亚洲在线久爱草,狠狠天天香蕉网,天天搞日日干久草,伊人亚洲日本欧美

為了賬號安全,請及時綁定郵箱和手機立即綁定
已解決430363個問題,去搜搜看,總會有你想問的

將 JSON 公鑰/私鑰對轉換為 rsa.PrivateKey 和 rsa.PublicKey

將 JSON 公鑰/私鑰對轉換為 rsa.PrivateKey 和 rsa.PublicKey

Go
牛魔王的故事 2022-07-11 17:26:28
正如標題所說,我有一個基于https://mkjwk.org/生成的 JSON 文件,現在我想使用生成的值來簽署 JWT。我將為多個“客戶”執行此操作,每個“客戶”都有自己的簽名。然后將根據一組包含不同“客戶端”的公鑰的 JWKS 來驗證這些。但是,我很難理解如何使用生成的 JSON 值。我知道我可以直接使用crypto/rsa模塊生成一個 priv/pub 密鑰。我還看到了將 ppk 作為 X509 格式的輸入給出的示例,盡管我試圖盡可能避免它(我想我只是很挑剔,因為我更喜歡能夠讀取文件的內容而不是看到隨機字符..)從我完成的多個示例和大量搜索中,我還沒有看到執行獲取 json 文件和生成 rsa.privateKey 的過程的示例。我也在使用jwt-goandjwx模塊來處理其余的用例,但是這個正在逃避我..那么,我錯過了什么?我怎樣才能從像下面這樣的 JSON 轉到一個rsa.PrivateKey?{    "p": "vQXloZI9y5..._PPE6m05J-VqhIF6-FQjvwc",    "kty": "RSA",    "q": "u1OqnCCLyEZDMoSfK...SfcIGNSd90PEcPs",    "d": "eoAj0Z0PkK3A0pc5t...9Q8iqGntoxMVARBtQ",    "e": "AQAB",    "use": "sig",    "kid": "r9cuFC3...HiAc7VhSME",    "qi": "upOjfCF_na...H4a7Bs2pWGoS6w5mcqXU",    "dp": "HKGzCclEEP...GdofDVR5Yas",    "alg": "RS256",    "dq": "PDyRNhc5G7OMVChVTm61kn2ShRFTe...BLytOxGBm5ntJv4V0HRBU",    "n": "ilEVn6tSuh7-tZBV8qXmlvzWDE5jTS...sNH8-wPf6gKCuZzEyyS2AyZE8S4NzqoFkaepVpdoOPtb3Q"}
查看完整描述

1 回答

?
手掌心

TA貢獻1942條經驗 獲得超3個贊

jwx包具有解析 JWK 的功能:


func ParseString(s string)


你可以像這樣使用它來解析 JWK,并使用密鑰對 JWT 進行簽名和驗證(更多細節請關注代碼注釋):


package main


import(

  "log"

  "github.com/lestrrat-go/jwx/jwk"

  "github.com/lestrrat-go/jwx/jws"

  "github.com/lestrrat-go/jwx/jwa"

)


func main() {


  // Here's an example of a JWK, containing a public and private RSA Keypair

  var keysJWK = `{

    "keys": [

        {

            "p": "59pSssPVWNBMd1dFBhkSx0P6uo3b3WC2MOitj7UI-9VS9gKPbPsqtDJSPdbRjK7JWXarFt_h4aPf9NPFLieu1k22jp3ProCH87geazJ8tNtV_SpaUtWQFZ-dvgGrIM-3MLf_fG7Tq5sV5R0vA9wg_INkYJ2uX5EdmVyHhxvh0eM",

            "kty": "RSA",

            "q": "jeofLDkteXfWcpif3JmX3xv8S6jWX2Axrwe9tLkWzlgxYDWvXExxD0sc4XfbVbSrqTkAdW48DYL_wcziFLYHxOYv2stqWvElF9CqdKJJrQAc7Z_qKXpWckDYZBJAO9W2WGXTBfdJfw_KQPHHTbY90ngdxMXuiwYbfbFY4H_XDM0",

            "d": "Qrx8U40tLhsy4tdnKuEmjlGF-VkB6F_DawLXwuZ2a5ZS7cwFUDRHNz9Jbl9MxvNcNMSMGaAN8lxTSDlpfT0jDqKF6lel88rUtCnN6h1FNdkD5TjkbWs-dfhftDFc1Sy8RdWPZ8LiTo0TbZaf3rPvdLw_S9FE-itnKV_1il572rT-1PvlyrPctnREQCKL5wArD4eYHwRjfVm-KvlIvo9rLj4NYzATBAAwh6PsEnSganEf1ErOvFH8qhrVqsy2kevLsFbCA0hIfoDNhL7hxlaMSJTJie3V2Ie0Kb7j_L2LsQXka3kshO1T6re-d-nGgaRp7b0buUtwS6aTax0H2cZuOQ",

            "e": "AQAB",

            "use": "sig",

            "kid": "223",

            "qi": "moGHNM3TFLeSQeM6V4izMcK6wwapSwo67r7DXk7vK_2FaSUQtijwQCHFx3nrhbQAVdwFt7pSYlmlFPlaAXixrBBNtNULnR7z6-WrRuWgqoL9LN8xARB42l94HmiOL0pp8ORyw2W338k3LHuzUy1NKZrL6a8zPIkva_Z5hFULhQE",

            "dp": "TcUm3j3gL3VXYOSOC5iXeu2ria4R5PUOx-MUbNLd25NXy5taPsUVMvJ6MbIAAj-S3IZ4pyib3RMaCUaLqoq3E71nkfkPc8o7UB4fXffGaufztQLi30wxk39B6z0mCNCD8zyU30lRiQtxUbPzVEkfa3QrVFkv53CGzC2EbGaG3d8",

            "alg": "RS256",

            "dq": "L1emNJOShw4iXTJrSiV3E7f7T6YwdbraeECF2c9RO18Sgb0HFixuHyL4rILWid3u0lIww_wVTpCgD5_w3-Xl65q65iur_FCsBijXZHdrSqpZ_C-350RnqE_XoHKyOQPPg-fcIQZg32F-IHJIAbXFI_xsOeOp83kDHMhYFPSw4hU",

            "n": "gIdJV4qWKyt3wkS66yBG5Ii9ew-eofuPU49TjlRIU5Iu5jX2mRMoHdcI7V78iKYSQHKYxz17cqzQyERxKnEiDgy_gwouStRgvPdm3H4rq__7p0t15SunsG2T1rEVf0sZEDnQ5qRkm7iqs6ZG1NqqIUtnOTd1Pd1MhbEqeENFtaPHvN37eZL82WmsQlJviFH4I9iZQVR_QT4GREQlRro8IjJTaloUyeDQTOQ-4ll1-4-g_ug2tZ-s9xleLzl5L9ZKSVJFhtMLn8WGaVldagarwa7kMLfuiVe8B5Lr7poQa4NCAR54ECPWoOHrABdPZKrkkxjVypTXUzL5cPzmzFC2xw"

        }

    ]

  }`


  // Parse the JWK to a set of keys

  setOfKeys, err := jwk.ParseString(keysJWK )

  if err != nil {

    log.Printf("failed to parse JWK: %s", err)

    return

  }

  

  // extract the private key from the set, index 0 because w only have one key

  rsaPrivatekey, success := setOfKeys.Get(0)

  if !success {

        log.Printf("could not find key at given index")

        return

  }

  

  // sign a token with the private key

  token, err := jws.Sign([]byte(`{"userId":1}`), jwa.RS256, rsaPrivatekey)

  if err != nil {

    log.Printf("failed to created JWS message: %s", err)

    return

  }


  // show the signed token

  log.Printf("Token! -> %s", token)


  // get a public key from a private key

  rsaPublicKey, err := jwk.PublicKeyOf(rsaPrivatekey)

  if err != nil {

    log.Printf("failed created public key from private key: %s", err)

    return

  }


  // verify the token that we created above with the public key

  payload, err := jws.Verify(token, jwa.RS256, rsaPublicKey)

  if err != nil {

    log.Printf("failed to verify message: %s", err)

    return

  }

  

  // show the payload of the verified token

  log.Printf("signature verified! Payload -> %s", payload)

 

}


查看完整回答
反對 回復 2022-07-11
  • 1 回答
  • 0 關注
  • 322 瀏覽
慕課專欄
更多

添加回答

舉報

0/150
提交
取消
微信客服

購課補貼
聯系客服咨詢優惠詳情

 幫助反饋 APP下載

慕課網APP
您的移動學習伙伴

 公眾號

掃描二維碼
關注慕課網微信公眾號