-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsigner_ecdsa.go
39 lines (30 loc) · 995 Bytes
/
signer_ecdsa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
package jwt
import (
"crypto"
"crypto/ecdsa"
"crypto/rand"
"fmt"
)
func ES256Signer(kid string, privateKey *ecdsa.PrivateKey) Signer {
return ecdsaSigner(kid, crypto.SHA256, privateKey)
}
func ES384Signer(kid string, privateKey *ecdsa.PrivateKey) Signer {
return ecdsaSigner(kid, crypto.SHA384, privateKey)
}
func ES512Signer(kid string, privateKey *ecdsa.PrivateKey) Signer {
return ecdsaSigner(kid, crypto.SHA512, privateKey)
}
func ecdsaSigner(kid string, hash crypto.Hash, privateKey *ecdsa.PrivateKey) Signer {
return signerFunc(fmt.Sprintf("ES%d", hash.Size()<<3), kid, func(data []byte) ([]byte, error) {
return signECDSA(data, privateKey, hash)
})
}
func signECDSA(data []byte, privateKey *ecdsa.PrivateKey, hash crypto.Hash) ([]byte, error) {
// Compute the hash of the input data
hasher := hash.New()
hasher.Reset()
hasher.Write(data)
digest := hasher.Sum(nil)
// Sign the digest with the private key
return ecdsa.SignASN1(rand.Reader, privateKey, digest)
}