CODEWITHSUNDEEP
c#
Sonika
Sonika

Reputation: 151

How can we create an AsymmetricSecurityKey?

How we can create AsymmetricSecurityKey in c#. Actually we are creating signing credentials with AsymetricSecurityKey here is our code:

// Define const Key this should be private secret key  stored in some safe place
string key = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";

// Create Security key  using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
var securityKey = new AsymmetricSecurityKey(Encoding.UTF8.GetBytes(key));

// Also note that securityKey length should be >256b
// so you have to make sure that your private key has a proper length
//
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
                  (securityKey, SecurityAlgorithms.HmacSha256Signature);

Upvotes: 5

Views: 12705

Answers (4)

Rodolfo Rodrigues
Rodolfo Rodrigues

Reputation: 11

Signing credentials with a AsymmetricSecurityKey in C# using a RSA private key:

// RSA Private Key Base64
var privateKey = @"...";

var privateKeyBuffer = new Span<byte>(new byte[privateKey.Length]);
Convert.TryFromBase64String(privateKey, privateKeyBuffer, out _);

// abstract class RSA : AsymmetricAlgorithm in namespace System.Security.Cryptography
var rsaPrivateKey = RSA.Create();
rsaPrivateKey.ImportRSAPrivateKey(privateKeyBuffer, out _);

// class RsaSecurityKey : AsymmetricSecurityKey in namespace Microsoft.IdentityModel.Tokens
var rsaSecurityKey = new RsaSecurityKey(rsaPrivateKey);
var signingCredentials = new SigningCredentials(rsaSecurityKey, SecurityAlgorithms.RsaSha256);

This is a possible solution on how to create AsymmetricSecurityKey object and a SigningCredentials object when we have a RSA private key (asymmetric key) in string format.

When you want to use asymmetric keys that are generated outside your application, you may need this additional steps to import an externally generated key.

Upvotes: 1

Miro
Miro

Reputation: 11

This creates security key from an RSA public key in F#.

    let pem = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzyis1ZjfNB0bBgKFMSvvkTtwlvBsaJq7S5wA+kzeVOVpVWwkWdVha4s38XM/pa/yr47av7+z3VTmvDRyAHcaT92whREFpLv9cj5lTeJSibyr/Mrm/YtjCZVWgaOYIhwrXwKLqPr/11inWsAkfIytvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0e+lf4s4OxQawWD79J9/5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWbV6L11BWkpzGXSW4Hv43qa+GSYOD2QU68Mb59oSk2OB+BtOLpJofmbGEGgvmwyCI9MwIDAQAB"
        
    let getPublicKey (pem: string) =
            let publicKey = ReadOnlySpan<byte>(Convert.FromBase64String(pem))
            let rsa = RSA.Create()
            let mutable read = 0
            rsa.ImportSubjectPublicKeyInfo(publicKey, &read)
            new RsaSecurityKey(rsa)

    getPublicKey pem

Upvotes: 0

Plendor
Plendor

Reputation: 310

Are you specifically looking for an AsymmetricSecurityKey?

I noticed that you are referencing the HM256 algorithm. That leads me to believe that you are looking for a SymmetricSecurityKey. Also, your approach seems very specific to using the HMAC alg.

To generate a SymmetricSecurityKey, you can try something like the following code:

// Define const Key this should be private secret key  stored in some safe place
string key = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";

// Create Security key  using private key above:
// not that latest version of JWT using Microsoft namespace instead of System
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));

// Also note that securityKey length should be >256b
// so you have to make sure that your private key has a proper length
//
var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);

If you would like the a solution for using an RS256 alg (which will use a cert in pfx format), you can comment and I will do my best to give you an example of that too.

Upvotes: 0

FaizanHussainRabbani
FaizanHussainRabbani

Reputation: 3439

You can generate public/private keys using:

public void GenerateRsaCryptoServiceProviderKey()
{
        var rsaProvider = new RSACryptoServiceProvider(512);
        SecurityKey key = new RsaSecurityKey(rsaProvider);      
}

You should use RsaSha256 below:

var credentials = new Microsoft.IdentityModel.Tokens.SigningCredentials
                  (key, SecurityAlgorithms.RsaSha256);

Upvotes: 5

Related Questions