forked from MicahParks/keyfunc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrsa.go
43 lines (36 loc) · 1.04 KB
/
rsa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
package keyfunc
import (
"crypto/rsa"
"fmt"
"math/big"
)
const (
// ktyRSA is the key type (kty) in the JWT header for RSA.
ktyRSA = "RSA"
)
// RSA parses a jsonWebKey and turns it into an RSA public key.
func (j *JsonWebKey) RSA() (publicKey *rsa.PublicKey, err error) {
if j.Exponent == "" || j.Modulus == "" {
return nil, fmt.Errorf("%w: %s", ErrMissingAssets, ktyRSA)
}
// Decode the exponent from Base64.
//
// According to RFC 7518, this is a Base64 URL unsigned integer.
// https://tools.ietf.org/html/rfc7518#section-6.3
exponent, err := base64urlTrailingPadding(j.Exponent)
if err != nil {
return nil, err
}
modulus, err := base64urlTrailingPadding(j.Modulus)
if err != nil {
return nil, err
}
publicKey = &rsa.PublicKey{}
// Turn the exponent into an integer.
//
// According to RFC 7517, these numbers are in big-endian format.
// https://tools.ietf.org/html/rfc7517#appendix-A.1
publicKey.E = int(big.NewInt(0).SetBytes(exponent).Uint64())
publicKey.N = big.NewInt(0).SetBytes(modulus)
return publicKey, nil
}