CsharpJwtRsaEncryptionExample | C# Online Compiler

CsharpJwtRsaEncryptionExample by Javacrypto

using System;
using System.Security.Cryptography;
using System.Collections.Generic;
using Jose;
using System.Text.Json;
//using System.Text.Json.Serialization;


class RrsaSignatureString {
	public static void Main() {
		Console.WriteLine("JWT RSA encryption");
		// https://www.nuget.org/packages/jose-jwt/
		// https://github.com/dvsekhvalnov/jose-jwt
		Console.WriteLine("DateTime Now: " + DateTime.Now);
		Console.WriteLine("DateTime Unix: " + DateTimeOffset.Now.ToUnixTimeSeconds());
		var payloadOrg = new Dictionary<string, object>()
		{
    		{ "sub", "mr.x@contoso.com" },
    		{ "exp", 1300819380 }
		};
		var payload = new Dictionary<string, object>()
		{
    		{ "sub", "mr.x@contoso.com" },
    		{ "exp", DateTimeOffset.Now.ToUnixTimeSeconds() + 60 } // 60 seconds valid
		};
	
		// getting the public key
		string publicKeyPem = loadRsaPublicKeyPem(); 
		RSA rsaAlg = RSA.Create();
		rsaAlg.ImportFromPem(publicKeyPem);
		
		// JWEHeader header = new JWEHeader(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A128GCM);
		string token = Jose.JWT.Encode(payload, rsaAlg, JweAlgorithm.RSA_OAEP_256, JweEncryption.A128GCM);
		
		//var privateKey=new X509Certificate2("my-key.p12", "password", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet).PrivateKey as RSACryptoServiceProvider;
		//string token=Jose.JWT.Encode(payload, privateKey, JwsAlgorithm.RS256);
		//string token=Jose.JWT.Encode(payload, rsaAlg, JwsAlgorithm.RS256);
		Console.WriteLine("payload: " + payload);
		Console.WriteLine("token: " + token);

		// verify token
		// token is expired
		//token = "eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4R0NNIn0.uS9ImlYAxAiB0kUM5ZJX3Ji6k5aLcA7XiF5UPS9CQ2QdPHr1wNQUxEeFif4Mg_iPZAILr0NH2jVNX-WzO0JIyTl6fCaI-B7UXrxAOfMsNnNP_waib2LXSWTob01KkGasUYFBqiUbjZcn_lgXljaeo2gtaNViJiTCTDpWBaEcg9q6pKqhbem8Q95IYSr9S1pAOqTRMEB2fMDJNPFcQlikrcqTyXxx5ucTkwaekz3K6pF5MkoHieb1qE8nHsGPSv6thtalmxU3oDmaj9emKNoxj_u5pFIkV_YzIpmXeCF6i4f2wbcN6fUj7Br0aAWevK0NRAn_K6dPgSaZYqXsNUA6Uw.2HmE-u4hlbICEMfw.Tc12sdoqU8EpvdDLFNR7cDnpJ6pdqqiyc7xxUDmXkprVVy-jaMkW5LqK4w.07XnO1nu3m1w_J4EplexAg";
		// token is corrupted
		//token = "eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4R0NNIn0.uS9ImlYAxAiB0kUM5ZJX3Ji6k5aLcA7XiF5UPS9CQ2QdPHr1wNQUxEeFif4Mg_iPZAILr0NH2jVNX-WzO0JIyTl6fCaI-B7UXrxAOfMsNnNP_waib2LXSWTob01KkGasUYFBqiUbjZcn_lgXljaeo2gtaNViJiTCTDpWBaEcg9q6pKqhbem8Q95IYSr9S1pAOqTRMEB2fMDJNPFcQlikrcqTyXxx5ucTkwaekz3K6pF5MkoHieb1qE8nHsGPSv6thtalmxU3oDmaj9emKNoxj_u5pFIkV_YzIpmXeCF6i4f2wbcN6fUj7Br0aAWevK0NRAn_K6dPgSaZYqXsNUA6Uw.2HmE-u4hlbICEMfw.Tc12sdoqU8EpvdDLFNR7cDnpJ6pdqqiyc7xxUDmXkprVVy-jaMkW5LqK4w.07XnO1nu3m1w_J4EplexBg";
		
		
		// getting the rsa private key
		string privateKeyPem = loadRsaPrivateKeyPem();
		RSA rsaAlgd = RSA.Create();
		byte[] privateKeyByte = getRsaPrivateKeyEncodedFromPem(privateKeyPem);
		int _out;
		rsaAlgd.ImportPkcs8PrivateKey(privateKeyByte, out _out);
		
		string json = "";
		try {
			json = Jose.JWT.Decode(token , rsaAlgd);
			//Console.WriteLine("valid signature");
		} catch(Jose.EncryptionException) {
			Console.WriteLine("payload corrupted");
			// throws: Jose.EncryptionException: Unable to decrypt content or authentication tag do not match.
		}	
		Console.WriteLine("json: " + json);
		// check for expired
		var payloadData = JsonSerializer.Deserialize<PayloadObject>(json);
		long payloadExp = payloadData.exp;
		long dateTimeUnixNow = DateTimeOffset.Now.ToUnixTimeSeconds();
		if (payloadExp < dateTimeUnixNow) {
			Console.WriteLine("payload is expired");
		} else {
			Console.WriteLine("payload is NOT expired");
		}		
	}

	public static string rsaSignPssToBase64(string rsaPrivateKey, byte[] data) {
		// getting the rsa private key from xml
		RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(2048);
		RSAalg.PersistKeyInCsp = false;
		RSAalg.FromXmlString(rsaPrivateKey);
		RSAParameters rsaParams = RSAalg.ExportParameters(true);
		RSA RSACng = RSA.Create();
		RSACng.ImportParameters(rsaParams);
		byte[] signature = RSACng.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pss);
		return Base64Encoding(signature);
	}

	private static bool rsaVerifySignaturePssFromBase64(string rsaPublicKey, byte[] dataToSign, string signatureBase64) {
		try {
			var signature = Base64Decoding(signatureBase64);
			// getting the rsa public key from xml
			RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(2048);
			RSAalg.PersistKeyInCsp = false;
			RSAalg.FromXmlString(rsaPublicKey);
			RSAParameters rsaParams = RSAalg.ExportParameters(false);
			RSA RSACng = RSA.Create();
			RSACng.ImportParameters(rsaParams);
			return RSACng.VerifyData(dataToSign, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pss);
		} catch(CryptographicException e) {
			Console.WriteLine(e.Message);
			return false;
		}
	}

	static string Base64Encoding(byte[] input) {
		return Convert.ToBase64String(input);
	}

	static byte[] Base64Decoding(String input) {
		return Convert.FromBase64String(input);
	}

	private static string loadRsaPrivateKeyXml() {
		return "<RSAKeyValue><Modulus>8EmWJUZ/Osz4vXtUU2S+0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe801/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLBishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2gQw==</Modulus><Exponent>AQAB</Exponent><P>/8atV5DmNxFrxF1PODDjdJPNb9pzNrDF03TiFBZWS4Q+2JazyLGjZzhg5Vv9RJ7VcIjPAbMy2Cy5BUffEFE+8ryKVWfdpPxpPYOwHCJSw4Bqqdj0Pmp/xw928ebrnUoCzdkUqYYpRWx0T7YVRoA9RiBfQiVHhuJBSDPYJPoP34k=</P><Q>8H9wLE5L8raUn4NYYRuUVMa+1k4Q1N3XBixm5cccc/Ja4LVvrnWqmFOmfFgpVd8BcTGaPSsqfA4j/oEQp7tmjZqggVFqiM2mJ2YEv18cY/5kiDUVYR7VWSkpqVOkgiX3lK3UkIngnVMGGFnoIBlfBFF9uo02rZpC5o5zebaDIms=</Q><DP>BPXecL9Pp6u/0kwY+DcCgkVHi67J4zqka4htxgP04nwLF/o8PF0tlRfj0S7qh4UpEIimsxq9lrGvWOne6psYxG5hpGxiQQvgIqBGLxV/U2lPKEIb4oYAOmUTYnefBCrmSQW3v93pOP50dwNKAFcGWTDRiB/e9j+3EmZm/7iVzDk=</DP><DQ>rBWkAC/uLDf01Ma5AJMpahfkCZhGdupdp68x2YzFkTmDSXLJ/P15GhIQ+Lxkp2swrvwdL1OpzKaZnsxfTIXNddmEq8PEBSuRjnNzRjQaLnqjGMtTBvF3G5tWkjClb/MW2q4fgWUG8cusetQqQn2k/YQKAOh2jXXqFOstOZQc9Q0=</DQ><InverseQ>BtiIiTnpBkd6hkqJnHLh6JxBLSxUopFvbhlR37Thw1JN94i65dmtgnjwluvR/OMgzcR8e8uCH2sBn5od78vzgiDXsqITF76rJgeO639ILTA4MO3Mz+O2umrJhrkmgSk8hpRKA+5Mf9aE7dwOzHrc8hbj8J102zyYJIE6pOehrGE=</InverseQ><D>hXGYfOMFzXX/vds8HYQZpISDlSF3NmbTCdyZkIsHjndcGoSOTyeEOxV93MggxIRUSjAeKNjPVzikyr2ixdHbp4fAKnjsAjvcfnOOjBp09WW4QCi3/GCfUh0w39uhRGZKPjiqIj8NzBitN06LaoYD6MPg/CtSXiezGIlFn/Hs+MuEzNFu8PFDj9DhOFhfCgQaIgEEr+IHdnl5HuUVrwTnIBrEzZA/08Q0Gv86qQZctZWoD9hPGzeAC+RSMyGVJw6Ls8zBFf0eysB4spsu4LUom/WnZMdS1ls4eqsAX+7AdqPKBRuUVpr8FNyRM3s8pJUiGns6KFsPThtJGuH6c6KVwQ==</D></RSAKeyValue>";
	}

	private static string loadRsaPublicKeyXml2() {
		return "<RSAKeyValue><Modulus>1EmWJUZ/Osz4vXtUU2S+0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe801/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLBishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2gQw==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
	}
	
	private static string loadRsaPublicKeyXml() {
		return "<RSAKeyValue><Modulus>8EmWJUZ/Osz4vXtUU2S+0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe801/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLBishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2gQw==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
	}
	
		private static byte[] getRsaPrivateKeyEncodedFromPem(string rsaPrivateKeyPem) {
		string rsaPrivateKeyHeaderPem = "-----BEGIN PRIVATE KEY-----\n";
		string rsaPrivateKeyFooterPem = "-----END PRIVATE KEY-----";
		string rsaPrivateKeyDataPem = rsaPrivateKeyPem.Replace(rsaPrivateKeyHeaderPem, "").Replace(rsaPrivateKeyFooterPem, "").Replace("\n", "");
		return Base64Decoding(rsaPrivateKeyDataPem);
	}

	private static string loadRsaPrivateKeyPem() {
		// this is a sample key - don't worry !
		return "-----BEGIN PRIVATE KEY-----\n" +
			"MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDwSZYlRn86zPi9\n" +
			"e1RTZL7QzgE/36zjbeCMyOhf6o/WIKeVxFwVbG2FAY3YJZIxnBH+9j1XS6f+ewjG\n" +
			"FlJY4f2IrOpS1kPiO3fmOo5N4nc8JKvjwmKtUM0t63uFFPfs69+7mKJ4w3tk2mSN\n" +
			"4gb8J9P9BCXtH6Q78SdOYvdCMspA1X8eERsdLb/jjHs8+gepKqQ6+XwZbSq0vf2B\n" +
			"MtaAB7zTX/Dk+ZxDfwIobShPaB0mYmojE2YAQeRq1gYdwwO1dEGk6E5J2toWPpKY\n" +
			"/IcSYsGKyFqrsmbw0880r1BwRDer4RFrkzp4zvY+kX3eDanlyMqDLPN+ghXT1lv8\n" +
			"snZpbaBDAgMBAAECggEBAIVxmHzjBc11/73bPB2EGaSEg5UhdzZm0wncmZCLB453\n" +
			"XBqEjk8nhDsVfdzIIMSEVEowHijYz1c4pMq9osXR26eHwCp47AI73H5zjowadPVl\n" +
			"uEAot/xgn1IdMN/boURmSj44qiI/DcwYrTdOi2qGA+jD4PwrUl4nsxiJRZ/x7PjL\n" +
			"hMzRbvDxQ4/Q4ThYXwoEGiIBBK/iB3Z5eR7lFa8E5yAaxM2QP9PENBr/OqkGXLWV\n" +
			"qA/YTxs3gAvkUjMhlScOi7PMwRX9HsrAeLKbLuC1KJv1p2THUtZbOHqrAF/uwHaj\n" +
			"ygUblFaa/BTckTN7PKSVIhp7OihbD04bSRrh+nOilcECgYEA/8atV5DmNxFrxF1P\n" +
			"ODDjdJPNb9pzNrDF03TiFBZWS4Q+2JazyLGjZzhg5Vv9RJ7VcIjPAbMy2Cy5BUff\n" +
			"EFE+8ryKVWfdpPxpPYOwHCJSw4Bqqdj0Pmp/xw928ebrnUoCzdkUqYYpRWx0T7YV\n" +
			"RoA9RiBfQiVHhuJBSDPYJPoP34kCgYEA8H9wLE5L8raUn4NYYRuUVMa+1k4Q1N3X\n" +
			"Bixm5cccc/Ja4LVvrnWqmFOmfFgpVd8BcTGaPSsqfA4j/oEQp7tmjZqggVFqiM2m\n" +
			"J2YEv18cY/5kiDUVYR7VWSkpqVOkgiX3lK3UkIngnVMGGFnoIBlfBFF9uo02rZpC\n" +
			"5o5zebaDImsCgYAE9d5wv0+nq7/STBj4NwKCRUeLrsnjOqRriG3GA/TifAsX+jw8\n" +
			"XS2VF+PRLuqHhSkQiKazGr2Wsa9Y6d7qmxjEbmGkbGJBC+AioEYvFX9TaU8oQhvi\n" +
			"hgA6ZRNid58EKuZJBbe/3ek4/nR3A0oAVwZZMNGIH972P7cSZmb/uJXMOQKBgQCs\n" +
			"FaQAL+4sN/TUxrkAkylqF+QJmEZ26l2nrzHZjMWROYNJcsn8/XkaEhD4vGSnazCu\n" +
			"/B0vU6nMppmezF9Mhc112YSrw8QFK5GOc3NGNBoueqMYy1MG8Xcbm1aSMKVv8xba\n" +
			"rh+BZQbxy6x61CpCfaT9hAoA6HaNdeoU6y05lBz1DQKBgAbYiIk56QZHeoZKiZxy\n" +
			"4eicQS0sVKKRb24ZUd+04cNSTfeIuuXZrYJ48Jbr0fzjIM3EfHvLgh9rAZ+aHe/L\n" +
			"84Ig17KiExe+qyYHjut/SC0wODDtzM/jtrpqyYa5JoEpPIaUSgPuTH/WhO3cDsx6\n" +
			"3PIW4/CddNs8mCSBOqTnoaxh\n" +
			"-----END PRIVATE KEY-----";
	}

	private static string loadRsaPublicKeyPem2() { // corrupted
		// this is a sample key - don't worry !
		return "-----BEGIN PUBLIC KEY-----\n" +
			"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EmWJUZ/Osz4vXtUU2S+\n" +
			"0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9\n" +
			"iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT\n" +
			"/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe8\n" +
			"01/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLB\n" +
			"sshaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2g\n" +
			"QwIDAQAB\n" +
			"-----END PUBLIC KEY-----";
	}
	
	private static string loadRsaPublicKeyPem() {
		// this is a sample key - don't worry !
		return "-----BEGIN PUBLIC KEY-----\n" +
			"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EmWJUZ/Osz4vXtUU2S+\n" +
			"0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9\n" +
			"iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT\n" +
			"/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe8\n" +
			"01/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLB\n" +
			"ishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2g\n" +
			"QwIDAQAB\n" +
			"-----END PUBLIC KEY-----";
	}
}

public class PayloadObject
{
	public string sub {get; set;}	
	public long exp {get; set;}
}

​x
 
using System;
using System.Security.Cryptography;
using System.Collections.Generic;
using Jose;
using System.Text.Json;
//using System.Text.Json.Serialization;
​
​
class RrsaSignatureString {
    public static void Main() {
        Console.WriteLine("JWT RSA encryption");
        // https://www.nuget.org/packages/jose-jwt/
        // https://github.com/dvsekhvalnov/jose-jwt
        Console.WriteLine("DateTime Now: " + DateTime.Now);
        Console.WriteLine("DateTime Unix: " + DateTimeOffset.Now.ToUnixTimeSeconds());
        var payloadOrg = new Dictionary<string, object>()
        {
            { "sub", "mr.x@contoso.com" },
            { "exp", 1300819380 }
        };
        var payload = new Dictionary<string, object>()
        {
            { "sub", "mr.x@contoso.com" },
            { "exp", DateTimeOffset.Now.ToUnixTimeSeconds() + 60 } // 60 seconds valid
        };
    
        // getting the public key
        string publicKeyPem = loadRsaPublicKeyPem(); 
        RSA rsaAlg = RSA.Create();
        rsaAlg.ImportFromPem(publicKeyPem);
        
        // JWEHeader header = new JWEHeader(JWEAlgorithm.RSA_OAEP_256, EncryptionMethod.A128GCM);
        string token = Jose.JWT.Encode(payload, rsaAlg, JweAlgorithm.RSA_OAEP_256, JweEncryption.A128GCM);
        
        //var privateKey=new X509Certificate2("my-key.p12", "password", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet).PrivateKey as RSACryptoServiceProvider;
        //string token=Jose.JWT.Encode(payload, privateKey, JwsAlgorithm.RS256);
        //string token=Jose.JWT.Encode(payload, rsaAlg, JwsAlgorithm.RS256);
        Console.WriteLine("payload: " + payload);
        Console.WriteLine("token: " + token);
​
        // verify token
        // token is expired
        //token = "eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4R0NNIn0.uS9ImlYAxAiB0kUM5ZJX3Ji6k5aLcA7XiF5UPS9CQ2QdPHr1wNQUxEeFif4Mg_iPZAILr0NH2jVNX-WzO0JIyTl6fCaI-B7UXrxAOfMsNnNP_waib2LXSWTob01KkGasUYFBqiUbjZcn_lgXljaeo2gtaNViJiTCTDpWBaEcg9q6pKqhbem8Q95IYSr9S1pAOqTRMEB2fMDJNPFcQlikrcqTyXxx5ucTkwaekz3K6pF5MkoHieb1qE8nHsGPSv6thtalmxU3oDmaj9emKNoxj_u5pFIkV_YzIpmXeCF6i4f2wbcN6fUj7Br0aAWevK0NRAn_K6dPgSaZYqXsNUA6Uw.2HmE-u4hlbICEMfw.Tc12sdoqU8EpvdDLFNR7cDnpJ6pdqqiyc7xxUDmXkprVVy-jaMkW5LqK4w.07XnO1nu3m1w_J4EplexAg";
        // token is corrupted
        //token = "eyJhbGciOiJSU0EtT0FFUC0yNTYiLCJlbmMiOiJBMTI4R0NNIn0.uS9ImlYAxAiB0kUM5ZJX3Ji6k5aLcA7XiF5UPS9CQ2QdPHr1wNQUxEeFif4Mg_iPZAILr0NH2jVNX-WzO0JIyTl6fCaI-B7UXrxAOfMsNnNP_waib2LXSWTob01KkGasUYFBqiUbjZcn_lgXljaeo2gtaNViJiTCTDpWBaEcg9q6pKqhbem8Q95IYSr9S1pAOqTRMEB2fMDJNPFcQlikrcqTyXxx5ucTkwaekz3K6pF5MkoHieb1qE8nHsGPSv6thtalmxU3oDmaj9emKNoxj_u5pFIkV_YzIpmXeCF6i4f2wbcN6fUj7Br0aAWevK0NRAn_K6dPgSaZYqXsNUA6Uw.2HmE-u4hlbICEMfw.Tc12sdoqU8EpvdDLFNR7cDnpJ6pdqqiyc7xxUDmXkprVVy-jaMkW5LqK4w.07XnO1nu3m1w_J4EplexBg";
        
        
        // getting the rsa private key
        string privateKeyPem = loadRsaPrivateKeyPem();
        RSA rsaAlgd = RSA.Create();
        byte[] privateKeyByte = getRsaPrivateKeyEncodedFromPem(privateKeyPem);
        int _out;
        rsaAlgd.ImportPkcs8PrivateKey(privateKeyByte, out _out);
        
        string json = "";
        try {
            json = Jose.JWT.Decode(token , rsaAlgd);
            //Console.WriteLine("valid signature");
        } catch(Jose.EncryptionException) {
            Console.WriteLine("payload corrupted");
            // throws: Jose.EncryptionException: Unable to decrypt content or authentication tag do not match.
        }   
        Console.WriteLine("json: " + json);
        // check for expired
        var payloadData = JsonSerializer.Deserialize<PayloadObject>(json);
        long payloadExp = payloadData.exp;
        long dateTimeUnixNow = DateTimeOffset.Now.ToUnixTimeSeconds();
        if (payloadExp < dateTimeUnixNow) {
            Console.WriteLine("payload is expired");
        } else {
            Console.WriteLine("payload is NOT expired");
        }       
    }
​
    public static string rsaSignPssToBase64(string rsaPrivateKey, byte[] data) {
        // getting the rsa private key from xml
        RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(2048);
        RSAalg.PersistKeyInCsp = false;
        RSAalg.FromXmlString(rsaPrivateKey);
        RSAParameters rsaParams = RSAalg.ExportParameters(true);
        RSA RSACng = RSA.Create();
        RSACng.ImportParameters(rsaParams);
        byte[] signature = RSACng.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pss);
        return Base64Encoding(signature);
    }
​
    private static bool rsaVerifySignaturePssFromBase64(string rsaPublicKey, byte[] dataToSign, string signatureBase64) {
        try {
            var signature = Base64Decoding(signatureBase64);
            // getting the rsa public key from xml
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(2048);
            RSAalg.PersistKeyInCsp = false;
            RSAalg.FromXmlString(rsaPublicKey);
            RSAParameters rsaParams = RSAalg.ExportParameters(false);
            RSA RSACng = RSA.Create();
            RSACng.ImportParameters(rsaParams);
            return RSACng.VerifyData(dataToSign, signature, HashAlgorithmName.SHA256, RSASignaturePadding.Pss);
        } catch(CryptographicException e) {
            Console.WriteLine(e.Message);
            return false;
        }
    }
​
    static string Base64Encoding(byte[] input) {
        return Convert.ToBase64String(input);
    }
​
    static byte[] Base64Decoding(String input) {
        return Convert.FromBase64String(input);
    }
​
    private static string loadRsaPrivateKeyXml() {
        return "<RSAKeyValue><Modulus>8EmWJUZ/Osz4vXtUU2S+0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe801/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLBishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2gQw==</Modulus><Exponent>AQAB</Exponent><P>/8atV5DmNxFrxF1PODDjdJPNb9pzNrDF03TiFBZWS4Q+2JazyLGjZzhg5Vv9RJ7VcIjPAbMy2Cy5BUffEFE+8ryKVWfdpPxpPYOwHCJSw4Bqqdj0Pmp/xw928ebrnUoCzdkUqYYpRWx0T7YVRoA9RiBfQiVHhuJBSDPYJPoP34k=</P><Q>8H9wLE5L8raUn4NYYRuUVMa+1k4Q1N3XBixm5cccc/Ja4LVvrnWqmFOmfFgpVd8BcTGaPSsqfA4j/oEQp7tmjZqggVFqiM2mJ2YEv18cY/5kiDUVYR7VWSkpqVOkgiX3lK3UkIngnVMGGFnoIBlfBFF9uo02rZpC5o5zebaDIms=</Q><DP>BPXecL9Pp6u/0kwY+DcCgkVHi67J4zqka4htxgP04nwLF/o8PF0tlRfj0S7qh4UpEIimsxq9lrGvWOne6psYxG5hpGxiQQvgIqBGLxV/U2lPKEIb4oYAOmUTYnefBCrmSQW3v93pOP50dwNKAFcGWTDRiB/e9j+3EmZm/7iVzDk=</DP><DQ>rBWkAC/uLDf01Ma5AJMpahfkCZhGdupdp68x2YzFkTmDSXLJ/P15GhIQ+Lxkp2swrvwdL1OpzKaZnsxfTIXNddmEq8PEBSuRjnNzRjQaLnqjGMtTBvF3G5tWkjClb/MW2q4fgWUG8cusetQqQn2k/YQKAOh2jXXqFOstOZQc9Q0=</DQ><InverseQ>BtiIiTnpBkd6hkqJnHLh6JxBLSxUopFvbhlR37Thw1JN94i65dmtgnjwluvR/OMgzcR8e8uCH2sBn5od78vzgiDXsqITF76rJgeO639ILTA4MO3Mz+O2umrJhrkmgSk8hpRKA+5Mf9aE7dwOzHrc8hbj8J102zyYJIE6pOehrGE=</InverseQ><D>hXGYfOMFzXX/vds8HYQZpISDlSF3NmbTCdyZkIsHjndcGoSOTyeEOxV93MggxIRUSjAeKNjPVzikyr2ixdHbp4fAKnjsAjvcfnOOjBp09WW4QCi3/GCfUh0w39uhRGZKPjiqIj8NzBitN06LaoYD6MPg/CtSXiezGIlFn/Hs+MuEzNFu8PFDj9DhOFhfCgQaIgEEr+IHdnl5HuUVrwTnIBrEzZA/08Q0Gv86qQZctZWoD9hPGzeAC+RSMyGVJw6Ls8zBFf0eysB4spsu4LUom/WnZMdS1ls4eqsAX+7AdqPKBRuUVpr8FNyRM3s8pJUiGns6KFsPThtJGuH6c6KVwQ==</D></RSAKeyValue>";
    }
​
    private static string loadRsaPublicKeyXml2() {
        return "<RSAKeyValue><Modulus>1EmWJUZ/Osz4vXtUU2S+0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe801/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLBishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2gQw==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
    }
    
    private static string loadRsaPublicKeyXml() {
        return "<RSAKeyValue><Modulus>8EmWJUZ/Osz4vXtUU2S+0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe801/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLBishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2gQw==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
    }
    
        private static byte[] getRsaPrivateKeyEncodedFromPem(string rsaPrivateKeyPem) {
        string rsaPrivateKeyHeaderPem = "-----BEGIN PRIVATE KEY-----\n";
        string rsaPrivateKeyFooterPem = "-----END PRIVATE KEY-----";
        string rsaPrivateKeyDataPem = rsaPrivateKeyPem.Replace(rsaPrivateKeyHeaderPem, "").Replace(rsaPrivateKeyFooterPem, "").Replace("\n", "");
        return Base64Decoding(rsaPrivateKeyDataPem);
    }
​
    private static string loadRsaPrivateKeyPem() {
        // this is a sample key - don't worry !
        return "-----BEGIN PRIVATE KEY-----\n" +
            "MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDwSZYlRn86zPi9\n" +
            "e1RTZL7QzgE/36zjbeCMyOhf6o/WIKeVxFwVbG2FAY3YJZIxnBH+9j1XS6f+ewjG\n" +
            "FlJY4f2IrOpS1kPiO3fmOo5N4nc8JKvjwmKtUM0t63uFFPfs69+7mKJ4w3tk2mSN\n" +
            "4gb8J9P9BCXtH6Q78SdOYvdCMspA1X8eERsdLb/jjHs8+gepKqQ6+XwZbSq0vf2B\n" +
            "MtaAB7zTX/Dk+ZxDfwIobShPaB0mYmojE2YAQeRq1gYdwwO1dEGk6E5J2toWPpKY\n" +
            "/IcSYsGKyFqrsmbw0880r1BwRDer4RFrkzp4zvY+kX3eDanlyMqDLPN+ghXT1lv8\n" +
            "snZpbaBDAgMBAAECggEBAIVxmHzjBc11/73bPB2EGaSEg5UhdzZm0wncmZCLB453\n" +
            "XBqEjk8nhDsVfdzIIMSEVEowHijYz1c4pMq9osXR26eHwCp47AI73H5zjowadPVl\n" +
            "uEAot/xgn1IdMN/boURmSj44qiI/DcwYrTdOi2qGA+jD4PwrUl4nsxiJRZ/x7PjL\n" +
            "hMzRbvDxQ4/Q4ThYXwoEGiIBBK/iB3Z5eR7lFa8E5yAaxM2QP9PENBr/OqkGXLWV\n" +
            "qA/YTxs3gAvkUjMhlScOi7PMwRX9HsrAeLKbLuC1KJv1p2THUtZbOHqrAF/uwHaj\n" +
            "ygUblFaa/BTckTN7PKSVIhp7OihbD04bSRrh+nOilcECgYEA/8atV5DmNxFrxF1P\n" +
            "ODDjdJPNb9pzNrDF03TiFBZWS4Q+2JazyLGjZzhg5Vv9RJ7VcIjPAbMy2Cy5BUff\n" +
            "EFE+8ryKVWfdpPxpPYOwHCJSw4Bqqdj0Pmp/xw928ebrnUoCzdkUqYYpRWx0T7YV\n" +
            "RoA9RiBfQiVHhuJBSDPYJPoP34kCgYEA8H9wLE5L8raUn4NYYRuUVMa+1k4Q1N3X\n" +
            "Bixm5cccc/Ja4LVvrnWqmFOmfFgpVd8BcTGaPSsqfA4j/oEQp7tmjZqggVFqiM2m\n" +
            "J2YEv18cY/5kiDUVYR7VWSkpqVOkgiX3lK3UkIngnVMGGFnoIBlfBFF9uo02rZpC\n" +
            "5o5zebaDImsCgYAE9d5wv0+nq7/STBj4NwKCRUeLrsnjOqRriG3GA/TifAsX+jw8\n" +
            "XS2VF+PRLuqHhSkQiKazGr2Wsa9Y6d7qmxjEbmGkbGJBC+AioEYvFX9TaU8oQhvi\n" +
            "hgA6ZRNid58EKuZJBbe/3ek4/nR3A0oAVwZZMNGIH972P7cSZmb/uJXMOQKBgQCs\n" +
            "FaQAL+4sN/TUxrkAkylqF+QJmEZ26l2nrzHZjMWROYNJcsn8/XkaEhD4vGSnazCu\n" +
            "/B0vU6nMppmezF9Mhc112YSrw8QFK5GOc3NGNBoueqMYy1MG8Xcbm1aSMKVv8xba\n" +
            "rh+BZQbxy6x61CpCfaT9hAoA6HaNdeoU6y05lBz1DQKBgAbYiIk56QZHeoZKiZxy\n" +
            "4eicQS0sVKKRb24ZUd+04cNSTfeIuuXZrYJ48Jbr0fzjIM3EfHvLgh9rAZ+aHe/L\n" +
            "84Ig17KiExe+qyYHjut/SC0wODDtzM/jtrpqyYa5JoEpPIaUSgPuTH/WhO3cDsx6\n" +
            "3PIW4/CddNs8mCSBOqTnoaxh\n" +
            "-----END PRIVATE KEY-----";
    }
​
    private static string loadRsaPublicKeyPem2() { // corrupted
        // this is a sample key - don't worry !
        return "-----BEGIN PUBLIC KEY-----\n" +
            "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EmWJUZ/Osz4vXtUU2S+\n" +
            "0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9\n" +
            "iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT\n" +
            "/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe8\n" +
            "01/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLB\n" +
            "sshaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2g\n" +
            "QwIDAQAB\n" +
            "-----END PUBLIC KEY-----";
    }
    
    private static string loadRsaPublicKeyPem() {
        // this is a sample key - don't worry !
        return "-----BEGIN PUBLIC KEY-----\n" +
            "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EmWJUZ/Osz4vXtUU2S+\n" +
            "0M4BP9+s423gjMjoX+qP1iCnlcRcFWxthQGN2CWSMZwR/vY9V0un/nsIxhZSWOH9\n" +
            "iKzqUtZD4jt35jqOTeJ3PCSr48JirVDNLet7hRT37Ovfu5iieMN7ZNpkjeIG/CfT\n" +
            "/QQl7R+kO/EnTmL3QjLKQNV/HhEbHS2/44x7PPoHqSqkOvl8GW0qtL39gTLWgAe8\n" +
            "01/w5PmcQ38CKG0oT2gdJmJqIxNmAEHkatYGHcMDtXRBpOhOSdraFj6SmPyHEmLB\n" +
            "ishaq7Jm8NPPNK9QcEQ3q+ERa5M6eM72PpF93g2p5cjKgyzzfoIV09Zb/LJ2aW2g\n" +
            "QwIDAQAB\n" +
            "-----END PUBLIC KEY-----";
    }
}
​
public class PayloadObject
{
    public string sub {get; set;}   
    public long exp {get; set;}
}   
​

Last Run:	5:33:13 pm
Compile:	0.158s
Execute:	0.002s
Memory:	0b
CPU:	0s

View IL Code