-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathKeystoreKey.go
67 lines (51 loc) · 1.57 KB
/
KeystoreKey.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
package keycloak
import (
"crypto/rsa"
"encoding/base64"
"math/big"
)
// see: https://github.com/MicahParks/keyfunc/blob/846f636e1ec4589ebd0a506dbe1e3ba839b3cae7/rsa.go
type KeystoreKey struct {
KeyId string `json:"kid"`
KeyType string `json:"kty"`
Algorithm string `json:"alg"`
Use string `json:"use"`
RSAModulus string `json:"n"`
RSAPublicExponent string `json:"e"`
X509CertificateChain []string `json:"x5c"`
X509CertificateThumbprint string `json:"x5t"`
X509CertificateSHA256Thumbprint string `json:"x5t#S256"`
}
func (keystoreKey *KeystoreKey) GetRSAPublicKey() (*rsa.PublicKey, error) {
exponent, err := decodeRSAExponent(keystoreKey.RSAPublicExponent)
if nil != err {
return nil, err
}
modulus, err := decodeRSAModulus(keystoreKey.RSAModulus)
if nil != err {
return nil, err
}
rsaPublicKey := &rsa.PublicKey{
N: modulus,
E: exponent,
}
return rsaPublicKey, nil
}
func decodeRSAExponent(codedExponent string) (int, error) {
// This is a really common one
if "AQAB" == codedExponent {
return 65537, nil
}
exponent, err := base64.RawURLEncoding.DecodeString(codedExponent)
if nil != err {
return 0, err
}
return int(big.NewInt(0).SetBytes(exponent).Uint64()), nil
}
func decodeRSAModulus(codedModulus string) (*big.Int, error) {
modulus, err := base64.RawURLEncoding.DecodeString(codedModulus)
if nil != err {
return nil, err
}
return big.NewInt(0).SetBytes(modulus), nil
}