2
我拿來與谷歌證書:提取公鑰從谷歌「的oauth2/V1 /證書」證書PEM格式使用轉到
,但我不知道如何解析證書在圍棋和提取公鑰並使其適用於rsa.VerifyPKCS1v15()以驗證id令牌(openID連接)簽名。如果有人可以建議我,我將不勝感激。下面是代碼我已經有了:
res, err := http.Get("https://www.googleapis.com/oauth2/v1/certs")
if err != nil {
log.Fatal(err)
return
}
certs, err := ioutil.ReadAll(res.Body)
res.Body.Close()
if err != nil {
log.Fatal(err)
return
}
//extract kid from token header
var header interface{}
log.Printf("Oauth header: %v", headerOauth)
err = json.Unmarshal([]byte(headerOauth), &header)
token_kid := header.(map[string]interface{})["kid"]
//get modulus and exponent from the cert
var goCertificate interface{}
err = json.Unmarshal(certs, &goCertificate)
k := goCertificate.(map[string]interface{})[token_kid.(string)]
google_cert := k.(string)
block_pub, _ := pem.Decode([]byte(google_cert))
certInterface, err := x509.ParseCertificates(block_pub.Bytes)
log.Printf("certInterface: %v", *certInterface.PublicKey)
//I know the line below is wrong but thats how I usualy parse public keys
pubkeyInterface, err := x509.ParsePKIXPublicKey(certInterface.Bytes)
pKey, ok := pubkeyInterface.(*rsa.PublicKey)
感謝你,但是當我運行使用我的id令牌的腳本它會返回以下錯誤:certInterface:[] * x509.Certificate {(* x509.Certificate)(0xc210165480)} 驗證密鑰加密/ rsa驗證錯誤# – kingSlayer 2014-10-09 20:04:49
@kingSlayer應該可能是不同的問題,但我不熟悉crypto/rsa。 – OneOfOne 2014-10-09 20:44:53