException ("signature does not match payload - one has been modified");
}
}
}
