Get Public key from File

[Mr-Mohammad]

hi I want to open public key from File in (public-key.pem) project root and Encode with public key Algorithm : ECDH ES A256KW - Encryption method: A256GCM I'm using C# please help me

[dvsekhvalnov]

Hi @Mr-Mohammad , something along those lines if you are on modern version of .net:

var eccPem = File.ReadAllText("public-key.pem");

var key = ECDsa.Create();
key.ImportFromPem(eccPem);

Jose.JWT.Encode(payload, key, ....);

[Mr-Mohammad]

This is my code:

      var payload = new
        {
            sub = "mr.x@yahoo.com",
            exp = 1300819380
        };
        var publickey = File.ReadAllText("public-key.pem");
        var key = ECDsa.Create();

        key.ImportFromPem(publickey);

        var res=Jose.JWT.Encode(payload, key, JweAlgorithm.ECDH_ES_A256KW,JweEncryption.A256GCM);

        Console.WriteLine(res);

Error in run time for this line: var res=Jose.JWT.Encode(payload, key, JweAlgorithm.ECDH_ES_A256KW,JweEncryption.A256GCM);

Error : System.ArgumentException HResult=0x80070057 Message=EcdhKeyManagement alg expects key to be of CngKey or Jwk types with kty='EC'. Source=jose-jwt StackTrace: at Jose.EcdhKeyManagement.NewKey(Int32 keyLength, Object key, IDictionary2 header) at Jose.EcdhKeyManagement.WrapNewKey(Int32 cekSizeBits, Object key, IDictionary2 header) at Jose.EcdhKeyManagementWithAesKeyWrap.WrapKey(Byte[] cek, Object key, IDictionary2 header) at Jose.EcdhKeyManagementWithAesKeyWrap.WrapNewKey(Int32 cekSizeBits, Object key, IDictionary2 header) at Jose.JWE.EncryptBytes(Byte[] plaintext, IEnumerable1 recipients, JweEncryption enc, Byte[] aad, SerializationMode mode, Nullable1 compression, IDictionary2 extraProtectedHeaders, IDictionary2 unprotectedHeaders, JwtSettings settings)

[dvsekhvalnov]

@Mr-Mohammad what's you runtime version of .net?

[Mr-Mohammad]

@dvsekhvalnov .net 6.0 jose-jwt : 4.1.0

[dvsekhvalnov]

Ah, sorry @Mr-Mohammad i gave wrong advice. Was thinking you want to do digital signature, not an encryption.

For encryption you will need either CngKey or JWK. Microsoft not providing an easy way to parse .pem other than to ECDsa keys (which is not what you want for encryption).

So my best advise will to convert .pem into JWK somehow.

[Mr-Mohammad]

Sorry it took so long @dvsekhvalnov i'm using this code For Convert .Pem to Jwk Algorithm : ECDH ES A256KW - Encryption method: A256GCM

            string publicKeyPem = @"-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3LB3nOlUybXt/lI6hi8YS/SVmo2b
TKioHGChnOgbM38FyFcJv/z0ziRNvzDaUNj7MLckeYewqZGB//A/mox71A==
-----END PUBLIC KEY-----";
            RSA rsa = RSA.Create();
            rsa.ImportFromPem(publicKeyPem);

            // Convert the public key to JWK format
            JsonWebKey jwk = JsonWebKeyConverter.ConvertFromRSASecurityKey(new RsaSecurityKey(rsa));

But it gives an error error :

System.Security.Cryptography.CryptographicException: 'Key is not a valid public or private key.'

[dvsekhvalnov]

Hey @Mr-Mohammad , no that's definitely not the code to read PEM file.

Why don't you try to convert pem to jwk before hand? you can try it out here for instance: https://irrte.ch/jwt-js-decode/pem2jwk.html

But please be careful with prod keys.

[Mr-Mohammad]

I tried to convert pem to jwk but it was not successful and gave an error

my public key For Sample :

-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVt28zLQGgk3/MNBsWBps9EBMjcJu INFq1q2sur0z4LASagHDDFmevgovDEWVoEJKSkdsom4MWW4Pqr2GWmHwQA== -----END PUBLIC KEY-----

This site cannot convert my public key to jwk https://irrte.ch/jwt-js-decode/pem2jwk.html

[dvsekhvalnov]

ohh.. how about this https://hub.docker.com/r/danedmunds/pem-to-jwk/ ?

[dvsekhvalnov]

Hey @Mr-Mohammad , just checking if last link helped?