Documentation
¶
Index ¶
- Variables
- func GQ256SignJWT(rsaPublicKey *rsa.PublicKey, jwt []byte, opts ...Opts) ([]byte, error)
- func GQ256VerifyJWT(rsaPublicKey *rsa.PublicKey, gqToken []byte) (bool, error)
- func OriginalJWTHeaders(jwt []byte) ([]byte, error)
- type Opts
- type OptsStruct
- type Signer
- type SignerVerifier
- type Verifier
Constants ¶
This section is empty.
Variables ¶
var GQ256 = jwa.SignatureAlgorithm("GQ256")
Functions ¶
func GQ256SignJWT ¶
GQ256SignJWT takes a rsaPublicKey and signed JWT and computes a GQ1 signature on the JWT. It returns a JWT whose RSA signature has been replaced by the GQ signature. It is wrapper around SignerVerifier.SignJWT an additional check that the correct rsa public key has been supplied. Use this instead of SignerVerifier.SignJWT.
func GQ256VerifyJWT ¶
GQ256VerifyJWT verifies a GQ1 signature over GQ signed JWT
func OriginalJWTHeaders ¶
Types ¶
type Opts ¶
type Opts func(a *OptsStruct)
func WithExtraClaim ¶
WithExtraClaim specifies additional values to be included in the GQ signed JWT. These claims will be included in the protected header of the JWT Example use:
WithExtraClaim("claimKey", "claimValue")
type OptsStruct ¶
type OptsStruct struct {
// contains filtered or unexported fields
}
type Signer ¶
type Signer interface {
// Sign creates a GQ1 signature over the given message with the given GQ1 private number.
Sign(private []byte, message []byte) ([]byte, error)
// SignJWT creates a GQ1 signature over the JWT token's header/payload with a GQ1 private number derived from the JWT signature.
//
// This works because a GQ1 private number can be calculated as the inverse mod n of an RSA signature, where n is the public RSA modulus.
SignJWT(jwt []byte, opts ...Opts) ([]byte, error)
}
Signer allows for creating GQ1 signatures messages.
type SignerVerifier ¶
SignerVerifier combines the Signer and Verifier interfaces.
func New256SignerVerifier ¶
func New256SignerVerifier(publicKey *rsa.PublicKey) (SignerVerifier, error)
Creates a new SignerVerifier specifically for GQ256, meaning the security parameter is 256.
func NewSignerVerifier ¶
func NewSignerVerifier(publicKey *rsa.PublicKey, securityParameter int) (SignerVerifier, error)
NewSignerVerifier creates a SignerVerifier from the RSA public key of the trusted third-party which creates the GQ1 private numbers.
The securityParameter parameter is the level of desired security in bits. 256 is recommended.
type Verifier ¶
type Verifier interface {
// Verify verifies a GQ1 signature over a message, using the public identity of the signer.
Verify(signature []byte, identity []byte, message []byte) bool
// Compatible with SignJWT, this function verifies the GQ1 signature of the presented JSON Web Token.
VerifyJWT(jwt []byte) bool
}
Signer allows for verifying GQ1 signatures.
Source Files