cryptosuite

package
v0.0.0-...-920a7e7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 31, 2023 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	JSONWebKey2020Type LDKeyType = "JsonWebKey2020"

	OKP KTY = "OKP"
	EC  KTY = "EC"
	RSA KTY = "RSA"

	Ed25519   CRV = "Ed25519"
	X25519    CRV = "X25519"
	SECP256k1 CRV = "secp256k1"
	P256      CRV = "P-256"
	P384      CRV = "P-384"
)
View Source 
const (
	JSONWebSignature2020Context                string        = "https://w3id.org/security/suites/jws-2020/v1"
	JSONWebSignature2020                       SignatureType = "JsonWebSignature2020"
	JWSSignatureSuiteID                        string        = "https://w3c-ccg.github.io/security-vocab/#JsonWebSignature2020"
	JWSSignatureSuiteType                      LDKeyType     = JSONWebKey2020Type
	JWSSignatureSuiteCanonicalizationAlgorithm string        = "https://w3id.org/security#URDNA2015"
	// JWSSignatureSuiteDigestAlgorithm uses https://www.rfc-editor.org/rfc/rfc4634
	JWSSignatureSuiteDigestAlgorithm gocrypto.Hash = gocrypto.SHA256
	// JWSSignatureSuiteProofAlgorithm  uses https://www.rfc-editor.org/rfc/rfc7797
	JWSSignatureSuiteProofAlgorithm = JSONWebSignature2020
)
View Source 
const (
	W3CSecurityContext       string = "https://w3id.org/security/v1"
	JWS2020LinkedDataContext string = "https://w3id.org/security/suites/jws-2020/v1"

	AssertionMethod ProofPurpose = "assertionMethod"
	Authentication  ProofPurpose = "authentication"

	JWTFormat PayloadFormat = "jwt"
	LDPFormat PayloadFormat = "ldp"
)

Variables

This section is empty.

Functions

func GetContextsFromProvable 

func GetContextsFromProvable(p Provable) ([]interface{}, error)

GetContextsFromProvable searches from a Linked Data `@context` property in the document and returns the value associated with the context, if it exists.

func PubKeyBytesToTypedKey 

func PubKeyBytesToTypedKey(keyBytes []byte, kt LDKeyType) (gocrypto.PublicKey, error)

PubKeyBytesToTypedKey converts a public key byte slice to a crypto.PublicKey based on a given key type, merging both LD key types and JWK key types

Types

type ALG 

type ALG string

type CRV 

type CRV string

type CryptoSuite 

type CryptoSuite interface {
	CryptoSuiteInfo

	// Sign https://w3c-ccg.github.io/data-integrity-spec/#proof-algorithm
	// this method mutates the provided provable object, adding a `proof` block`
	Sign(s Signer, p Provable) error
	// Verify https://w3c-ccg.github.io/data-integrity-spec/#proof-verification-algorithm
	Verify(v Verifier, p Provable) error
}

CryptoSuite encapsulates the behavior of a proof type as per the W3C specification on data integrity https://w3c-ccg.github.io/data-integrity-spec/#creating-new-proof-types

func GetJSONWebSignature2020Suite 

func GetJSONWebSignature2020Suite() CryptoSuite

type CryptoSuiteInfo 

type CryptoSuiteInfo interface {
	ID() string
	Type() LDKeyType
	CanonicalizationAlgorithm() string
	MessageDigestAlgorithm() gocrypto.Hash
	SignatureAlgorithm() SignatureType
	RequiredContexts() []string
}

type CryptoSuiteProofType 

type CryptoSuiteProofType interface {
	Marshal(data interface{}) ([]byte, error)
	Canonicalize(marshaled []byte) (*string, error)
	// CreateVerifyHash https://w3c-ccg.github.io/data-integrity-spec/#create-verify-hash-algorithm
	CreateVerifyHash(provable Provable, proof crypto.Proof, proofOptions *ProofOptions) ([]byte, error)
	Digest(tbd []byte) ([]byte, error)
}

CryptoSuiteProofType is an interface that defines functionality needed to sign and verify data It encapsulates the functionality defined by the data integrity proof type specification https://w3c-ccg.github.io/data-integrity-spec/#creating-new-proof-types

type JSONWebKey2020 

type JSONWebKey2020 struct {
	ID                   string    `json:"id,omitempty"`
	Type                 LDKeyType `json:"type,omitempty"`
	Controller           string    `json:"controller,omitempty"`
	crypto.PrivateKeyJWK `json:"privateKeyJwk,omitempty"`
	crypto.PublicKeyJWK  `json:"publicKeyJwk,omitempty"`
}

JSONWebKey2020 complies with https://w3c-ccg.github.io/lds-jws2020/#json-web-key-2020

func GenerateEd25519JSONWebKey2020 

func GenerateEd25519JSONWebKey2020() (*JSONWebKey2020, error)

GenerateEd25519JSONWebKey2020 returns a JsonWebKey2020 value, containing both public and private keys for an Ed25519 key.

func GenerateJSONWebKey2020 

func GenerateJSONWebKey2020(kty KTY, crv CRV) (*JSONWebKey2020, error)

GenerateJSONWebKey2020 The JSONWebKey2020 type specifies a number of key type and curve pairs to enable JOSE conformance these pairs are supported in this library and generated via the function below https://w3c-ccg.github.io/lds-jws2020/#dfn-jsonwebkey2020

func GenerateP256JSONWebKey2020 

func GenerateP256JSONWebKey2020() (*JSONWebKey2020, error)

GenerateP256JSONWebKey2020 returns a JsonWebKey2020 value, containing both public and private keys for a P-256 ECDSA key.

func GenerateP384JSONWebKey2020 

func GenerateP384JSONWebKey2020() (*JSONWebKey2020, error)

GenerateP384JSONWebKey2020 returns a JsonWebKey2020 value, containing both public and private keys for a P-384 ECDSA key.

func GenerateRSAJSONWebKey2020 

func GenerateRSAJSONWebKey2020() (*JSONWebKey2020, error)

GenerateRSAJSONWebKey2020 returns a JsonWebKey2020 value, containing both public and private keys for an RSA-2048 key.

func GenerateSECP256k1JSONWebKey2020 

func GenerateSECP256k1JSONWebKey2020() (*JSONWebKey2020, error)

GenerateSECP256k1JSONWebKey2020 returns a JsonWebKey2020 value, containing both public and private keys for a secp256k1 key transformed to an ecdsa key. We use the secp256k1 implementation from Decred https://github.com/decred/dcrd which is utilized in the widely accepted go bitcoin node implementation from the btcsuite project https://github.com/btcsuite/btcd/blob/master/btcec/btcec.go#L23

func GenerateX25519JSONWebKey2020 

func GenerateX25519JSONWebKey2020() (*JSONWebKey2020, error)

GenerateX25519JSONWebKey2020 returns a JsonWebKey2020 value, containing both public and private keys for an Ed25519 key transformed to a bi-rationally equivalent X25519 key.

func JSONWebKey2020FromPrivateKey 

func JSONWebKey2020FromPrivateKey(key gocrypto.PrivateKey) (*JSONWebKey2020, error)

JSONWebKey2020FromPrivateKey returns a JsonWebKey2020 value from a given private key, containing both JWK public and private key representations of the key.

func (*JSONWebKey2020) IsValid 

func (jwk *JSONWebKey2020) IsValid() error

type JSONWebKeySigner 

type JSONWebKeySigner struct {
	crypto.JWTSigner
	// contains filtered or unexported fields
}

JSONWebKeySigner constructs a signer for a JSONWebKey2020 object. Given a signature algorithm (e.g. ES256, PS384) and a JSON Web Key (private key), the signer is able to accept a message and provide a valid JSON Web Signature (JWS) value as a result.

func NewJSONWebKeySigner 

func NewJSONWebKeySigner(kid string, key crypto.PrivateKeyJWK, purpose ProofPurpose) (*JSONWebKeySigner, error)

func (*JSONWebKeySigner) GetKeyID 

func (s *JSONWebKeySigner) GetKeyID() string

func (*JSONWebKeySigner) GetKeyType 

func (s *JSONWebKeySigner) GetKeyType() string

func (*JSONWebKeySigner) GetPayloadFormat 

func (s *JSONWebKeySigner) GetPayloadFormat() PayloadFormat

func (*JSONWebKeySigner) GetProofPurpose 

func (s *JSONWebKeySigner) GetProofPurpose() ProofPurpose

func (*JSONWebKeySigner) GetSignatureType 

func (*JSONWebKeySigner) GetSignatureType() SignatureType

func (*JSONWebKeySigner) GetSigningAlgorithm 

func (s *JSONWebKeySigner) GetSigningAlgorithm() string

func (*JSONWebKeySigner) SetPayloadFormat 

func (s *JSONWebKeySigner) SetPayloadFormat(format PayloadFormat)

func (*JSONWebKeySigner) SetProofPurpose 

func (s *JSONWebKeySigner) SetProofPurpose(purpose ProofPurpose)

func (*JSONWebKeySigner) Sign 

func (s *JSONWebKeySigner) Sign(tbs []byte) ([]byte, error)

Sign returns a byte array signature value for a message `tbs`

type JSONWebKeyVerifier 

type JSONWebKeyVerifier struct {
	crypto.JWTVerifier
}

JSONWebKeyVerifier constructs a verifier for a JSONWebKey2020 object. Given a signature algorithm (e.g. ES256, PS384) and a JSON Web Key (pub key), the verifier is able to accept a message and signature, and provide a result to whether the signature is valid.

func NewJSONWebKeyVerifier 

func NewJSONWebKeyVerifier(kid string, key crypto.PublicKeyJWK) (*JSONWebKeyVerifier, error)

func (*JSONWebKeyVerifier) GetKeyID 

func (v *JSONWebKeyVerifier) GetKeyID() string

func (*JSONWebKeyVerifier) GetKeyType 

func (v *JSONWebKeyVerifier) GetKeyType() string

func (*JSONWebKeyVerifier) Verify 

func (v *JSONWebKeyVerifier) Verify(message, signature []byte) error

Verify attempts to verify a `signature` against a given `message`, returning nil if the verification is successful and an error should it fail.

type JSONWebSignature2020Proof 

type JSONWebSignature2020Proof struct {
	Type               SignatureType `json:"type,omitempty"`
	Created            string        `json:"created,omitempty"`
	JWS                string        `json:"jws,omitempty"`
	ProofPurpose       ProofPurpose  `json:"proofPurpose,omitempty"`
	Challenge          string        `json:"challenge,omitempty"`
	VerificationMethod string        `json:"verificationMethod,omitempty"`
}

func FromGenericProof 

func FromGenericProof(p crypto.Proof) (*JSONWebSignature2020Proof, error)

func (*JSONWebSignature2020Proof) DecodeJWS 

func (j *JSONWebSignature2020Proof) DecodeJWS() ([]byte, error)

func (*JSONWebSignature2020Proof) GetDetachedJWS 

func (j *JSONWebSignature2020Proof) GetDetachedJWS() string

func (*JSONWebSignature2020Proof) SetDetachedJWS 

func (j *JSONWebSignature2020Proof) SetDetachedJWS(jws string)

func (*JSONWebSignature2020Proof) ToGenericProof 

func (j *JSONWebSignature2020Proof) ToGenericProof() crypto.Proof

type JWSSignatureSuite 

type JWSSignatureSuite struct {
	CryptoSuiteProofType
}

func (JWSSignatureSuite) CanonicalizationAlgorithm 

func (JWSSignatureSuite) CanonicalizationAlgorithm() string

func (JWSSignatureSuite) Canonicalize 

func (JWSSignatureSuite) Canonicalize(marshaled []byte) (*string, error)

func (JWSSignatureSuite) CreateVerifyHash 

func (j JWSSignatureSuite) CreateVerifyHash(provable Provable, proof crypto.Proof, opts *ProofOptions) ([]byte, error)

func (JWSSignatureSuite) Digest 

func (j JWSSignatureSuite) Digest(tbd []byte) ([]byte, error)

func (JWSSignatureSuite) ID 

func (JWSSignatureSuite) ID() string

func (JWSSignatureSuite) Marshal 

func (JWSSignatureSuite) Marshal(data interface{}) ([]byte, error)

func (JWSSignatureSuite) MessageDigestAlgorithm 

func (JWSSignatureSuite) MessageDigestAlgorithm() gocrypto.Hash

func (JWSSignatureSuite) RequiredContexts 

func (JWSSignatureSuite) RequiredContexts() []string

func (JWSSignatureSuite) Sign 

func (j JWSSignatureSuite) Sign(s Signer, p Provable) error

func (JWSSignatureSuite) SignatureAlgorithm 

func (JWSSignatureSuite) SignatureAlgorithm() SignatureType

func (JWSSignatureSuite) Type 

func (JWSSignatureSuite) Type() LDKeyType

func (JWSSignatureSuite) Verify 

func (j JWSSignatureSuite) Verify(v Verifier, p Provable) error

type KTY 

type KTY string

type LDKeyType 

type LDKeyType string
const (
	X25519KeyAgreementKey2020         LDKeyType = "X25519KeyAgreementKey2020"
	Ed25519VerificationKey2020        LDKeyType = "Ed25519VerificationKey2020"
	X25519KeyAgreementKey2019         LDKeyType = "X25519KeyAgreementKey2019"
	Ed25519VerificationKey2018        LDKeyType = "Ed25519VerificationKey2018"
	EcdsaSecp256k1VerificationKey2019 LDKeyType = "EcdsaSecp256k1VerificationKey2019"
)

func (LDKeyType) String 

func (ld LDKeyType) String() string

type PayloadFormat 

type PayloadFormat string

type ProofOptions 

type ProofOptions struct {
	// JSON-LD contexts to add to the proof
	Contexts []interface{}
}

type ProofPurpose 

type ProofPurpose string

type Provable 

type Provable interface {
	GetProof() *crypto.Proof
	SetProof(p *crypto.Proof)
}

type SignatureType 

type SignatureType string

type Signer 

type Signer interface {
	Sign(tbs []byte) ([]byte, error)

	GetKeyID() string
	GetKeyType() string
	GetSignatureType() SignatureType
	GetSigningAlgorithm() string

	SetProofPurpose(purpose ProofPurpose)
	GetProofPurpose() ProofPurpose

	SetPayloadFormat(format PayloadFormat)
	GetPayloadFormat() PayloadFormat
}

type Verifier 

type Verifier interface {
	Verify(message, signature []byte) error

	GetKeyID() string
	GetKeyType() string
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.