You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
EC Keys in X509 certs came up in DuendeSoftware/Support#1154, and I'm curious if the situation has improved since we originally implemented the key manager. Or possibly, can we use Microsoft.IdentityModel.Tokens.ECDsaSecurityKey instead of Microsoft.IdentityModel.Tokens.X509SecurityKey?
Alternatively, is there some other helper we could build that would make dealing with EC keys more pleasant?
Here's a bit of code from the KeyManager.cs that comments on the issue:
else if (alg.IsEcKey)
{
var ec = CryptoHelper.CreateECDsaSecurityKey(CryptoHelper.GetCurveNameFromSigningAlgorithm(alg.Name));
// X509 certs don't currently work with EC keys.
container = //_options.KeyManagement.WrapKeysInX509Certificate ? //new X509KeyContainer(ec, alg, now, _options.KeyManagement.KeyRetirementAge, iss) :
(KeyContainer) new EcKeyContainer(ec, alg.Name, now);
}
The text was updated successfully, but these errors were encountered:
EC Keys in X509 certs came up in DuendeSoftware/Support#1154, and I'm curious if the situation has improved since we originally implemented the key manager. Or possibly, can we use Microsoft.IdentityModel.Tokens.ECDsaSecurityKey instead of Microsoft.IdentityModel.Tokens.X509SecurityKey?
Alternatively, is there some other helper we could build that would make dealing with EC keys more pleasant?
Here's a bit of code from the KeyManager.cs that comments on the issue:
The text was updated successfully, but these errors were encountered: