我正在尝试使用HTTP / 2 APNS发送Apple推送通知。为此,我需要使用证书和加密。我创建JWT令牌的代码:
private string CreateJwtToken()
{
var header = JsonHelper.Serialize(new { alg = "ES256", kid = p8privateKeyId });
var payload = JsonHelper.Serialize(new { iss = teamId, iat = ToEpoch(DateTime.UtcNow) });
var key = CngKey.Import(Convert.FromBase64String(p8privateKey), CngKeyBlobFormat.Pkcs8PrivateBlob);
using (var dsa = new ECDsaCng(key))
{
dsa.HashAlgorithm = CngAlgorithm.Sha256;
var headerBase64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(header));
var payloadBasae64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(payload));
var unsignedJwtData = $"{headerBase64}.{payloadBasae64}";
var signature = dsa.SignData(Encoding.UTF8.GetBytes(unsignedJwtData));
return $"{unsignedJwtData}.{Convert.ToBase64String(signature)}";
}
}
尽管这在Windows上运行良好,但Linux和MacOS不支持
CngKey.Import。如何重写此代码以使其跨平台? 最佳答案
从.NET Core 3.0开始,所有AsymmetricAlgorithm类型都支持PKCS#8密钥导入。
private string CreateJwtToken()
{
var header = ...;
var payload = ...;
using (ECDsa key = ECDsa.Create())
{
key.ImportPkcs8PrivateKey(Convert.FromBase64String(p8privateKey), out _);
string headerBase64 = ...;
string payloadBase64 = ...;
string unsignedJwtData = ...;
byte[] encodedRequest = Encoding.UTF8.GetBytes(unsignedJwtData);
byte[] signature = key.SignData(encodedRequest, HashAlgorithmName.SHA256);
return $"{unsignedJwtData}.{Convert.ToBase64String(signature)}";
}
}