github.com/icyphox/x@v0.0.355-0.20220311094250-029bd783e8b8/josex/utils.go

github.com/icyphox/x@v0.0.355-0.20220311094250-029bd783e8b8/josex/utils.go (about)

     1  /*-
     2   * Copyright 2014 Square Inc.
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   */
    16  
    17  package josex
    18  
    19  import (
    20  	"crypto/x509"
    21  	"encoding/pem"
    22  	"errors"
    23  	"fmt"
    24  
    25  	"gopkg.in/square/go-jose.v2"
    26  )
    27  
    28  // LoadJSONWebKey returns a *jose.JSONWebKey for a given JSON string.
    29  func LoadJSONWebKey(json []byte, pub bool) (*jose.JSONWebKey, error) {
    30  	var jwk jose.JSONWebKey
    31  	err := jwk.UnmarshalJSON(json)
    32  	if err != nil {
    33  		return nil, err
    34  	}
    35  	if !jwk.Valid() {
    36  		return nil, errors.New("invalid JWK key")
    37  	}
    38  	if jwk.IsPublic() != pub {
    39  		return nil, errors.New("priv/pub JWK key mismatch")
    40  	}
    41  	return &jwk, nil
    42  }
    43  
    44  // LoadPublicKey loads a public key from PEM/DER/JWK-encoded data.
    45  func LoadPublicKey(data []byte) (interface{}, error) {
    46  	input := data
    47  
    48  	block, _ := pem.Decode(data)
    49  	if block != nil {
    50  		input = block.Bytes
    51  	}
    52  
    53  	// Try to load SubjectPublicKeyInfo
    54  	pub, err0 := x509.ParsePKIXPublicKey(input)
    55  	if err0 == nil {
    56  		return pub, nil
    57  	}
    58  
    59  	cert, err1 := x509.ParseCertificate(input)
    60  	if err1 == nil {
    61  		return cert.PublicKey, nil
    62  	}
    63  
    64  	jwk, err2 := LoadJSONWebKey(data, true)
    65  	if err2 == nil {
    66  		return jwk, nil
    67  	}
    68  
    69  	return nil, fmt.Errorf("square/go-jose: parse error, got '%s', '%s' and '%s'", err0, err1, err2)
    70  }
    71  
    72  // LoadPrivateKey loads a private key from PEM/DER/JWK-encoded data.
    73  func LoadPrivateKey(data []byte) (interface{}, error) {
    74  	input := data
    75  
    76  	block, _ := pem.Decode(data)
    77  	if block != nil {
    78  		input = block.Bytes
    79  	}
    80  
    81  	var priv interface{}
    82  	priv, err0 := x509.ParsePKCS1PrivateKey(input)
    83  	if err0 == nil {
    84  		return priv, nil
    85  	}
    86  
    87  	priv, err1 := x509.ParsePKCS8PrivateKey(input)
    88  	if err1 == nil {
    89  		return priv, nil
    90  	}
    91  
    92  	priv, err2 := x509.ParseECPrivateKey(input)
    93  	if err2 == nil {
    94  		return priv, nil
    95  	}
    96  
    97  	jwk, err3 := LoadJSONWebKey(input, false)
    98  	if err3 == nil {
    99  		return jwk, nil
   100  	}
   101  
   102  	return nil, fmt.Errorf("square/go-jose: parse error, got '%s', '%s', '%s' and '%s'", err0, err1, err2, err3)
   103  }