Last active
August 29, 2015 14:10
-
-
Save geoah/525b9cc76121ba3e29f8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"crypto/sha256" | |
"encoding/hex" | |
"encoding/json" | |
"fmt" | |
"github.com/docker/libtrust" | |
) | |
// Create a thumbprint accoring to draft 31 of JWK Thumbprint | |
// https://datatracker.ietf.org/doc/draft-jones-jose-jwk-thumbprint/ | |
func makeThumbprint(rsaKey libtrust.PrivateKey) string { | |
// TODO This is a very ungly hack. | |
// libtrust.PrivateKey.toMap() is not public | |
// libtrust.util.joseBase64UrlEncode() etc are not public. | |
// So didn't really find a way to get them out of the object! :/ | |
// Convert the rsaKey to JSON | |
privateJWKJSON, _ := json.MarshalIndent(rsaKey, "", "") | |
// And then back to a map | |
var data interface{} | |
json.Unmarshal(privateJWKJSON, &data) | |
privateJWKMap := data.(map[string]interface{}) | |
// Now we just create a new map and push only what we need. | |
jwkSimple := make(map[string]interface{}) | |
jwkSimple["e"] = privateJWKMap["e"] | |
jwkSimple["kty"] = privateJWKMap["kty"] | |
jwkSimple["n"] = privateJWKMap["n"] | |
// Marshal it into a json as required by JKT | |
jwkJsonString, _ := json.Marshal(jwkSimple) | |
// Finally SHA256 it, encode in HEX and return it | |
hash := sha256.New() | |
hash.Write(jwkJsonString) | |
thumbprint := hash.Sum(nil) | |
jwtHex := hex.EncodeToString(thumbprint) | |
return jwtHex | |
} | |
func main() { | |
// Generate RSA 2048 Key | |
fmt.Printf("Generating RSA 2048-bit Key") | |
rsaKey, _ := libtrust.GenerateRSA2048PrivateKey() | |
// Create JWK for Private Key | |
privateJWKJSON, _ := json.MarshalIndent(rsaKey, "", " ") | |
fmt.Printf("JWK Private Key (identity._jwk): \n%s\n\n", string(privateJWKJSON)) | |
// Create JWK for Public Key | |
publicJWKJSON, _ := json.MarshalIndent(rsaKey.PublicKey(), "", " ") | |
fmt.Printf("JWK Public Key (identity.jwk): \n%s\n\n", string(publicJWKJSON)) | |
// Create Thumbprint for Private Key | |
thumbprint := makeThumbprint(rsaKey) | |
fmt.Printf("Identity Thumbprint Hex String (identity.id): \n%s", thumbprint) | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment