Closed salrashid123 closed 5 months ago
I'm trying to extract the RSA public key used when creating a signature using tink but can't seem to find any easy way to do that
For example, in the following, i'm creating a public/private keyset
type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey
type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PublicKey
and what i'd like to do in the last step is to extract out the actual RSA public as rsa.PublicKey
package main import ( "bytes" "encoding/json" "log" "github.com/tink-crypto/tink-go/v2/insecurecleartextkeyset" "github.com/tink-crypto/tink-go/v2/keyset" "github.com/tink-crypto/tink-go/v2/signature" ) const () func main() { priv_kh, _ := keyset.NewHandle(signature.RSA_SSA_PKCS1_3072_SHA256_F4_RAW_Key_Template()) buf := new(bytes.Buffer) w := keyset.NewJSONWriter(buf) _ = insecurecleartextkeyset.Write(priv_kh, w) var prettyJSON bytes.Buffer _ = json.Indent(&prettyJSON, buf.Bytes(), "", "\t") privateJSONKeyset := prettyJSON.String() log.Printf("Private Keyset: %s\n", privateJSONKeyset) pub_kh, _ := priv_kh.Public() pubuf := new(bytes.Buffer) pubw := keyset.NewJSONWriter(pubuf) _ = insecurecleartextkeyset.Write(pub_kh, pubw) var pubPrettyJSON bytes.Buffer _ = json.Indent(&pubPrettyJSON, pubuf.Bytes(), "", "\t") publicJSONKeyset := pubuf.String() log.Printf("Public Keyset: %s\n", publicJSONKeyset) }
the only way i could make this all work is spelunking through the proto as shown here:
https://gist.github.com/salrashid123/0e42a5761d02f2f9b6fd2e3d60fc864f#file-tinkrsa-go-L95
am i missing some easy way to do all this if i want to verify a signature externally?
I'm trying to extract the RSA public key used when creating a signature using tink but can't seem to find any easy way to do that
For example, in the following, i'm creating a public/private keyset
type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey
type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PublicKey
and what i'd like to do in the last step is to extract out the actual RSA public as rsa.PublicKey
the only way i could make this all work is spelunking through the proto as shown here:
https://gist.github.com/salrashid123/0e42a5761d02f2f9b6fd2e3d60fc864f#file-tinkrsa-go-L95
am i missing some easy way to do all this if i want to verify a signature externally?