diff options
| author | Wim <wim@42.be> | 2022-08-13 16:14:26 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-08-13 16:14:26 +0200 |
| commit | 6a3fc713978a0c1c9290a4afd08b47886b49b635 (patch) | |
| tree | aa62cd85cf5671646c75ee38b3fc140ef7edcea8 /vendor/golang.org/x/crypto/acme/jws.go | |
| parent | 3c4192ebf6a32e30cdd23a9644c2ceca72a006fa (diff) | |
| download | matterbridge-msglm-6a3fc713978a0c1c9290a4afd08b47886b49b635.tar.gz matterbridge-msglm-6a3fc713978a0c1c9290a4afd08b47886b49b635.tar.bz2 matterbridge-msglm-6a3fc713978a0c1c9290a4afd08b47886b49b635.zip | |
Update dependencies and go1.18 (#1873)
* Update dependencies and go1.18
* Exclude unnecessary linters and update build to go1.18
Diffstat (limited to 'vendor/golang.org/x/crypto/acme/jws.go')
| -rw-r--r-- | vendor/golang.org/x/crypto/acme/jws.go | 37 |
1 files changed, 31 insertions, 6 deletions
diff --git a/vendor/golang.org/x/crypto/acme/jws.go b/vendor/golang.org/x/crypto/acme/jws.go index 403e5b0c..b38828d8 100644 --- a/vendor/golang.org/x/crypto/acme/jws.go +++ b/vendor/golang.org/x/crypto/acme/jws.go @@ -33,6 +33,10 @@ const noKeyID = KeyID("") // See https://tools.ietf.org/html/rfc8555#section-6.3 for more details. const noPayload = "" +// noNonce indicates that the nonce should be omitted from the protected header. +// See jwsEncodeJSON for details. +const noNonce = "" + // jsonWebSignature can be easily serialized into a JWS following // https://tools.ietf.org/html/rfc7515#section-3.2. type jsonWebSignature struct { @@ -45,10 +49,15 @@ type jsonWebSignature struct { // The result is serialized in JSON format containing either kid or jwk // fields based on the provided KeyID value. // -// If kid is non-empty, its quoted value is inserted in the protected head +// The claimset is marshalled using json.Marshal unless it is a string. +// In which case it is inserted directly into the message. +// +// If kid is non-empty, its quoted value is inserted in the protected header // as "kid" field value. Otherwise, JWK is computed using jwkEncode and inserted // as "jwk" field value. The "jwk" and "kid" fields are mutually exclusive. // +// If nonce is non-empty, its quoted value is inserted in the protected header. +// // See https://tools.ietf.org/html/rfc7515#section-7. func jwsEncodeJSON(claimset interface{}, key crypto.Signer, kid KeyID, nonce, url string) ([]byte, error) { if key == nil { @@ -58,20 +67,36 @@ func jwsEncodeJSON(claimset interface{}, key crypto.Signer, kid KeyID, nonce, ur if alg == "" || !sha.Available() { return nil, ErrUnsupportedKey } - var phead string + headers := struct { + Alg string `json:"alg"` + KID string `json:"kid,omitempty"` + JWK json.RawMessage `json:"jwk,omitempty"` + Nonce string `json:"nonce,omitempty"` + URL string `json:"url"` + }{ + Alg: alg, + Nonce: nonce, + URL: url, + } switch kid { case noKeyID: jwk, err := jwkEncode(key.Public()) if err != nil { return nil, err } - phead = fmt.Sprintf(`{"alg":%q,"jwk":%s,"nonce":%q,"url":%q}`, alg, jwk, nonce, url) + headers.JWK = json.RawMessage(jwk) default: - phead = fmt.Sprintf(`{"alg":%q,"kid":%q,"nonce":%q,"url":%q}`, alg, kid, nonce, url) + headers.KID = string(kid) + } + phJSON, err := json.Marshal(headers) + if err != nil { + return nil, err } - phead = base64.RawURLEncoding.EncodeToString([]byte(phead)) + phead := base64.RawURLEncoding.EncodeToString([]byte(phJSON)) var payload string - if claimset != noPayload { + if val, ok := claimset.(string); ok { + payload = val + } else { cs, err := json.Marshal(claimset) if err != nil { return nil, err |