Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Custom elliptic curve example #1012

Merged
merged 21 commits into from
Dec 6, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
strategy:
matrix:
go_tags: [ 'stdlib', 'goccy', 'es256k', 'asmbase64', 'alltags']
go: [ '1.21', '1.20' ]
go: [ '1.21' ]
name: "Test [ Go ${{ matrix.go }} / Tags ${{ matrix.go_tags }} ]"
steps:
- name: Checkout repository
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/smoke.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
strategy:
matrix:
go_tags: [ 'stdlib', 'goccy', 'es256k', 'alltags' ]
go: [ '1.21', '1.20' ]
go: [ '1.21' ]
name: "Smoke [ Go ${{ matrix.go }} / Tags ${{ matrix.go_tags }} ]"
steps:
- name: Checkout repository
Expand Down
10 changes: 6 additions & 4 deletions Changes-v3.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ These are changes that are incompatible with the v2.x.x version.

## Module

* This module now requires Go 1.20.x
* This module now requires Go 1.21

* All `xxx.Get()` methods have been changed from `Get(string) (interface{}, error)` to
`Get(string, interface{}) error`, where the second argument should be a pointer
Expand Down Expand Up @@ -42,7 +42,9 @@ These are changes that are incompatible with the v2.x.x version.
type to instantiate, and aids implementing your own `jwk.KeyParser`. Also see
`jwk.RegisterKeyProbe()`

* Conversion between raw keys and `jwk.Key` can be customized using `jwk.KeyConverter`.
Also see `jwk.RegisterKeyConverter()`
* Conversion between raw keys and `jwk.Key` can be customized using `jwk.KeyImporter` and `jwk.KeyExporter`.
Also see `jwk.RegisterKeyImporter()` and `jwk.RegisterKeyExporter()`

* Added `jwk/ecdsa` to keep track of which curves are available for ECDSA keys.
* Added `jwk/ecdsa` to keep track of which curves are available for ECDSA keys.

* `(jwk.Key).Raw()` has been deprecated. Use `jwk.Export()` instead.
1 change: 1 addition & 0 deletions examples/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ go 1.20

require (
github.com/cloudflare/circl v1.3.3
github.com/emmansun/gmsm v0.21.5
github.com/lestrrat-go/jwx/v3 v3.0.0
)

Expand Down
38 changes: 38 additions & 0 deletions examples/go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 h1:8UrgZ3GkP4i/CLijOJx79Yu+etlyjdBU4sfcs2WYQMs=
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0=
github.com/emmansun/gmsm v0.21.5 h1:G4HwuiqNQGZmAlZi233iwDPcfWKcoax0/GzS3eR+l7o=
github.com/emmansun/gmsm v0.21.5/go.mod h1:5hRB+YZ3dy/llu3dcKyBHieRe5Z2V6sqvNJOWEsIcqQ=
github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k=
Expand All @@ -24,10 +26,46 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
Expand Down
2 changes: 1 addition & 1 deletion examples/jwk_example_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ func ExampleJWK_Usage() {

// jws and jwe operations can be performed using jwk.Key, but you could also
// covert it to their "raw" forms, such as *rsa.PrivateKey or *ecdsa.PrivateKey
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Export(key, &rawkey); err != nil {
log.Printf("failed to create public key: %s", err)
return
}
Expand Down
169 changes: 169 additions & 0 deletions examples/jwx_register_ec_and_key_example_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,169 @@
package examples_test

import (
"bytes"
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"fmt"
"math/big"

"github.com/emmansun/gmsm/sm2"
"github.com/lestrrat-go/jwx/v3/jwa"
"github.com/lestrrat-go/jwx/v3/jwk"
ourecdsa "github.com/lestrrat-go/jwx/v3/jwk/ecdsa"
"github.com/lestrrat-go/jwx/v3/jws"
)

// Setup. This is something that you probably should do in your adapter
// library, or in your application's init() function.
//
// I could not readily find what the exact curve notation is for ShangMi SM2
// (either I'm just bad at researching or it's not in an RFC as of this writing)
// so I'm faking it as "SM2".
//
// For demonstration purposes, it could as well be a random string, as long
// as its consistent in your usage.
const SM2 jwa.EllipticCurveAlgorithm = "SM2"

func init() {
// Register the algorithm name so it can be looked up
jwa.RegisterEllipticCurveAlgorithm(SM2)

// Register the actual ECDSA curve. Notice that we need to tell this
// to our jwk library, so that the JWK lookup can be done properly
// when a raw SM2 key is passed to various key operations.
ourecdsa.RegisterCurve(SM2, sm2.P256())

// We only need one converter for the private key, because the public key
// is exactly the same type as *ecdsa.PublicKey
jwk.RegisterKeyImporter(&sm2.PrivateKey{}, jwk.KeyImportFunc(convertShangMiSm2))

jwk.RegisterKeyExporter(jwa.EC, jwk.KeyExportFunc(convertJWKToShangMiSm2))
}

func convertShangMiSm2(key interface{}) (jwk.Key, error) {
shangmi2pk, ok := key.(*sm2.PrivateKey)
if !ok {
return nil, fmt.Errorf("invalid SM2 private key")
}
return jwk.FromRaw(shangmi2pk.PrivateKey)
}

func convertJWKToShangMiSm2(key jwk.Key, hint interface{}) (interface{}, error) {
ecdsaKey, ok := key.(jwk.ECDSAPrivateKey)
if !ok {
return nil, fmt.Errorf(`invalid key type %T: %w`, key, jwk.ContinueError())
}
if ecdsaKey.Crv() != SM2 {
return nil, fmt.Errorf(`cannot convert curve of type %s to ShangMi key: %w`, ecdsaKey.Crv(), jwk.ContinueError())
}

switch hint.(type) {
case *sm2.PrivateKey, *interface{}:
default:
return nil, fmt.Errorf(`can only convert SM2 key to *sm2.PrivateKey (got %T): %w`, hint, jwk.ContinueError())
}

var ret sm2.PrivateKey
ret.PublicKey.Curve = sm2.P256()
ret.D = (&big.Int{}).SetBytes(ecdsaKey.D())
ret.PublicKey.X = (&big.Int{}).SetBytes(ecdsaKey.X())
ret.PublicKey.Y = (&big.Int{}).SetBytes(ecdsaKey.Y())
return &ret, nil
}

// End setup

func ExampleShangMiSm2() {
shangmi2pk, _ := sm2.GenerateKey(rand.Reader)

// Create a jwk.Key from ShangMi SM2 private key
shangmi2JWK, err := jwk.FromRaw(shangmi2pk)
if err != nil {
fmt.Printf("failed to create jwk.Key from raw ShangMi private key: %s\n", err)
return
}

{
// Create a ShangMi SM2 private key back from the jwk.Key
var clone sm2.PrivateKey
if err := jwk.Export(shangmi2JWK, &clone); err != nil {
fmt.Printf("failed to create ShangMi private key from jwk.Key: %s\n", err)
return
}

// Clone should have same Crv, D, X, and Y values
if clone.Curve != shangmi2pk.Curve {
fmt.Println("curve does not match")
return
}

if clone.D.Cmp(shangmi2pk.D) != 0 {
fmt.Println("D does not match")
return
}

if clone.X.Cmp(shangmi2pk.X) != 0 {
fmt.Println("X does not match")
return
}

if clone.Y.Cmp(shangmi2pk.Y) != 0 {
fmt.Println("Y does not match")
return
}
}

{ // Can do the same thing for interface{}
var clone interface{}
if err := jwk.Export(shangmi2JWK, &clone); err != nil {
fmt.Printf("failed to create ShangMi private key from jwk.Key (via interface{}): %s\n", err)
return
}
}

{
// Of course, ecdsa.PrivateKeys are also supported separately
ecprivkey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
fmt.Println(err)
return
}
eckjwk, err := jwk.FromRaw(ecprivkey)
if err != nil {
fmt.Printf("failed to create jwk.Key from raw ShangMi public key: %s\n", err)
return
}
var clone ecdsa.PrivateKey
if err := jwk.Export(eckjwk, &clone); err != nil {
fmt.Printf("failed to create ShangMi public key from jwk.Key: %s\n", err)
return
}
}

payload := []byte("Lorem ipsum")
signed, err := jws.Sign(payload, jws.WithKey(jwa.ES256, shangmi2JWK))
if err != nil {
fmt.Printf("Failed to sign using ShangMi key: %s\n", err)
return
}

shangmi2PubJWK, err := jwk.PublicKeyOf(shangmi2JWK)
if err != nil {
fmt.Printf("Failed to create public JWK using ShangMi key: %s\n", err)
return
}

verified, err := jws.Verify(signed, jws.WithKey(jwa.ES256, shangmi2PubJWK))
if err != nil {
fmt.Printf("Failed to verify using ShangMi key: %s\n", err)
return
}

if !bytes.Equal(payload, verified) {
fmt.Println("payload does not match")
return
}
//OUTPUT:
}
10 changes: 5 additions & 5 deletions internal/jwxtest/jwxtest.go
Original file line number Diff line number Diff line change
Expand Up @@ -267,7 +267,7 @@ func DecryptJweFile(ctx context.Context, file string, alg jwa.KeyEncryptionAlgor
}

var rawkey interface{}
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Export(key, &rawkey); err != nil {
return nil, fmt.Errorf(`failed to obtain raw key from JWK: %w`, err)
}

Expand All @@ -285,19 +285,19 @@ func EncryptJweFile(ctx context.Context, payload []byte, keyalg jwa.KeyEncryptio
switch keyalg {
case jwa.RSA1_5, jwa.RSA_OAEP, jwa.RSA_OAEP_256:
var rawkey rsa.PrivateKey
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Export(key, &rawkey); err != nil {
return "", nil, fmt.Errorf(`failed to obtain raw key: %w`, err)
}
keyif = rawkey.PublicKey
case jwa.ECDH_ES, jwa.ECDH_ES_A128KW, jwa.ECDH_ES_A192KW, jwa.ECDH_ES_A256KW:
var rawkey ecdsa.PrivateKey
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Export(key, &rawkey); err != nil {
return "", nil, fmt.Errorf(`failed to obtain raw key: %w`, err)
}
keyif = rawkey.PublicKey
default:
var rawkey []byte
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Export(key, &rawkey); err != nil {
return "", nil, fmt.Errorf(`failed to obtain raw key: %w`, err)
}
keyif = rawkey
Expand All @@ -323,7 +323,7 @@ func VerifyJwsFile(ctx context.Context, file string, alg jwa.SignatureAlgorithm,
}

var rawkey, pubkey interface{}
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Export(key, &rawkey); err != nil {
return nil, fmt.Errorf(`failed to obtain raw key from JWK: %w`, err)
}
pubkey = rawkey
Expand Down
14 changes: 7 additions & 7 deletions internal/keyconv/keyconv.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import (
func RSAPrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw rsa.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Export(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce rsa.PrivateKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -42,7 +42,7 @@ func RSAPrivateKey(dst, src interface{}) error {
func RSAPublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw rsa.PublicKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Export(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce rsa.PublicKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -66,7 +66,7 @@ func RSAPublicKey(dst, src interface{}) error {
func ECDSAPrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ecdsa.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Export(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ecdsa.PrivateKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -89,7 +89,7 @@ func ECDSAPrivateKey(dst, src interface{}) error {
func ECDSAPublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ecdsa.PublicKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Export(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ecdsa.PublicKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -110,7 +110,7 @@ func ECDSAPublicKey(dst, src interface{}) error {
func ByteSliceKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw []byte
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Export(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce []byte from %T: %w`, src, err)
}
src = raw
Expand All @@ -125,7 +125,7 @@ func ByteSliceKey(dst, src interface{}) error {
func Ed25519PrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ed25519.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Export(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ed25519.PrivateKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -146,7 +146,7 @@ func Ed25519PrivateKey(dst, src interface{}) error {
func Ed25519PublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ed25519.PublicKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Export(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ed25519.PublicKey from %T: %w`, src, err)
}
src = &raw
Expand Down
Loading
Loading