Asymmetric authentication method can be used in the security mechanism of ASP. NET Webapi

 //client-side invocation        Static voidMain (string[] args) {            stringPublicKey ="Dplmcoihcyi2i6dambso9dzo1miy70g/3+uibtttjlsij3cco"; PublicKey+="kaen3fecywdf7drkcfkg3kjembz6djbihd/4a=="; stringPrivatekey ="W9CE42M+FMBXXVTPYDA2CXIME7DQMK3FCWX0ZQR7FMJ"; Privatekey+="d6phhliwdtrb5couaxppyh+3c6y5z34ugb2dwd/awiw=="; using(HttpClient client =NewHttpClient ()) {            //Step 2-a                intCounter = -; Uri URI=NewUri ("http://localhost:54400/api/employees/12345"); Client. Defaultrequestheaders.add ("X-PSK", PublicKey); Client. Defaultrequestheaders.add ("X-counter", String.Format ("{0}", counter)); //Step 2-bDateTime Epochstart =NewDateTime (1970, on, on,0,0,0,0, DATETIMEKIND.UTC); TimeSpan TS= Datetime.utcnow-Epochstart; stringStamp =Convert.touint64 (TS. totalseconds).                ToString (); Client. Defaultrequestheaders.add ("X-stamp", stamp); stringdata = String.Format ("{0}{1}{2}{3}{4}", PublicKey, counter, stamp, URI. ToString (),"GET"); //Step 2-c byte[] signature = Encoding.UTF8.GetBytes (data); using (HMACSHA256 HMAC = new HMACSHA256 (convert.frombase64string (Privatekey))) {byte[] Sign                    Aturebytes = Hmac.computehash (signature); Client.            Defaultrequestheaders.add ("X-signature", Convert.tobase64string (signaturebytes)); }                 varHttpmessage = client. Getasync (URI). Result;if(Httpmessage.issuccessstatuscode) Console.WriteLine (HttpMessage.Content.ReadAsStringAsync ().            Result); }        }        //server-side serious         Public classPskhandler:delegatinghandler {protected Override AsyncTaskSendAsync (httprequestmessage request, CancellationToken CancellationToken) {stringPrivatekey ="W9CE42M+FMBXXVTPYDA2CXIME7DQMK3FCWX0ZQR7FMJ"; Privatekey + ="d6phhliwdtrb5couaxppyh+3c6y5z34ugb2dwd/awiw=="; varheaders =request.                Headers; if(Headers. Contains ("X-PSK") && headers. Contains ("X-counter") && headers. Contains ("X-stamp") && headers. Contains ("x-signature"))                {                    stringPublicKey = headers. GetValues ("X-PSK"). First ();stringCounter = headers. GetValues ("X-counter"). First ();ULONGStamp = Convert.touint64 (headers. GetValues ("X-stamp"). First ());stringIncomingsignature = headers. GetValues ("x-signature").                    First (); stringdata = String.Format ("{0}{1}{2}{3}{4}", PublicKey, counter, stamp, request. Requesturi.tostring (), request.                    Method.method); byte[] signature = Encoding.UTF8.GetBytes (data);using(HMACSHA256 HMAC =NewHMACSHA256 (convert.frombase64string (Privatekey))) {                        byte[] signaturebytes = Hmac.computehash (signature);if(Incomingsignature.equals (convert.tobase64string (signaturebytes), stringcomparison.ordinal)) { DateTime Epochstart=NewDateTime (1970, on, on,0,0,0,0, DATETIMEKIND.UTC); TimeSpan ts = datetime.utcnow-Epochstart; if(Convert.touint64 (TS. totalseconds)-Stamp <=3)return await Base.                        SendAsync (Request, CancellationToken); }                    }                }                returnrequest.            Createresponse (httpstatuscode.unauthorized); }        }

Asymmetric authentication method can be used in the security mechanism of ASP. NET Webapi