1

Essentially, I'm looking to convert a Public Microsoft.IdentityModel.Tokens.JsonWebKey.JsonWebKey to RSAParameters to then use in an RSA Instance. After this, i'm creating an Azure KeyVault JsonWebKey so I can import this key into my vault. I currently tried this, however have not gotten it to work. Any recommendations/shortcuts?

var jwk = new JsonWebKey(someStr); // IdentityModel.Tokens...

var rsaParams = new RSAParameters
{
    Modulus = WebEncoders.Base64UrlDecode(jwk.N),
    Exponent = WebEncoders.Base64UrlDecode(jwk.E)
};

var rsa = RSA.Create(rsaParams);
var key = new JsonWebKey(rsa); // Azure.Security.KeyVault.Keys
....
var kvKey = keyClient.ImportKey(keyName, key); // keyClient = KeyClient class

The error I am receiving from this request is:

RSA key is not valid - cannot instantiate crypto service
Matt A
  • 13
  • 3

1 Answers1

0

Try adding other rsa parameters and then importing into an RSACryptoServiceProvider. Then you can recover the SecurityKey.

The code below is an example of how to recover a SecurityKey from a previous RSASecurityKey stored in a JsonWebKey

using RSACryptoServiceProvider provider = new RSACryptoServiceProvider(2048);
JsonWebKey key = JsonConvert.DeserializeObject<JsonWebKey>(jsonwebkeystringcontent);
RSAParameters rsaParameters = new()
                {
                    Modulus = WebEncoders.Base64UrlDecode(key.N),
                    Exponent = WebEncoders.Base64UrlDecode(key.E),
                    D = WebEncoders.Base64UrlDecode(key.D),
                    DP = WebEncoders.Base64UrlDecode(key.DP),
                    DQ = WebEncoders.Base64UrlDecode(key.DQ),
                    P = WebEncoders.Base64UrlDecode(key.P),
                    Q = WebEncoders.Base64UrlDecode(key.Q),
                    InverseQ = WebEncoders.Base64UrlDecode(key.QI)
                };
                provider.ImportParameters(rsaParameters);
                SecurityKey Key = new RsaSecurityKey(provider.ExportParameters(true));
K0gu7
  • 1