-
Klaus Fischer authoredKlaus Fischer authored
RsaSecurityKeyExtensions.cs 1.93 KiB
using System.Security.Cryptography;
using JwkGenerator.Enums;
using Microsoft.IdentityModel.Tokens;
namespace JwkGenerator;
internal static class RsaSecurityKeyExtensions
{
/// <summary>
/// Get the JsonWebKey representation of the RSA key
/// </summary>
/// <param name="includePrivateKey">Include private key in JsonWebKey (if the current key contains the private key)</param>
/// <param name="algorithm">Signature or encryption algorithm for which this key will be used for</param>
/// <returns></returns>
public static JsonWebKey ToJwk(this RsaSecurityKey key, RsaAlgorithm algorithm, bool includePrivateKey = true)
{
RSAParameters parameters;
if (key.Rsa != null)
parameters = key.Rsa.ExportParameters(includePrivateKey);
else
parameters = key.Parameters;
var algorithmInfo = algorithm.GetJsonWebAlgorithm();
var result = new JsonWebKey()
{
Kty = JsonWebAlgorithmsKeyTypes.RSA,
Kid = key.KeyId,
Use = algorithmInfo?.PublicKeyUse,
Alg = algorithmInfo?.Name,
N = parameters.Modulus == null ? null : Base64UrlEncoder.Encode(parameters.Modulus),
E = parameters.Exponent == null ? null : Base64UrlEncoder.Encode(parameters.Exponent)
};
if (includePrivateKey)
{
result.P = parameters.P == null ? null : Base64UrlEncoder.Encode(parameters.P);
result.Q = parameters.Q == null ? null : Base64UrlEncoder.Encode(parameters.Q);
result.D = parameters.D == null ? null : Base64UrlEncoder.Encode(parameters.D);
result.DQ = parameters.DQ == null ? null : Base64UrlEncoder.Encode(parameters.DQ);
result.DP = parameters.DP == null ? null : Base64UrlEncoder.Encode(parameters.DP);
result.QI = parameters.InverseQ == null ? null : Base64UrlEncoder.Encode(parameters.InverseQ);
}
return result;
}
}