pkg crypto/ecdsa, func VerifyASN1(*PublicKey, []uint8, []uint8) bool
pkg crypto/ecdsa, method (*PrivateKey) Equal(crypto.PrivateKey) bool
pkg crypto/ecdsa, method (*PublicKey) Equal(crypto.PublicKey) bool
pkg crypto/ed25519, method (PrivateKey) Equal(crypto.PrivateKey) bool
pkg crypto/ed25519, method (PublicKey) Equal(crypto.PublicKey) bool
pkg crypto/elliptic, func MarshalCompressed(Curve, *big.Int, *big.Int) []uint8

		x.SetBytes(xbuf)
		y.SetBytes(ybuf)

		return &ecdsa.PublicKey{
			Curve: curve,
			X:     &x,
			Y:     &y,
		}, nil
	default:
		if key.Alg == "EdDSA" && key.Crv == "Ed25519" && key.X != "" {
			pb, err := base64.RawURLEncoding.DecodeString(key.X)
			if err != nil {
				return nil, errMalformedJWKECKey
			}
			return ed25519.PublicKey(pb), nil
		}

 * limitations under the License.
 */
package okhttp3.tls.internal.der

import java.math.BigInteger
import java.security.GeneralSecurityException
import java.security.PublicKey
import java.security.Signature
import java.security.SignatureException
import java.security.cert.CertificateFactory
import java.security.cert.X509Certificate
import okio.Buffer
import okio.ByteString

	if err != nil {
		fmt.Printf("error when encode private pem: %s n", err)
		os.Exit(1)
	}

	// dump public key to file
	publicKeyBytes := x509.MarshalPKCS1PublicKey(&privatekey.PublicKey)
	if err != nil {
		fmt.Printf("error when dumping publickey: %s n", err)
		os.Exit(1)
	}
	publicKeyBlock := &pem.Block{
		Type:  "PUBLIC KEY",
		Bytes: publicKeyBytes,
	}
	publicPem, err := os.Create("support_public.pem")

    val issuer = cert.issuerX500Principal
    val subjectCaCerts = subjectToCaCerts[issuer] ?: return null

    return subjectCaCerts.firstOrNull {
      try {
        cert.verify(it.publicKey)
        return@firstOrNull true
      } catch (_: Exception) {
        return@firstOrNull false
      }
    }
  }

  override fun equals(other: Any?): Boolean {
    return other === this ||

	public final fun ecdsa256 ()Lokhttp3/tls/HeldCertificate$Builder;
	public final fun keyPair (Ljava/security/KeyPair;)Lokhttp3/tls/HeldCertificate$Builder;
	public final fun keyPair (Ljava/security/PublicKey;Ljava/security/PrivateKey;)Lokhttp3/tls/HeldCertificate$Builder;
	public final fun organizationalUnit (Ljava/lang/String;)Lokhttp3/tls/HeldCertificate$Builder;
	public final fun rsa2048 ()Lokhttp3/tls/HeldCertificate$Builder;

    }
    if (signingCert.basicConstraints < minIntermediates) {
      return false // The signer can't have this many intermediates beneath it.
    }
    return try {
      toVerify.verify(signingCert.publicKey)
      true
    } catch (verifyFailed: GeneralSecurityException) {
      false
    }
  }

  override fun hashCode(): Int {
    return trustRootIndex.hashCode()
  }

	defer pk.Unlock()

	pk.pkMap[keyID] = key
}

func (pk *publicKeys) get(kid string) interface{} {
	pk.RLock()
	defer pk.RUnlock()
	return pk.pkMap[kid]
}

// PopulatePublicKey - populates a new publickey from the JWKS URL.
func (r *Config) PopulatePublicKey(arn arn.ARN) error {
	pCfg := r.arnProviderCfgsMap[arn]
	if pCfg.JWKS.URL == nil || pCfg.JWKS.URL.String() == "" {
		return nil
	}