mirror of
https://github.com/1f349/mjwt.git
synced 2024-11-09 22:22:48 +00:00
Update rsa-helper
Add read limit for key loader in signer
This commit is contained in:
parent
690b9f9512
commit
5d1bd6f8fd
2
go.mod
2
go.mod
@ -5,7 +5,7 @@ go 1.22
|
||||
toolchain go1.22.3
|
||||
|
||||
require (
|
||||
github.com/1f349/rsa-helper v0.0.1
|
||||
github.com/1f349/rsa-helper v0.0.2
|
||||
github.com/becheran/wildmatch-go v1.0.0
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0
|
||||
github.com/google/subcommands v1.2.0
|
||||
|
4
go.sum
4
go.sum
@ -1,5 +1,5 @@
|
||||
github.com/1f349/rsa-helper v0.0.1 h1:Ec/MXHR2eIpLgIR69eqhCV2o8OOBs2JZNAkEhW7HQks=
|
||||
github.com/1f349/rsa-helper v0.0.1/go.mod h1:VUQ++1tYYhYrXeOmVFkQ82BegR24HQEJHl5lHbjg7yg=
|
||||
github.com/1f349/rsa-helper v0.0.2 h1:N/fLQqg5wrjIzG6G4zdwa5Xcv9/jIPutCls9YekZr9U=
|
||||
github.com/1f349/rsa-helper v0.0.2/go.mod h1:VUQ++1tYYhYrXeOmVFkQ82BegR24HQEJHl5lHbjg7yg=
|
||||
github.com/becheran/wildmatch-go v1.0.0 h1:mE3dGGkTmpKtT4Z+88t8RStG40yN9T+kFEGj2PZFSzA=
|
||||
github.com/becheran/wildmatch-go v1.0.0/go.mod h1:gbMvj0NtVdJ15Mg/mH9uxk2R1QCistMyU7d9KFzroX4=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
|
19
signer.go
19
signer.go
@ -11,6 +11,8 @@ import (
|
||||
"time"
|
||||
)
|
||||
|
||||
const readLimit = 10240 // 10 KiB
|
||||
|
||||
var ErrNoPrivateKeyFound = errors.New("no private key found")
|
||||
|
||||
// defaultMJwtSigner implements Signer and uses an rsa.PrivateKey and issuer name
|
||||
@ -181,15 +183,22 @@ func readOrCreatePrivateKey(file string, random io.Reader, bits int) (*rsa.Priva
|
||||
}
|
||||
}
|
||||
|
||||
// readOrEmptyFile returns bytes and errors from os.ReadFile or (nil, nil) if the
|
||||
// readOrEmptyFile returns bytes and errors from os.OpenFile or (nil, nil) if the
|
||||
// file does not exist.
|
||||
func readOrEmptyFile(file string) ([]byte, error) {
|
||||
raw, err := os.ReadFile(file)
|
||||
if err == nil {
|
||||
return raw, nil
|
||||
}
|
||||
fp, err := os.Open(file)
|
||||
if err != nil {
|
||||
if os.IsNotExist(err) {
|
||||
return nil, nil
|
||||
}
|
||||
return nil, err
|
||||
}
|
||||
defer func() { _ = fp.Close() }()
|
||||
// add hard limit
|
||||
limitReader := io.LimitReader(fp, readLimit)
|
||||
raw, err := io.ReadAll(limitReader)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return raw, nil
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user