I am using Jose-Jwt license on C# and I have the following code:
private string DecodeJWT(string token)
{
string privateKeyPath = ConfigurationManager.AppSettings["PrivateKey"];
var privateRSA = RsaProviderFromPrivateKeyInPemFile(privateKeyPath);
string json = Jose.JWT.Decode(token,privateRSA, Jose.JweAlgorithm.RSA_OAEP, Jose.JweEncryption.A256GCM);
return json;
}
private RSACryptoServiceProvider RsaProviderFromPrivateKeyInPemFile(string privateKeyPath)
{
using (TextReader privateKeyTextReader = new StringReader(System.IO.File.ReadAllText(privateKeyPath)))
{
PemReader pr = new PemReader(privateKeyTextReader);
RSAParameters rsaParams = DotNetUtilities.ToRSAParameters((RsaPrivateCrtKeyParameters)pr.ReadObject());
RSACryptoServiceProvider csp = new RSACryptoServiceProvider();
csp.ImportParameters(rsaParams);
return csp;
}
}
However I didn't manage to decrypt the encrypted string. It returns the same encrypted string after decoding. Can anyone advise what I might have done wrong? I am actually following suggestions from this Q/A
It doesn't seem to work for me. :(
I found out that decoding actually works. But I need to further decrypt the data using the Public Key.
RSACryptoServiceProvider publicRSA = RsaProviderFromPublicKeyInPemFile(publicKeyPath);
var validationParameters = new TokenValidationParameters()
{
RequireExpirationTime = false,
RequireSignedTokens = true,
ValidateAudience = false,
ValidateIssuer = false,
IssuerSigningKey = new RsaSecurityKey(publicRSA)
};
IdentityModelEventSource.ShowPII = true;
var result = handler.ValidateToken(decryptedresult, validationParameters, out var validatedToken);
However the system is throwing {"IDX10501: Signature validation failed. Unable to match key: \nkid: 'C6Q-0bsHc4qyNq6MBEtftpB-DsTHNth4ZnlrFPUQ8PI'.\nExceptions caught:\n ''. \ntoken: {"IDX10501: Signature validation failed. Unable to match key: \nkid: 'C6Q-0bsHc4qyNq6MBEtftpB-DsTHNth4ZnlrFPUQ8PI'.\nExceptions caught:\n ''. \ntoken: '{\"alg\":\"RS256\",\"kid\":\"C6Q-0bsHc4qyNq6MBEtftpB-DsTHNth4ZnlrFPUQ8PI\"}.{\"uinfin\":{\"lastupdated\":\"2019-11-13\",\"source\":\"1\",\"classification\":\"C\",\"value\":\"S9812381D\"}....
However I can see the payload decrypted in the error message. I am stuck at how to handle this Unable to match key error.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.