Dotnetcore: RSA from X509Certificate2?

[clocklear]

Apologies if this is an idiotic question, and it may not even be an issue per se, but maybe someone else will learn from this as well.

I'm using core and trying to decode a JWT token utilizing a RS256 public key stored inside a certificate file. I've read the cert into a X509Certificate2, but I'm not really sure how to convert that to requisite RSA type for the Jose.JWT.Decode method. In standard .NET, it appears that you can massage a X509Certificate2 into a RSACryptoServiceProvider and utilize that for decoding, but I'm not really sure where to go from where I am.

Any insight?

Here's what I'm trying (paraphrased a bit)

var byte[] keyContents;  //this is set somewhere else
var string token; //this is also set somewhere else
var cert = X509Certificate2(keyContents, "", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
var derp = Jose.JWT.Decode(token, cert.PublicKey);  // this blows up because PublicKey is not a RSA

[clocklear]

Disregard, I found my solution:

System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPublicKey()

var byte[] keyContents;  //this is set somewhere else
var string token; //this is also set somewhere else
var cert = X509Certificate2(keyContents, "", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet);
var rsa = System.Security.Cryptography.X509Certificates.RSACertificateExtensions.GetRSAPublicKey(cert);
var derp = Jose.JWT.Decode(token, rsa);  // this actually works now

[dvsekhvalnov]

It is actually in examples on the doc page :) Glad it working finally !