search

uruk-project / Jwt

JSON Web Token implementation for .Net & .Net Core
MIT License
85 stars 11 forks source link

Probable bug in Jwk.FromX509Certificate #450

Closed lochgeo closed 4 years ago

lochgeo commented 4 years ago

Shouldn't the boolean parameter for ExportParameters be true if withPrivateKey is true? I was trying a JWE validation with asymmetric key and it kept on failing with "Encryption Key Not found" error -which I think maybe due to this. In file src\JsonWebToken\Jwk.cs

           if (withPrivateKey)
            {
                using var rsa = certificate.GetRSAPrivateKey();
                if (!(rsa is null))
                {
                    var rsaParameters = rsa.ExportParameters(false);
                    key = new RsaJwk(rsaParameters);
                }
            }

Also, it might be better to add a assert in test\JsonWebToken.Tests\JsonWebKeyTests.cs to check for jwk.HasPrivateKey property if the input certificate has a private key.

        [Theory]
        [MemberData(nameof(GetCertificates))]
        public void CreateFromCertificate(X509Certificate2 certificate, bool hasPrivateKey, int keySize)
        {
            var jwk = Jwk.FromX509Certificate(certificate, hasPrivateKey);
            Assert.Equal(keySize, jwk.KeySizeInBits); 
            if(hasPrivateKey)
            {
                Assert.True(jwk.HasPrivateKey);
            }
        }
lochgeo commented 4 years ago

I have added a PR as well for your perusal.