xpaseto

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 6, 2021 License: MIT Imports: 13 Imported by: 0

Documentation

Overview

Package xpaseto provides basic abilities to sign and verify PASETO-style tokens using XEdDSA signatures. This allows the same keys to be used for X25519 Diffie-Hellman exchanges, and for payload signing and verification. This package is based off https://github.com/o1egl/paseto and uses imports from this library in places. o1egl/paseto license: MIT - https://github.com/o1egl/paseto/blob/master/LICENSE

The tokens generated by this package do NOT conform with the PASETO standard. See https://paseto.io/rfc/ Section 5.2

Private PASETO tokens have not been implemented in this package.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Sign 

func Sign(privateKey []byte, message []byte, random [64]byte) (signature []byte,
	err error)

Sign signs a message with an X25519 key and returns a signature.

An error will be returned if an invalid private key is given.

func Verify 

func Verify(publicKey []byte, message []byte, signature []byte) bool

Verify checks whether the message has a valid signature.

Returns true if the signature is valid, otherwise returns false.

Types

type Signer 

type Signer struct {
	Privkey []byte
	Pubkey  []byte
	// contains filtered or unexported fields
}

Signer is a struct which is used to Sign and Verify XPASETO tokens Privkey is a montgomery x25519 private key Pubkey is the public counterpart to the Privkey

func NewSigner 

func NewSigner(privkey []byte,
	pubkey []byte) Signer

NewSigner returns a new Signer, initialised with the given private and public x25519 keys

func (*Signer) ParsePaseto 

func (s *Signer) ParsePaseto(token string) (jsonToken paseto.JSONToken, err error)

ParsePaseto returns a paseto.JSONToken from a raw token string If the token signature is invalid, an error will be returned

func (*Signer) ParseSelfSigned 

func (s *Signer) ParseSelfSigned(token string) (jsonToken paseto.JSONToken,
	err error)

ParseSelfSigned parses and validates an XPASETO token against the 'pubkey' in the additional claims.

func (*Signer) SelfSignPaseto 

func (s *Signer) SelfSignPaseto(jsonToken paseto.JSONToken) (token string, err error)

SelfSignPaseto sets the "pubkey" additional claim to the value of the public part of the keypair used to sign the XPASETO token

func (*Signer) SignPaseto 

func (s *Signer) SignPaseto(jsonToken paseto.JSONToken) (token string, err error)

SignPaseto returns a token from the given paseto.JSONToken

type XV2 

type XV2 struct{}

This defines an XV2 struct which can be used to sign and verify payloads This is currently a redundant struct, and methods could be converted to standard functions However the XV2 struct could be built upon in the future to satisfy the 'Protocol' interface defined by "o1egl/paseto"

func NewXV2 

func NewXV2() *XV2

NewXV2 returns an instance of an XV2 struct

func (*XV2) Sign 

func (x *XV2) Sign(privkey []byte,
	payload, footer interface{}) (token string, err error)

Sign creates a signature of a payload using a public key and encodes it to an XPASETO token. An error will be returned if the payload cannot be signed or encoded

func (*XV2) Verify 

func (x *XV2) Verify(token string, pubkey []byte,
	payload, footer interface{}) error

Verify checks if an XPASETO token is valid An error will be returned if the token cannot be decoded, or if the signature is invalid. If the token is valid, this function will return 'nil'

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.