Home Explore Help
Sign In
torabkheslat
/
ZiCloud-API
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 6c04530963
Branches Tags
ZiCloud-API
/
vendor
/
github.com
/
dgrijalva
/
jwt-go
/
rsa.go

rsa.go 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101 
  1. package jwt
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto"
    5. 

  5. 	"crypto/rand"
    6. 

  6. 	"crypto/rsa"
    7. 

  7. )
    8. 

  8. 

  9. // Implements the RSA family of signing methods signing methods
    10. 

  10. // Expects *rsa.PrivateKey for signing and *rsa.PublicKey for validation
    11. 

  11. type SigningMethodRSA struct {
    12. 

  12. 	Name string
    13. 

  13. 	Hash crypto.Hash
    14. 

  14. }
    15. 

  15. 

  16. // Specific instances for RS256 and company
    17. 

  17. var (
    18. 

  18. 	SigningMethodRS256 *SigningMethodRSA
    19. 

  19. 	SigningMethodRS384 *SigningMethodRSA
    20. 

  20. 	SigningMethodRS512 *SigningMethodRSA
    21. 

  21. )
    22. 

  22. 

  23. func init() {
    24. 

  24. 	// RS256
    25. 

  25. 	SigningMethodRS256 = &SigningMethodRSA{"RS256", crypto.SHA256}
    26. 

  26. 	RegisterSigningMethod(SigningMethodRS256.Alg(), func() SigningMethod {
    27. 

  27. 		return SigningMethodRS256
    28. 

  28. 	})
    29. 

  29. 

  30. 	// RS384
    31. 

  31. 	SigningMethodRS384 = &SigningMethodRSA{"RS384", crypto.SHA384}
    32. 

  32. 	RegisterSigningMethod(SigningMethodRS384.Alg(), func() SigningMethod {
    33. 

  33. 		return SigningMethodRS384
    34. 

  34. 	})
    35. 

  35. 

  36. 	// RS512
    37. 

  37. 	SigningMethodRS512 = &SigningMethodRSA{"RS512", crypto.SHA512}
    38. 

  38. 	RegisterSigningMethod(SigningMethodRS512.Alg(), func() SigningMethod {
    39. 

  39. 		return SigningMethodRS512
    40. 

  40. 	})
    41. 

  41. }
    42. 

  42. 

  43. func (m *SigningMethodRSA) Alg() string {
    44. 

  44. 	return m.Name
    45. 

  45. }
    46. 

  46. 

  47. // Implements the Verify method from SigningMethod
    48. 

  48. // For this signing method, must be an *rsa.PublicKey structure.
    49. 

  49. func (m *SigningMethodRSA) Verify(signingString, signature string, key interface{}) error {
    50. 

  50. 	var err error
    51. 

  51. 

  52. 	// Decode the signature
    53. 

  53. 	var sig []byte
    54. 

  54. 	if sig, err = DecodeSegment(signature); err != nil {
    55. 

  55. 		return err
    56. 

  56. 	}
    57. 

  57. 

  58. 	var rsaKey *rsa.PublicKey
    59. 

  59. 	var ok bool
    60. 

  60. 

  61. 	if rsaKey, ok = key.(*rsa.PublicKey); !ok {
    62. 

  62. 		return ErrInvalidKeyType
    63. 

  63. 	}
    64. 

  64. 

  65. 	// Create hasher
    66. 

  66. 	if !m.Hash.Available() {
    67. 

  67. 		return ErrHashUnavailable
    68. 

  68. 	}
    69. 

  69. 	hasher := m.Hash.New()
    70. 

  70. 	hasher.Write([]byte(signingString))
    71. 

  71. 

  72. 	// Verify the signature
    73. 

  73. 	return rsa.VerifyPKCS1v15(rsaKey, m.Hash, hasher.Sum(nil), sig)
    74. 

  74. }
    75. 

  75. 

  76. // Implements the Sign method from SigningMethod
    77. 

  77. // For this signing method, must be an *rsa.PrivateKey structure.
    78. 

  78. func (m *SigningMethodRSA) Sign(signingString string, key interface{}) (string, error) {
    79. 

  79. 	var rsaKey *rsa.PrivateKey
    80. 

  80. 	var ok bool
    81. 

  81. 

  82. 	// Validate type of key
    83. 

  83. 	if rsaKey, ok = key.(*rsa.PrivateKey); !ok {
    84. 

  84. 		return "", ErrInvalidKey
    85. 

  85. 	}
    86. 

  86. 

  87. 	// Create the hasher
    88. 

  88. 	if !m.Hash.Available() {
    89. 

  89. 		return "", ErrHashUnavailable
    90. 

  90. 	}
    91. 

  91. 

  92. 	hasher := m.Hash.New()
    93. 

  93. 	hasher.Write([]byte(signingString))
    94. 

  94. 

  95. 	// Sign the string and return the encoded bytes
    96. 

  96. 	if sigBytes, err := rsa.SignPKCS1v15(rand.Reader, rsaKey, m.Hash, hasher.Sum(nil)); err == nil {
    97. 

  97. 		return EncodeSegment(sigBytes), nil
    98. 

  98. 	} else {
    99. 

  99. 		return "", err
    100. 

  100. 	}
    101. 

  101. }
    102.