Remove unnecessary JWK functions
This commit is contained in:
Tulir Asokan
parent
ffd84f5039
commit
50ea658fc9
3 changed files with 20 additions and 78 deletions
|
|
@ -5,20 +5,15 @@ import (
|
|||
"crypto/elliptic"
|
||||
"crypto/rand"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"math/big"
|
||||
)
|
||||
|
||||
type JWK struct {
|
||||
Kty string `json:"kty"`
|
||||
Crv string `json:"crv"`
|
||||
D string `json:"d"`
|
||||
X string `json:"x"`
|
||||
Y string `json:"y"`
|
||||
Ext bool `json:"ext"`
|
||||
KeyOps []string `json:"key_ops"`
|
||||
PrivateBytes []byte `json:"private_bytes,omitempty"`
|
||||
KeyType string `json:"kty"`
|
||||
Curve string `json:"crv"`
|
||||
D string `json:"d"`
|
||||
X string `json:"x"`
|
||||
Y string `json:"y"`
|
||||
}
|
||||
|
||||
func (t *JWK) GetPrivateKey() (*ecdsa.PrivateKey, error) {
|
||||
|
|
@ -47,34 +42,7 @@ func (t *JWK) GetPrivateKey() (*ecdsa.PrivateKey, error) {
|
|||
return priv, nil
|
||||
}
|
||||
|
||||
// Returns a byte slice containing the JWK and an error if the generation or export failed.
|
||||
func (t *JWK) Marshal() ([]byte, error) {
|
||||
JWKJSON, err := json.Marshal(t)
|
||||
if err != nil {
|
||||
fmt.Printf("Failed to marshal JWK: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
fmt.Printf("%s\n", JWKJSON)
|
||||
return JWKJSON, err
|
||||
}
|
||||
|
||||
func (t *JWK) PrivKeyB64Bytes() ([]byte, error) {
|
||||
decodedPrivateKey, err2 := base64.RawURLEncoding.DecodeString(t.D)
|
||||
return decodedPrivateKey, err2
|
||||
}
|
||||
|
||||
func (t *JWK) ExtractPublicKeyDetails(pubKey []byte) *JWK {
|
||||
x := base64.RawURLEncoding.EncodeToString(pubKey[1:33])
|
||||
y := base64.RawURLEncoding.EncodeToString(pubKey[33:])
|
||||
return &JWK{
|
||||
Kty: "EC",
|
||||
Crv: "P-256",
|
||||
X: x,
|
||||
Y: y,
|
||||
}
|
||||
}
|
||||
|
||||
func (t *JWK) DecompressPubkey() (*ecdsa.PublicKey, error) {
|
||||
func (t *JWK) GetPublicKey() (*ecdsa.PublicKey, error) {
|
||||
xBytes, err := base64.RawURLEncoding.DecodeString(t.X)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -94,46 +62,25 @@ func (t *JWK) DecompressPubkey() (*ecdsa.PublicKey, error) {
|
|||
return pubKey, nil
|
||||
}
|
||||
|
||||
func (t *JWK) UncompressPubKey() ([]byte, error) {
|
||||
xBytes, err := base64.RawURLEncoding.DecodeString(t.X)
|
||||
func (t *JWK) MarshalPubKey() ([]byte, error) {
|
||||
pubKey, err := t.GetPublicKey()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
yBytes, err := base64.RawURLEncoding.DecodeString(t.Y)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
x := new(big.Int).SetBytes(xBytes)
|
||||
y := new(big.Int).SetBytes(yBytes)
|
||||
|
||||
pubKey := &ecdsa.PublicKey{
|
||||
Curve: elliptic.P256(),
|
||||
X: x,
|
||||
Y: y,
|
||||
}
|
||||
|
||||
uncompressedPubKey := elliptic.Marshal(pubKey.Curve, pubKey.X, pubKey.Y)
|
||||
|
||||
return uncompressedPubKey, nil
|
||||
return elliptic.Marshal(pubKey.Curve, pubKey.X, pubKey.Y), nil
|
||||
}
|
||||
|
||||
// GenerateECDSA_P256_JWK generates a new ECDSA private key with P-256 curve
|
||||
func GenerateECDSA_P256_JWK() (*JWK, error) {
|
||||
// GenerateECDSAKey generates a new ECDSA private key with P-256 curve
|
||||
func GenerateECDSAKey() (*JWK, error) {
|
||||
privKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
||||
if err != nil {
|
||||
fmt.Printf("Failed to generate private key: %v", err)
|
||||
return nil, err
|
||||
}
|
||||
|
||||
JWK := &JWK{
|
||||
Kty: "EC",
|
||||
Crv: "P-256",
|
||||
D: base64.RawURLEncoding.EncodeToString(privKey.D.Bytes()),
|
||||
X: base64.RawURLEncoding.EncodeToString(privKey.X.Bytes()),
|
||||
Y: base64.RawURLEncoding.EncodeToString(privKey.Y.Bytes()),
|
||||
Ext: true,
|
||||
KeyOps: []string{"sign"},
|
||||
}
|
||||
return JWK, nil
|
||||
return &JWK{
|
||||
KeyType: "EC",
|
||||
Curve: "P-256",
|
||||
D: base64.RawURLEncoding.EncodeToString(privKey.D.Bytes()),
|
||||
X: base64.RawURLEncoding.EncodeToString(privKey.X.Bytes()),
|
||||
Y: base64.RawURLEncoding.EncodeToString(privKey.Y.Bytes()),
|
||||
}, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ refreshQrCodeTime is the interval to refresh the qr code in seconds, this is usu
|
|||
func (c *Client) NewPairer(keyData *crypto.JWK, refreshQrCodeTime int) (*Pairer, error) {
|
||||
if keyData == nil {
|
||||
var err error
|
||||
keyData, err = crypto.GenerateECDSA_P256_JWK()
|
||||
keyData, err = crypto.GenerateECDSAKey()
|
||||
c.updateJWK(keyData)
|
||||
if err != nil {
|
||||
c.Logger.Error().Any("data", keyData).Msg(err.Error())
|
||||
|
|
|
|||
|
|
@ -38,12 +38,7 @@ func RegisterPhoneRelay(jwk *crypto.JWK) ([]byte, *binary.AuthenticationContaine
|
|||
}
|
||||
|
||||
func uncompressKey(jwk *crypto.JWK) ([]byte, error) {
|
||||
decodedPrivateKey, err2 := jwk.PrivKeyB64Bytes()
|
||||
if err2 != nil {
|
||||
return nil, err2
|
||||
}
|
||||
jwk.PrivateBytes = decodedPrivateKey
|
||||
uncompressedPublicKey, err3 := jwk.UncompressPubKey()
|
||||
uncompressedPublicKey, err3 := jwk.MarshalPubKey()
|
||||
if err3 != nil {
|
||||
return nil, err3
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue