search

MicahParks / jwkset

A JWK and JWK Set implementation. An auto-caching JWK Set HTTP client is provided. Generate, validate, and inspect JWKs. Self-host this project's website: https://jwkset.com
https://jwkset.com
Apache License 2.0
35 stars 12 forks source link

Correct behavior for RSA multi-prime unmarshaling #1

Closed MicahParks closed 2 years ago

MicahParks commented 2 years ago

In this snippet of code there is a TODO that needs to be addressed. https://github.com/MicahParks/jwkset/blob/f4551a14867564cd46401777c4bfc2977f6ecccf/marshal.go#L305-L331

When I generate a multi-prime RSA key with the below function call:

private, err := rsa.GenerateMultiPrimeKey(rand.Reader, 5, 2048)

I can see that the private.Primes field is a slice with a length of 5 and private.Precomputed.CRTValues field is a slice with a length of 3.

However, the current project does not unmarshal back into this private.Primes field correctly.

MicahParks commented 2 years ago

The OtherPrimes R field was being assigned the R field on CRTValues, but the RFC for that field wanted the prime factor, not the product of primes prior to this (inc p and q).

See 8d59d93bb66c873d3d40f1f444c009ee1b814e27

https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.7.1