如何使用Go 生成JSON网络密钥集Go Tip:生成JSON网络密钥集 2018年8月6日之前我写了一篇关于使用Ac

如何使用Go 生成JSON网络密钥集

这个例子使用了Square的go-jose包，最后的代码片段看起来像这样。

func generateJWTWithKeyID() *jose.JSONWebKeySet {
	rsaKey, _ := rsa.GenerateKey(rand.Reader, 2048)           // XXX Check err
	serialNumber, _ := rand.Int(rand.Reader, big.NewInt(100)) // XXX Check err

	template := x509.Certificate{
		SerialNumber: serialNumber,
		Subject: pkix.Name{
			Organization: []string{"Example Co"},
		},
		NotBefore:             time.Now(),
		NotAfter:              time.Now().Add(2 * time.Hour),
		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
		BasicConstraintsValid: true,
	}

	derBytes, _ := x509.CreateCertificate(rand.Reader, &template, &template, &rsaKey.PublicKey, rsaKey) // XXX Check err
	certificate, _ := x509.ParseCertificate(derBytes)                                                   // XXX Check err

	return &jose.JSONWebKeySet{
		Keys: []jose.JSONWebKey{
			{
				Certificates: []*x509.Certificate{certificate},
				Key:          &rsaKey.PublicKey,
				KeyID:        "someKeyID",
				Use:          "sig",
			},
		},
	}
}