The highest tagged major version is v2.

crypto

package

v1.0.2 Latest Latest Go to latest Published: Nov 20, 2025 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/capiscio/capiscio-core

Links

Open Source Insights

Documentation ¶

Overview ¶

Package crypto provides cryptographic utilities for CapiscIO.

Index ¶

func CreateCanonicalJSON(card *agentcard.AgentCard) ([]byte, error)
type DefaultJWKSFetcher
- func NewDefaultJWKSFetcher() *DefaultJWKSFetcher
type JWKSFetcher
type SignatureResult
type SignatureVerificationResult
type VerificationSummary
type Verifier
- func NewVerifier() *Verifier
- func NewVerifierWithFetcher(fetcher JWKSFetcher) *Verifier
- func (v *Verifier) VerifyAgentCardSignatures(ctx context.Context, card *agentcard.AgentCard) (*SignatureVerificationResult, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CreateCanonicalJSON ¶

func CreateCanonicalJSON(card *agentcard.AgentCard) ([]byte, error)

CreateCanonicalJSON creates a canonical JSON representation of the Agent Card for signature verification. It removes the "signatures" field and ensures keys are sorted (which encoding/json does by default).

Types ¶

type DefaultJWKSFetcher ¶

type DefaultJWKSFetcher struct {
	// contains filtered or unexported fields
}

DefaultJWKSFetcher is the default implementation of JWKSFetcher.

func NewDefaultJWKSFetcher ¶

func NewDefaultJWKSFetcher() *DefaultJWKSFetcher

NewDefaultJWKSFetcher creates a new fetcher with a default HTTP client and 1 hour cache TTL.

func (*DefaultJWKSFetcher) Fetch ¶

func (f *DefaultJWKSFetcher) Fetch(ctx context.Context, url string) (*jose.JSONWebKeySet, error)

Fetch retrieves the JWKS from the specified URL, using cache if available.

func (*DefaultJWKSFetcher) FlushCache ¶

func (f *DefaultJWKSFetcher) FlushCache()

FlushCache clears all cached JWKS entries.

func (*DefaultJWKSFetcher) SetTTL ¶

func (f *DefaultJWKSFetcher) SetTTL(ttl time.Duration)

SetTTL configures the cache time-to-live.

type JWKSFetcher ¶

type JWKSFetcher interface {
	Fetch(ctx context.Context, url string) (*jose.JSONWebKeySet, error)
}

JWKSFetcher handles fetching and caching of JSON Web Key Sets.

type SignatureResult ¶

type SignatureResult struct {
	Index     int
	Valid     bool
	Algorithm string
	KeyID     string
	Issuer    string
	JWKSUri   string
	Error     string
}

SignatureResult holds the details of a single signature verification.

type SignatureVerificationResult ¶

type SignatureVerificationResult struct {
	Valid      bool
	Signatures []SignatureResult
	Summary    VerificationSummary
}

SignatureVerificationResult contains the result of verifying all signatures.

type VerificationSummary ¶

type VerificationSummary struct {
	Total  int
	Valid  int
	Failed int
	Errors []string
}

VerificationSummary summarizes the results of all signature verifications.

type Verifier ¶

type Verifier struct {
	// contains filtered or unexported fields
}

Verifier handles Agent Card signature verification.

func NewVerifier ¶

func NewVerifier() *Verifier

NewVerifier creates a new Verifier with the default JWKS fetcher.

func NewVerifierWithFetcher ¶

func NewVerifierWithFetcher(fetcher JWKSFetcher) *Verifier

NewVerifierWithFetcher creates a new Verifier with a custom JWKS fetcher.

func (*Verifier) VerifyAgentCardSignatures ¶

func (v *Verifier) VerifyAgentCardSignatures(ctx context.Context, card *agentcard.AgentCard) (*SignatureVerificationResult, error)

VerifyAgentCardSignatures verifies all signatures in an Agent Card.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL