forked from ebhomengo/niki
1
0
Fork 0
niki/vendor/github.com/golang-jwt/jwt/v5/ecdsa.go

213 lines
3.4 KiB
Go
Raw Normal View History

2024-02-18 10:42:21 +00:00
package jwt
import (
"crypto"
"crypto/ecdsa"
"crypto/rand"
"errors"
"math/big"
)
var (
2024-02-18 10:42:21 +00:00
// Sadly this is missing from crypto/ecdsa compared to crypto/rsa
2024-02-18 10:42:21 +00:00
ErrECDSAVerification = errors.New("crypto/ecdsa: verification error")
)
// SigningMethodECDSA implements the ECDSA family of signing methods.
2024-02-18 10:42:21 +00:00
// Expects *ecdsa.PrivateKey for signing and *ecdsa.PublicKey for verification
2024-02-18 10:42:21 +00:00
type SigningMethodECDSA struct {
Name string
Hash crypto.Hash
KeySize int
2024-02-18 10:42:21 +00:00
CurveBits int
}
// Specific instances for EC256 and company
2024-02-18 10:42:21 +00:00
var (
SigningMethodES256 *SigningMethodECDSA
2024-02-18 10:42:21 +00:00
SigningMethodES384 *SigningMethodECDSA
2024-02-18 10:42:21 +00:00
SigningMethodES512 *SigningMethodECDSA
)
func init() {
2024-02-18 10:42:21 +00:00
// ES256
2024-02-18 10:42:21 +00:00
SigningMethodES256 = &SigningMethodECDSA{"ES256", crypto.SHA256, 32, 256}
2024-02-18 10:42:21 +00:00
RegisterSigningMethod(SigningMethodES256.Alg(), func() SigningMethod {
2024-02-18 10:42:21 +00:00
return SigningMethodES256
2024-02-18 10:42:21 +00:00
})
// ES384
2024-02-18 10:42:21 +00:00
SigningMethodES384 = &SigningMethodECDSA{"ES384", crypto.SHA384, 48, 384}
2024-02-18 10:42:21 +00:00
RegisterSigningMethod(SigningMethodES384.Alg(), func() SigningMethod {
2024-02-18 10:42:21 +00:00
return SigningMethodES384
2024-02-18 10:42:21 +00:00
})
// ES512
2024-02-18 10:42:21 +00:00
SigningMethodES512 = &SigningMethodECDSA{"ES512", crypto.SHA512, 66, 521}
2024-02-18 10:42:21 +00:00
RegisterSigningMethod(SigningMethodES512.Alg(), func() SigningMethod {
2024-02-18 10:42:21 +00:00
return SigningMethodES512
2024-02-18 10:42:21 +00:00
})
2024-02-18 10:42:21 +00:00
}
func (m *SigningMethodECDSA) Alg() string {
2024-02-18 10:42:21 +00:00
return m.Name
2024-02-18 10:42:21 +00:00
}
// Verify implements token verification for the SigningMethod.
2024-02-18 10:42:21 +00:00
// For this verify method, key must be an ecdsa.PublicKey struct
2024-02-18 10:42:21 +00:00
func (m *SigningMethodECDSA) Verify(signingString string, sig []byte, key interface{}) error {
2024-02-18 10:42:21 +00:00
// Get the key
2024-02-18 10:42:21 +00:00
var ecdsaKey *ecdsa.PublicKey
2024-02-18 10:42:21 +00:00
switch k := key.(type) {
2024-02-18 10:42:21 +00:00
case *ecdsa.PublicKey:
2024-02-18 10:42:21 +00:00
ecdsaKey = k
2024-02-18 10:42:21 +00:00
default:
2024-02-18 10:42:21 +00:00
return ErrInvalidKeyType
2024-02-18 10:42:21 +00:00
}
if len(sig) != 2*m.KeySize {
2024-02-18 10:42:21 +00:00
return ErrECDSAVerification
2024-02-18 10:42:21 +00:00
}
r := big.NewInt(0).SetBytes(sig[:m.KeySize])
2024-02-18 10:42:21 +00:00
s := big.NewInt(0).SetBytes(sig[m.KeySize:])
// Create hasher
2024-02-18 10:42:21 +00:00
if !m.Hash.Available() {
2024-02-18 10:42:21 +00:00
return ErrHashUnavailable
2024-02-18 10:42:21 +00:00
}
2024-02-18 10:42:21 +00:00
hasher := m.Hash.New()
2024-02-18 10:42:21 +00:00
hasher.Write([]byte(signingString))
// Verify the signature
2024-02-18 10:42:21 +00:00
if verifystatus := ecdsa.Verify(ecdsaKey, hasher.Sum(nil), r, s); verifystatus {
2024-02-18 10:42:21 +00:00
return nil
2024-02-18 10:42:21 +00:00
}
return ErrECDSAVerification
2024-02-18 10:42:21 +00:00
}
// Sign implements token signing for the SigningMethod.
2024-02-18 10:42:21 +00:00
// For this signing method, key must be an ecdsa.PrivateKey struct
2024-02-18 10:42:21 +00:00
func (m *SigningMethodECDSA) Sign(signingString string, key interface{}) ([]byte, error) {
2024-02-18 10:42:21 +00:00
// Get the key
2024-02-18 10:42:21 +00:00
var ecdsaKey *ecdsa.PrivateKey
2024-02-18 10:42:21 +00:00
switch k := key.(type) {
2024-02-18 10:42:21 +00:00
case *ecdsa.PrivateKey:
2024-02-18 10:42:21 +00:00
ecdsaKey = k
2024-02-18 10:42:21 +00:00
default:
2024-02-18 10:42:21 +00:00
return nil, ErrInvalidKeyType
2024-02-18 10:42:21 +00:00
}
// Create the hasher
2024-02-18 10:42:21 +00:00
if !m.Hash.Available() {
2024-02-18 10:42:21 +00:00
return nil, ErrHashUnavailable
2024-02-18 10:42:21 +00:00
}
hasher := m.Hash.New()
2024-02-18 10:42:21 +00:00
hasher.Write([]byte(signingString))
// Sign the string and return r, s
2024-02-18 10:42:21 +00:00
if r, s, err := ecdsa.Sign(rand.Reader, ecdsaKey, hasher.Sum(nil)); err == nil {
2024-02-18 10:42:21 +00:00
curveBits := ecdsaKey.Curve.Params().BitSize
if m.CurveBits != curveBits {
2024-02-18 10:42:21 +00:00
return nil, ErrInvalidKey
2024-02-18 10:42:21 +00:00
}
keyBytes := curveBits / 8
2024-02-18 10:42:21 +00:00
if curveBits%8 > 0 {
2024-02-18 10:42:21 +00:00
keyBytes += 1
2024-02-18 10:42:21 +00:00
}
// We serialize the outputs (r and s) into big-endian byte arrays
2024-02-18 10:42:21 +00:00
// padded with zeros on the left to make sure the sizes work out.
2024-02-18 10:42:21 +00:00
// Output must be 2*keyBytes long.
2024-02-18 10:42:21 +00:00
out := make([]byte, 2*keyBytes)
2024-02-18 10:42:21 +00:00
r.FillBytes(out[0:keyBytes]) // r is assigned to the first half of output.
s.FillBytes(out[keyBytes:]) // s is assigned to the second half of output.
2024-02-18 10:42:21 +00:00
return out, nil
2024-02-18 10:42:21 +00:00
} else {
2024-02-18 10:42:21 +00:00
return nil, err
2024-02-18 10:42:21 +00:00
}
2024-02-18 10:42:21 +00:00
}