-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.go
77 lines (59 loc) · 1.53 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package main
import (
"crypto"
"crypto/ecdsa"
"crypto/rand"
"crypto/x509"
"encoding/base64"
"encoding/pem"
"errors"
"flag"
"fmt"
"os"
)
func main() {
var privateKeyFile string
var JWTPayloadFile string
flag.StringVar(&JWTPayloadFile, "payload", "", "BASE64(header).BASE64(payload)")
flag.StringVar(&privateKeyFile, "pk", "", "PK file in PKCS8 format")
flag.Parse()
privateKey, err := loadPrivateKeyFromPEM(privateKeyFile)
if err != nil {
panic(err)
}
hasher := crypto.SHA256.New()
base64HeaderPayload, err := os.ReadFile(JWTPayloadFile)
if err != nil {
panic(err)
}
_, _ = hasher.Write([]byte(base64HeaderPayload))
hashed := hasher.Sum(nil)
r, s, err := ecdsa.Sign(rand.Reader, privateKey, hashed)
if err != nil {
panic(err)
}
keyBytes := 32
rBytes := r.Bytes()
rBytesPadded := make([]byte, keyBytes)
copy(rBytesPadded[keyBytes-len(rBytes):], rBytes)
sBytes := s.Bytes()
sBytesPadded := make([]byte, keyBytes)
copy(sBytesPadded[keyBytes-len(sBytes):], sBytes)
result := append(rBytesPadded, sBytesPadded...)
fmt.Println(base64.RawURLEncoding.EncodeToString(result))
}
func loadPrivateKeyFromPEM(privateKeyFile string) (*ecdsa.PrivateKey, error) {
pemBytes, err := os.ReadFile(privateKeyFile)
if err != nil {
return nil, err
}
block, _ := pem.Decode(pemBytes)
if block == nil {
return nil, errors.New("failed to decode PEM block containing the key")
}
privateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
return privateKey.(*ecdsa.PrivateKey), nil
}