Correct behavior for RSA multi-prime unmarshaling

[MicahParks]

In this snippet of code there is a TODO that needs to be addressed.

jwkset/marshal.go

Lines 305 to 331 in f4551a1

	var oth []rsa.CRTValue
	if len(jwk.OTH) > 0 {
	// TODO Does each extra multi-prime need to be added to the slice of primes on the private key?
	oth = make([]rsa.CRTValue, len(jwk.OTH))
	for i, otherPrimes := range jwk.OTH {
	if otherPrimes.R == "" || otherPrimes.D == "" || otherPrimes.T == "" {
	return KeyWithMeta{}, fmt.Errorf(`%w: %s requires parameters "r", "d", and "t" for each "oth"`, ErrKeyUnmarshalParameter, KeyTypeRSA)
	}
	othD, err := base64urlTrailingPadding(otherPrimes.D)
	if err != nil {
	return KeyWithMeta{}, fmt.Errorf(`failed to decode %s key parameter "d": %w`, KeyTypeRSA, err)
	}
	othT, err := base64urlTrailingPadding(otherPrimes.T)
	if err != nil {
	return KeyWithMeta{}, fmt.Errorf(`failed to decode %s key parameter "t": %w`, KeyTypeRSA, err)
	}
	othR, err := base64urlTrailingPadding(otherPrimes.R)
	if err != nil {
	return KeyWithMeta{}, fmt.Errorf(`failed to decode %s key parameter "r": %w`, KeyTypeRSA, err)
	}
	oth[i] = rsa.CRTValue{
	Exp: new(big.Int).SetBytes(othD),
	Coeff: new(big.Int).SetBytes(othT),
	R: new(big.Int).SetBytes(othR),
	}
	}
	}

When I generate a multi-prime RSA key with the below function call:

private, err := rsa.GenerateMultiPrimeKey(rand.Reader, 5, 2048)

I can see that the private.Primes field is a slice with a length of 5 and private.Precomputed.CRTValues field is a slice with a length of 3.

However, the current project does not unmarshal back into this private.Primes field correctly.

[MicahParks]

The OtherPrimes R field was being assigned the R field on CRTValues, but the RFC for that field wanted the prime factor, not the product of primes prior to this (inc p and q).

See 8d59d93

https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.7.1