crypto

package
v0.0.0-...-920a7e7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2023 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Ed25519   KeyType = "Ed25519"
	X25519    KeyType = "X25519"
	SECP256k1 KeyType = "secp256k1"
	P224      KeyType = "P-224"
	P256      KeyType = "P-256"
	P384      KeyType = "P-384"
	P521      KeyType = "P-521"
	RSA       KeyType = "RSA"

	RSAKeySize int = 2048
)

Variables

This section is empty.

Functions

func AlgFromKeyAndCurve 

func AlgFromKeyAndCurve(kty jwa.KeyType, crv jwa.EllipticCurveAlgorithm) (jwa.SignatureAlgorithm, error)

AlgFromKeyAndCurve returns the supported JSON Web Algorithm for signing for a given key type and curve pair The curve parameter is optional (e.g. "") as in the case of RSA.

func BytesToPrivKey 

func BytesToPrivKey(keyBytes []byte, kt KeyType) (crypto.PrivateKey, error)

BytesToPrivKey reconstructs a private key given some bytes and a target key type It is assumed the key was turned into byte form using the sibling method `PrivKeyToBytes`

func BytesToPubKey 

func BytesToPubKey(keyBytes []byte, kt KeyType) (crypto.PublicKey, error)

BytesToPubKey reconstructs a public key given some bytes and a target key type It is assumed the key was turned into byte form using the sibling method `PubKeyToBytes`

func GenerateEd25519Key 

func GenerateEd25519Key() (ed25519.PublicKey, ed25519.PrivateKey, error)

func GenerateKeyByKeyType 

func GenerateKeyByKeyType(kt KeyType) (crypto.PublicKey, crypto.PrivateKey, error)

GenerateKeyByKeyType creates a brand-new key, returning the public and private key for the given key type

func GenerateP224Key 

func GenerateP224Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateP256Key 

func GenerateP256Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateP384Key 

func GenerateP384Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateP521Key 

func GenerateP521Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateRSA2048Key 

func GenerateRSA2048Key() (rsa.PublicKey, rsa.PrivateKey, error)

func GenerateSECP256k1Key 

func GenerateSECP256k1Key() (secp.PublicKey, secp.PrivateKey, error)

func GenerateX25519Key 

func GenerateX25519Key() (x25519.PublicKey, x25519.PrivateKey, error)

func GetCRVFromJWK 

func GetCRVFromJWK(key jwk.Key) (string, error)

func GetSupportedJWTSigningVerificationAlgorithms 

func GetSupportedJWTSigningVerificationAlgorithms() []jwa.SignatureAlgorithm

GetSupportedJWTSigningVerificationAlgorithms returns a list of supported signing and verifying algorithms for JWTs

func IsSupportedJWTSigningVerificationAlgorithm 

func IsSupportedJWTSigningVerificationAlgorithm(algorithm jwa.SignatureAlgorithm) bool

IsSupportedJWTSigningVerificationAlgorithm returns true if the algorithm is supported for signing or verifying JWTs

func IsSupportedKeyType 

func IsSupportedKeyType(kt KeyType) bool

func IsSupportedSignatureAlg 

func IsSupportedSignatureAlg(sa SignatureAlgorithm) bool

func PrivKeyToBytes 

func PrivKeyToBytes(key crypto.PrivateKey) ([]byte, error)

PrivKeyToBytes constructs a byte representation of a private key, for a set number of supported key types

func PrivateKeyToJWK 

func PrivateKeyToJWK(key crypto.PrivateKey) (jwk.Key, error)

PrivateKeyToJWK converts a private key to a JWK

func PrivateKeyToPrivateKeyJWK 

func PrivateKeyToPrivateKeyJWK(key crypto.PrivateKey) (*PublicKeyJWK, *PrivateKeyJWK, error)

PrivateKeyToPrivateKeyJWK converts a private key to a PrivateKeyJWK

func PubKeyToBytes 

func PubKeyToBytes(key crypto.PublicKey) ([]byte, error)

PubKeyToBytes constructs a byte representation of a public key, for a set number of supported key types

func PublicKeyToJWK 

func PublicKeyToJWK(key crypto.PublicKey) (jwk.Key, error)

PublicKeyToJWK converts a public key to a JWK

Types

type HashType 

type HashType string
const (
	SHA256 HashType = "SHA256"
)

type JWTSigner 

type JWTSigner struct {
	jwa.SignatureAlgorithm
	jwk.Key
}

JWTSigner is a struct that contains the key and algorithm used to sign JWTs

func NewJWTSigner 

func NewJWTSigner(kid string, key crypto.PrivateKey) (*JWTSigner, error)

func NewJWTSignerFromJWK 

func NewJWTSignerFromJWK(kid string, key PrivateKeyJWK) (*JWTSigner, error)

func NewJWTSignerFromKey 

func NewJWTSignerFromKey(kid string, key jwk.Key) (*JWTSigner, error)

func (*JWTSigner) GetSigningAlgorithm 

func (s *JWTSigner) GetSigningAlgorithm() string

GetSigningAlgorithm returns the algorithm used to sign the JWT

func (*JWTSigner) ParseJWT 

func (*JWTSigner) ParseJWT(token string) (jwt.Token, error)

ParseJWT attempts to turn a string into a jwt.Token

func (*JWTSigner) SignJWT 

func (s *JWTSigner) SignJWT(kvs map[string]interface{}) ([]byte, error)

SignJWT takes a set of JWT keys and values to add to a JWT before singing them with the key defined in the signer

func (*JWTSigner) ToVerifier 

func (s *JWTSigner) ToVerifier() (*JWTVerifier, error)

type JWTVerifier 

type JWTVerifier struct {
	jwk.Key
}

JWTVerifier is a struct that contains the key and algorithm used to verify JWTs

func NewJWTVerifier 

func NewJWTVerifier(kid string, key crypto.PublicKey) (*JWTVerifier, error)

func NewJWTVerifierFromJWK 

func NewJWTVerifierFromJWK(kid string, key PublicKeyJWK) (*JWTVerifier, error)

func NewJWTVerifierFromKey 

func NewJWTVerifierFromKey(kid string, key jwk.Key) (*JWTVerifier, error)

func (*JWTVerifier) ParseJWS 

func (*JWTVerifier) ParseJWS(token string) (*jws.Signature, error)

ParseJWS attempts to pull of a single signature from a token, containing its headers

func (*JWTVerifier) ParseJWT 

func (*JWTVerifier) ParseJWT(token string) (jwt.Token, error)

ParseJWT attempts to turn a string into a jwt.Token

func (*JWTVerifier) VerifyAndParseJWT 

func (v *JWTVerifier) VerifyAndParseJWT(token string) (jwt.Token, error)

VerifyAndParseJWT attempts to turn a string into a jwt.Token and verify its signature using the verifier

func (*JWTVerifier) VerifyJWS 

func (v *JWTVerifier) VerifyJWS(token string) error

VerifyJWS parses a token given the verifier's known algorithm and key, and returns an error, which is nil upon success.

func (*JWTVerifier) VerifyJWT 

func (v *JWTVerifier) VerifyJWT(token string) error

VerifyJWT parses a token given the verifier's known algorithm and key, and returns an error, which is nil upon success

type KeyType 

type KeyType string

func GetKeyTypeFromPrivateKey 

func GetKeyTypeFromPrivateKey(key crypto.PrivateKey) (KeyType, error)

GetKeyTypeFromPrivateKey returns the key type of a private key for known key types

func GetSupportedKeyTypes 

func GetSupportedKeyTypes() []KeyType

func (KeyType) String 

func (kt KeyType) String() string

type PrivateKeyJWK 

type PrivateKeyJWK struct {
	KTY    string `json:"kty" validate:"required"`
	CRV    string `json:"crv,omitempty"`
	X      string `json:"x,omitempty"`
	Y      string `json:"y,omitempty"`
	N      string `json:"n,omitempty"`
	E      string `json:"e,omitempty"`
	Use    string `json:"use,omitempty"`
	KeyOps string `json:"key_ops,omitempty"`
	Alg    string `json:"alg,omitempty"`
	KID    string `json:"kid,omitempty"`
	D      string `json:"d,omitempty"`
	DP     string `json:"dp,omitempty"`
	DQ     string `json:"dq,omitempty"`
	P      string `json:"p,omitempty"`
	Q      string `json:"q,omitempty"`
	QI     string `json:"qi,omitempty"`
}

PrivateKeyJWK complies with RFC7517 https://datatracker.ietf.org/doc/html/rfc7517

func JWKToPrivateKeyJWK 

func JWKToPrivateKeyJWK(key jwk.Key) (*PrivateKeyJWK, error)

JWKToPrivateKeyJWK converts a JWK to a PrivateKeyJWK

type Proof 

type Proof interface{}

type PublicKeyJWK 

type PublicKeyJWK struct {
	KTY    string `json:"kty" validate:"required"`
	CRV    string `json:"crv,omitempty"`
	X      string `json:"x,omitempty"`
	Y      string `json:"y,omitempty"`
	N      string `json:"n,omitempty"`
	E      string `json:"e,omitempty"`
	Use    string `json:"use,omitempty"`
	KeyOps string `json:"key_ops,omitempty"`
	Alg    string `json:"alg,omitempty"`
	KID    string `json:"kid,omitempty"`
}

PublicKeyJWK complies with RFC7517 https://datatracker.ietf.org/doc/html/rfc7517

func JWKToPublicKeyJWK 

func JWKToPublicKeyJWK(key jwk.Key) (*PublicKeyJWK, error)

JWKToPublicKeyJWK converts a JWK to a PublicKeyJWK

func PublicKeyToPublicKeyJWK 

func PublicKeyToPublicKeyJWK(key crypto.PublicKey) (*PublicKeyJWK, error)

PublicKeyToPublicKeyJWK converts a public key to a PublicKeyJWK

type SignatureAlgorithm 

type SignatureAlgorithm string
const (
	// EdDSA uses an ed25519 key
	EdDSA SignatureAlgorithm = "EdDSA"
	// ES256K uses a secp256k1 key
	ES256K SignatureAlgorithm = "ES256K"
	// ES256 uses a p-256 curve key
	ES256 SignatureAlgorithm = "ES256"
	// ES384 uses a p-384 curve key
	ES384 SignatureAlgorithm = "ES384"
	// PS256 uses a 2048-bit RSA key
	PS256 SignatureAlgorithm = "PS256"
)

func GetSupportedSignatureAlgs 

func GetSupportedSignatureAlgs() []SignatureAlgorithm

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.