Last active
September 19, 2022 13:30
-
-
Save badri/4e3ea851bfebaf753b2fe14341ddbf2b to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local resty_rsa = require "resty.rsa" | |
| local codec = require "kong.openid-connect.codec" | |
| local base64url = codec.base64url | |
| local openssl_x509 = require("resty.openssl.x509") | |
| local b64 = "MIICmzCCAYMCBgGC3hTanzANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZrb25nLWgwHhcNMjIwODI3MDY1MzA0WhcNMzIwODI3MDY1NDQ0WjARMQ8wDQYDVQQDDAZrb25nLWgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj36hSXWB+9j/YqHnXkPUjNQz9IR/EWQRXNFEome6JmV6ulBU9vt4wmi1b2xjmoD+Z8uBg15khZ776ftmnJvZesk0CDq9OJW3niGgXwPGsXWf0E39fZrBdGL1EM9vLwSqqyTETNabqD/lsgA4rwIVWr+z0vMXvwGB4LYW/LNOzUy6V7mmAuPxg2ixlmCNLw/ACAvqKcdBypl8Xh9B/A+eMk5p3OT/7BRaAiF49JJEkctZThE5YBwYC+IZ+8qXEC66t0MmcojgnQnaYwS4ZBmrcOg3s1QLnsUavUxtdvQsLk+ORy5LBXelcereHGdp/50R7JwLAkzkAruTi2D1B0vRlAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIKVnA2hpuZVwvAlT1CYXzDUEoHQt9K3L/kSemURtxkiF8vTkjw19nmieDmpxVR2S1bIR/B+Bmgv0jS0ieL33AbHgGfpgE0oWZ2nUO53VzgNexCnSOPuCQevHEFbaRRkjZtoAQJdMriE0khSSZlgjlUlgsjIteY/S6xKVUw/iEU1xWLVcICNaqt1IUwfOX6omkEmSTEAFhkEj7lFEEekBPfQ0Sa9rOxmEnpkUY+I3k8YAlEWnFCdkV7lM5PlHdgmwFsnNlN7khec3bK5ku23LL1BEX0EM9ZR7hE0JZl5G1LUPTgqmJbIyXX6R9AtbaDsb8VSpwX7Fpy0q3AJtl5hAg8=" | |
| local certstring = "-----BEGIN CERTIFICATE-----\n" .. b64 .. "\n-----END CERTIFICATE-----" | |
| local orig_rsa_public_key | |
| local cert,err = openssl_x509.new(certstring, "PEM") | |
| if not cert then | |
| ngx.say("cert not created", err) | |
| else | |
| -- ngx.say(cert:get_version()) | |
| local pk, err = cert:get_pubkey() | |
| if not pk then | |
| ngx.say('no pk ----', err) | |
| return | |
| else | |
| ngx.say('*****') | |
| ngx.say(pk:to_PEM()) | |
| orig_rsa_public_key = pk:tostring('public', 'PEM') | |
| end | |
| end | |
| local algorithm = "SHA256" | |
| ngx.say('---') | |
| ngx.say(orig_rsa_public_key) | |
| local pub, err = resty_rsa:new({ public_key = orig_rsa_public_key, key_type = resty_rsa.KEY_TYPE.PKCS8, algorithm = algorithm }) | |
| if not pub then | |
| ngx.say("new rsa err: ", err) | |
| return | |
| end | |
| local sig = "dO9GRENNKp82DUXqhq6ozwk-3sljY4WYUy8wu4mUMv00fj4uY3MPclwhKH0ZPRE7LFLSzaYGPY6VeeTkORFX_krUxXKvnIMUDNRLbHEskr6sSDnLlWKZ-Y1mmydFHBdwDtMIuOKbJKCEqYtRuoXM3V0WkyEdOomONKrhZKHVqO7M49e1do37eluqVg4t0o-7EbFvipsuAGrHUNrjv5kmJUy0nfwAimvcvasCztRZIzV17997ncaNBcyU7q3sUKrb5kOXVaNUUljt02BcMwvSd5rxLq-EYS1DyUc__0Z2bMu_hNAkALZAvJedWFV2DfC9aoL1e3VmN7Q4nVROaFkrZQ" | |
| local str = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJwVV9QenRzWjhOVV82UWhMYXk4NHhnZXFqbHJTcWhRQm52NVh3YVJjRnBZIn0.eyJleHAiOjE2NjI3Mjk0NDgsImlhdCI6MTY2MjY5MzQ0OCwianRpIjoiMjZlZGU5YTAtODMzNS00ZWQ5LWFmZTEtNmM1ZTdhNDZlODcyIiwiaXNzIjoiaHR0cDovL2VjMi0xMy0yMTItMjAwLTIwMi5hcC1zb3V0aGVhc3QtMS5jb21wdXRlLmFtYXpvbmF3cy5jb206ODA4MC9hdXRoL3JlYWxtcy9rb25nLWgiLCJhdWQiOiJhY2NvdW50Iiwic3ViIjoiNTQ1NzMyYjctOTJmOS00ODliLWFkMzktYzMzMzdmNDFmNzRjIiwidHlwIjoiQmVhcmVyIiwiYXpwIjoia29uZyIsInNlc3Npb25fc3RhdGUiOiIyYjlmMWNjZi04MTU5LTRjNjMtYjY5Zi1mMTM1ODc5MTI3MTgiLCJhY3IiOiIxIiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImRlZmF1bHQtcm9sZXMta29uZy1oIiwib2ZmbGluZV9hY2Nlc3MiLCJ1bWFfYXV0aG9yaXphdGlvbiJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoib3BlbmlkIHByb2ZpbGUgZW1haWwiLCJzaWQiOiIyYjlmMWNjZi04MTU5LTRjNjMtYjY5Zi1mMTM1ODc5MTI3MTgiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsInByZWZlcnJlZF91c2VybmFtZSI6Imp3dC11c2VyIn0" | |
| local s, err = base64url.decode(sig) | |
| if not s then | |
| ngx.say("rs signature could not be base64 decoded", err) | |
| end | |
| local verify, err = pub:verify(str, s) | |
| if not verify then | |
| ngx.say("verify err: ", err) | |
| return | |
| end | |
| ngx.say(verify) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment