在Go中创建用于AWS密钥的JWT签名方法

huangapple go评论87阅读模式
英文:

Creating JWT signing method for AWS key in Go

问题

我生成了一个使用ECDSA_SHA_512签名算法的ECC_NIST_P521规范密钥。我正在尝试创建一个jwt.SigningMethod,但我不确定应该使用哪些值来填充字段。以下是我目前的代码:

signingMethod := jwt.SigningMethodECDSA {
    Name: "ECC_NIST_P521",
    Hash: crypto.SHA512,
}

具体来说,我不确定名称是否正确,也不知道KeySizeCurveBits字段应该使用什么值。希望能得到帮助。

英文:

I generated an ECC_NIST_P521 spec key, which uses the ECDSA_SHA_512 signing algorithm. I'm trying to create a jwt.SigningMethod with this in mind, but I'm not sure which values to use for the fields. This is what I have so far:

signingMethod := jwt.SigningMethodECDSA {
    Name: "ECC_NIST_P521",
	Hash: crypto.SHA512,
}

Specifically, I'm not sure if the name is correct and I don't know what to use for the KeySize and CurveBits fields. Any help would be appreciated.

答案1

得分: 1

你需要指定HashCurveBitsKeySizeName的值将被忽略:

signingMethod := jwt.SigningMethodECDSA{
    Name:      "ECC_NIST_P521",
    Hash:      crypto.SHA512,
    CurveBits: 521,
    KeySize:   66,
}

521位 - 曲线域的大小。

66 - 适合曲线上点的紧凑表示的字节数。

完整的签名和验证签名示例:https://go.dev/play/p/bEnLN2PJv4a

英文:

You need to specify Hash, CurveBits and KeySize. The value of Name is ignored:

signingMethod := jwt.SigningMethodECDSA{
		Name:      "ECC_NIST_P521",
		Hash:      crypto.SHA512,
		CurveBits: 521,
		KeySize:   66,
	}

521 bits - the size of curve field.

66 - number of bytes that fit a compact representation of a point on the curve.

Full example to sign and verify signature: https://go.dev/play/p/bEnLN2PJv4a

huangapple
  • 本文由 发表于 2022年9月30日 12:32:51
  • 转载请务必保留本文链接:https://go.coder-hub.com/73904040.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定