0
var payload = new Dictionary<string, object>()
      {
            //xxx
      };
          
var privateKey = ???;
// only got a pem file like 
//-----BEGIN PRIVATE KEY-----
//xxxxxxxxxxxxxxx
//-----END PRIVATE KEY-----

//how can i get a key for below jwt token generate

string token = Jose.JWT.Encode(payload, privateKey, JwsAlgorithm.ES384, new Dictionary<string, object>()
            {
                { "alg", "ES384" },
                { "type", "JWT" },
            });

i search for the web serveral hours and i got sth like this c# JWT load ES256 PEM file into CngKey (jose-jwt) but it cant solve my problem,i want to convert the pem file to p12 file,but i dont have a cert file,i only have a pem file. i realy need the solution, thanks.

and i try to create a ECDSA key from RSAParamaters i get, via PEMReader:

 RSAParameters rsaParameters;
            using (var stream = File.OpenRead("pem.pem"))
            {
                using (var reader = new PemReader(stream))
                {
                    rsaParameters = reader.ReadRsaKey();
                }
            }

            var key = ECDsa.Create(ECCurve.NamedCurves.nistP384);

            key.ImportParameters(new ECParameters()
            {
                Q = new ECPoint() {
                  X = rsaParameters.Q,//???
                  Y = rsaParameters.Q //???
                },
                D = rsaParameters.D
            });

but the Param Q is a ECPoint type ,in rsaParameters Q is a byte array,i dont know how to handle this

P. Chuckie
  • 1
  • 1
  • https://github.com/dvsekhvalnov/jose-jwt#es---family – CodeCaster Nov 19 '22 at 08:15
  • i have seen that page, but it does not help,in that page provide 2 examples,1. need a p12 file which i cant get;2. need x \ y \ d 3 params, with a pem file i only got D\DP\DQ\P\Q params via pemReader, i dont know what is x \ y params. can you help? – P. Chuckie Nov 19 '22 at 08:46

1 Answers1

0

I don't know if you found the solution to this. But I also struggled with this and finally found a solution. I will share my code here.

            var filePath = _sessionSettings.Value.CertificatePath; //read certificate file from path
            var privateKeyPem = File.ReadAllText(filePath);

            var key = ECDsa.Create();
            key.ImportFromPem(privateKeyPem);

            var now = DateTime.UtcNow;

            var claims = new Dictionary<string, object>
            {
                { "aws:channel-arn", channelArn },
                { "aws:access-control-allow-origin", "*" }
            };

            var handler = new JsonWebTokenHandler();

            string token = handler.CreateToken(new SecurityTokenDescriptor
            {
                NotBefore = now,
                Expires = now.AddMinutes(30),
                IssuedAt = now,
                Claims = claims,
                SigningCredentials = new SigningCredentials(new ECDsaSecurityKey(key), "ES384")
            });

            var response = new PrivateSessionTokenResponse
            {
                Token = token
            };

            return response;
Buddhika Nelum
  • 33
  • 1
  • 12