raypendergraph/jwt.go

## jwt.go
package main
import (
	"crypto"
	"crypto/rsa"
	"crypto/sha256"
	"encoding/base64"
	"encoding/json"
	"math/big"
	"math/rand"
	"strings"
)

type jo = map[string]interface{}

func Encode(bytes []byte) string {
	return strings.TrimRight(base64.URLEncoding.EncodeToString([]byte(bytes)), "=")
}

func asJwk(k rsa.PublicKey) jo {
	// https://tools.ietf.org/html/rfc7518#section-6.3.1
	jwk := make(jo)
	jwk["kty"] = "RSA"
	jwk["use"] = "sig"
	n := base64.RawURLEncoding.EncodeToString(k.N.Bytes())
	jwk["n"] =  n
	e := base64.RawURLEncoding.EncodeToString(big.NewInt(int64(k.E)).Bytes())
	jwk["e"] = e
	hasher := crypto.SHA256.New()
	// The format of this string is not specified in the spec
	// it just needs to identify the key uniquely.
	hasher.Write([]byte("RSA"+ n + e ))
	jwk["kid"] = base64.RawURLEncoding.EncodeToString(hasher.Sum(nil))
	return jwk
}

func main() {
	header := Encode([]byte(`
{
  "alg": "RS256",
  "typ": "JWT"
}
`))
	claims := Encode([]byte(`
{
  "kid": "hvYX6j4L6nVFn08QR12g_co_x9MhpjLP4ymdUCoqB-k",
  "sub": "1234567890",
  "name": "Jane Doe",
  "iat": 1516239022
}`))
	prng := rand.New(rand.NewSource(42))
	rsaKey, err := rsa.GenerateKey(prng, 2048)
	if err != nil {
		print(err)
	}

	hasher := sha256.New()
	signedStr := strings.Join([]string{header, claims}, ".")
	hasher.Write([]byte(signedStr))
	if sigBytes, err := rsa.SignPKCS1v15(prng, rsaKey, crypto.SHA256, hasher.Sum(nil)); err == nil {
		jwk := asJwk(rsaKey.PublicKey)
		if jwkBytes, err := json.Marshal(&jwk); err == nil {
			println(string(jwkBytes))
		}
		println("-------------")
		println(strings.Join([]string{signedStr, Encode(sigBytes)}, "."))
	} else {
		print(err)
	}
}
	package main
	import (
	"crypto"
	"crypto/rsa"
	"crypto/sha256"
	"encoding/base64"
	"encoding/json"
	"math/big"
	"math/rand"
	"strings"
	)

	type jo = map[string]interface{}

	func Encode(bytes []byte) string {
	return strings.TrimRight(base64.URLEncoding.EncodeToString([]byte(bytes)), "=")
	}

	func asJwk(k rsa.PublicKey) jo {
	// https://tools.ietf.org/html/rfc7518#section-6.3.1
	jwk := make(jo)
	jwk["kty"] = "RSA"
	jwk["use"] = "sig"
	n := base64.RawURLEncoding.EncodeToString(k.N.Bytes())
	jwk["n"] = n
	e := base64.RawURLEncoding.EncodeToString(big.NewInt(int64(k.E)).Bytes())
	jwk["e"] = e
	hasher := crypto.SHA256.New()
	// The format of this string is not specified in the spec
	// it just needs to identify the key uniquely.
	hasher.Write([]byte("RSA"+ n + e ))
	jwk["kid"] = base64.RawURLEncoding.EncodeToString(hasher.Sum(nil))
	return jwk
	}

	func main() {
	header := Encode([]byte(`
	{
	"alg": "RS256",
	"typ": "JWT"
	}
	`))
	claims := Encode([]byte(`
	{
	"kid": "hvYX6j4L6nVFn08QR12g_co_x9MhpjLP4ymdUCoqB-k",
	"sub": "1234567890",
	"name": "Jane Doe",
	"iat": 1516239022
	}`))
	prng := rand.New(rand.NewSource(42))
	rsaKey, err := rsa.GenerateKey(prng, 2048)
	if err != nil {
	print(err)
	}

	hasher := sha256.New()
	signedStr := strings.Join([]string{header, claims}, ".")
	hasher.Write([]byte(signedStr))
	if sigBytes, err := rsa.SignPKCS1v15(prng, rsaKey, crypto.SHA256, hasher.Sum(nil)); err == nil {
	jwk := asJwk(rsaKey.PublicKey)
	if jwkBytes, err := json.Marshal(&jwk); err == nil {
	println(string(jwkBytes))
	}
	println("-------------")
	println(strings.Join([]string{signedStr, Encode(sigBytes)}, "."))
	} else {
	print(err)
	}
	}