Documentation

Overview

    Package jwk implements JWK as described in https://tools.ietf.org/html/rfc7517

    Example
    Output:
    
    

    Index

    Examples

    Constants

    View Source
    const (
    	AlgorithmKey              = "alg"
    	KeyIDKey                  = "kid"
    	KeyTypeKey                = "kty"
    	KeyUsageKey               = "use"
    	KeyOpsKey                 = "key_ops"
    	X509CertChainKey          = "x5c"
    	X509CertThumbprintKey     = "x5t"
    	X509CertThumbprintS256Key = "x5t#S256"
    	X509URLKey                = "x5u"
    )
    View Source
    const (
    	KeyOpSign       KeyOperation = "sign"       // (compute digital signature or MAC)
    	KeyOpVerify                  = "verify"     // (verify digital signature or MAC)
    	KeyOpEncrypt                 = "encrypt"    // (encrypt content)
    	KeyOpDecrypt                 = "decrypt"    // (decrypt content and validate decryption, if applicable)
    	KeyOpWrapKey                 = "wrapKey"    // (encrypt key)
    	KeyOpUnwrapKey               = "unwrapKey"  // (decrypt key and validate decryption, if applicable)
    	KeyOpDeriveKey               = "deriveKey"  // (derive key)
    	KeyOpDeriveBits              = "deriveBits" // (derive bits not to be used as a key)
    )

    Variables

    View Source
    var (
    	ErrInvalidHeaderName  = errors.New("invalid header name")
    	ErrInvalidHeaderValue = errors.New("invalid value for header key")
    	ErrUnsupportedKty     = errors.New("unsupported kty")
    	ErrUnsupportedCurve   = errors.New("unsupported curve")
    )

      Errors related to JWK

      Functions

      This section is empty.

      Types

      type CertificateChain

      type CertificateChain struct {
      	// contains filtered or unexported fields
      }

      func (*CertificateChain) Accept

      func (c *CertificateChain) Accept(v interface{}) error

      func (CertificateChain) Get

      func (c CertificateChain) Get() []*x509.Certificate

      type ECDSAPrivateKey

      type ECDSAPrivateKey struct {
      	// contains filtered or unexported fields
      }

        ECDSAPrivateKey is a type of JWK generated from ECDH-ES private keys

        func (ECDSAPrivateKey) Curve

        func (*ECDSAPrivateKey) ExtractMap

        func (k *ECDSAPrivateKey) ExtractMap(m map[string]interface{}) (err error)

        func (ECDSAPrivateKey) MarshalJSON

        func (k ECDSAPrivateKey) MarshalJSON() (buf []byte, err error)

        func (ECDSAPrivateKey) Materialize

        func (k ECDSAPrivateKey) Materialize() (interface{}, error)

          Materialize returns the EC-DSA private key represented by this JWK

          func (ECDSAPrivateKey) PopulateMap

          func (k ECDSAPrivateKey) PopulateMap(m map[string]interface{}) (err error)

          func (ECDSAPrivateKey) PublicKey

          func (k ECDSAPrivateKey) PublicKey() (*ECDSAPublicKey, error)

          func (ECDSAPrivateKey) Thumbprint

          func (k ECDSAPrivateKey) Thumbprint(hash crypto.Hash) ([]byte, error)

            Thumbprint returns the JWK thumbprint using the indicated hashing algorithm, according to RFC 7638

            func (*ECDSAPrivateKey) UnmarshalJSON

            func (k *ECDSAPrivateKey) UnmarshalJSON(data []byte) (err error)

            type ECDSAPublicKey

            type ECDSAPublicKey struct {
            	// contains filtered or unexported fields
            }

              ECDSAPublicKey is a type of JWK generated from ECDSA public keys

              func (ECDSAPublicKey) Curve

              func (*ECDSAPublicKey) ExtractMap

              func (k *ECDSAPublicKey) ExtractMap(m map[string]interface{}) (err error)

              func (ECDSAPublicKey) MarshalJSON

              func (k ECDSAPublicKey) MarshalJSON() (buf []byte, err error)

              func (ECDSAPublicKey) Materialize

              func (k ECDSAPublicKey) Materialize() (interface{}, error)

                Materialize returns the EC-DSA public key represented by this JWK

                func (ECDSAPublicKey) PopulateMap

                func (k ECDSAPublicKey) PopulateMap(m map[string]interface{}) (err error)

                func (ECDSAPublicKey) Thumbprint

                func (k ECDSAPublicKey) Thumbprint(hash crypto.Hash) ([]byte, error)

                  Thumbprint returns the JWK thumbprint using the indicated hashing algorithm, according to RFC 7638

                  func (*ECDSAPublicKey) UnmarshalJSON

                  func (k *ECDSAPublicKey) UnmarshalJSON(data []byte) (err error)

                  type Headers

                  type Headers interface {
                  	Remove(string)
                  	Get(string) (interface{}, bool)
                  	Set(string, interface{}) error
                  	PopulateMap(map[string]interface{}) error
                  	ExtractMap(map[string]interface{}) error
                  	Walk(func(string, interface{}) error) error
                  	Algorithm() string
                  	KeyID() string
                  	KeyType() jwa.KeyType
                  	KeyUsage() string
                  	KeyOps() []KeyOperation
                  	X509CertChain() []*x509.Certificate
                  	X509CertThumbprint() string
                  	X509CertThumbprintS256() string
                  	X509URL() string
                  }

                  type Key

                  type Key interface {
                  	Headers
                  
                  	// Materialize creates the corresponding key. For example,
                  	// RSA types would create *rsa.PublicKey or *rsa.PrivateKey,
                  	// EC types would create *ecdsa.PublicKey or *ecdsa.PrivateKey,
                  	// and OctetSeq types create a []byte key.
                  	Materialize() (interface{}, error)
                  
                  	// Thumbprint returns the JWK thumbprint using the indicated
                  	// hashing algorithm, according to RFC 7638
                  	Thumbprint(crypto.Hash) ([]byte, error)
                  }

                    Key defines the minimal interface for each of the key types. Their use and implementation differ significantly between each key types, so you should use type assertions to perform more specific tasks with each key

                    func New

                    func New(key interface{}) (Key, error)

                      New creates a jwk.Key from the given key.

                      type KeyOperation

                      type KeyOperation string

                      type KeyUsageType

                      type KeyUsageType string

                        KeyUsageType is used to denote what this key should be used for

                        const (
                        	// ForSignature is the value used in the headers to indicate that
                        	// this key should be used for signatures
                        	ForSignature KeyUsageType = "sig"
                        	// ForEncryption is the value used in the headers to indicate that
                        	// this key should be used for encryptiong
                        	ForEncryption KeyUsageType = "enc"
                        )

                        type RSAPrivateKey

                        type RSAPrivateKey struct {
                        	// contains filtered or unexported fields
                        }

                          RSAPrivateKey is a type of JWK generated from RSA private keys

                          func (*RSAPrivateKey) ExtractMap

                          func (k *RSAPrivateKey) ExtractMap(m map[string]interface{}) (err error)

                          func (RSAPrivateKey) MarshalJSON

                          func (k RSAPrivateKey) MarshalJSON() (buf []byte, err error)

                          func (*RSAPrivateKey) Materialize

                          func (k *RSAPrivateKey) Materialize() (interface{}, error)

                          func (RSAPrivateKey) PopulateMap

                          func (k RSAPrivateKey) PopulateMap(m map[string]interface{}) (err error)

                          func (RSAPrivateKey) PublicKey

                          func (k RSAPrivateKey) PublicKey() (*RSAPublicKey, error)

                          func (RSAPrivateKey) Thumbprint

                          func (k RSAPrivateKey) Thumbprint(hash crypto.Hash) ([]byte, error)

                            Thumbprint returns the JWK thumbprint using the indicated hashing algorithm, according to RFC 7638

                            func (*RSAPrivateKey) UnmarshalJSON

                            func (k *RSAPrivateKey) UnmarshalJSON(data []byte) (err error)

                            type RSAPublicKey

                            type RSAPublicKey struct {
                            	// contains filtered or unexported fields
                            }

                              RSAPublicKey is a type of JWK generated from RSA public keys

                              func (*RSAPublicKey) ExtractMap

                              func (k *RSAPublicKey) ExtractMap(m map[string]interface{}) (err error)

                              func (RSAPublicKey) MarshalJSON

                              func (k RSAPublicKey) MarshalJSON() (buf []byte, err error)

                              func (*RSAPublicKey) Materialize

                              func (k *RSAPublicKey) Materialize() (interface{}, error)

                              func (RSAPublicKey) PopulateMap

                              func (k RSAPublicKey) PopulateMap(m map[string]interface{}) (err error)

                              func (RSAPublicKey) Thumbprint

                              func (k RSAPublicKey) Thumbprint(hash crypto.Hash) ([]byte, error)

                              func (*RSAPublicKey) UnmarshalJSON

                              func (k *RSAPublicKey) UnmarshalJSON(data []byte) (err error)

                              type Set

                              type Set struct {
                              	Keys []Key `json:"keys"`
                              }

                                Set is a convenience struct to allow generating and parsing JWK sets as opposed to single JWKs

                                func Fetch

                                func Fetch(urlstring string) (*Set, error)

                                  Fetch fetches a JWK resource specified by a URL

                                  func FetchHTTP

                                  func FetchHTTP(jwkurl string) (*Set, error)

                                    FetchHTTP fetches the remote JWK and parses its contents

                                    func Parse

                                    func Parse(buf []byte) (*Set, error)

                                      Parse parses JWK from the incoming byte buffer.

                                      func ParseString

                                      func ParseString(s string) (*Set, error)

                                        ParseString parses JWK from the incoming string.

                                        func (*Set) ExtractMap

                                        func (s *Set) ExtractMap(m map[string]interface{}) error

                                        func (Set) LookupKeyID

                                        func (s Set) LookupKeyID(kid string) []Key

                                          LookupKeyID looks for keys matching the given key id. Note that the Set *may* contain multiple keys with the same key id

                                          type StandardHeaders

                                          type StandardHeaders struct {
                                          	// contains filtered or unexported fields
                                          }

                                          func (*StandardHeaders) Algorithm

                                          func (h *StandardHeaders) Algorithm() string

                                          func (*StandardHeaders) ExtractMap

                                          func (h *StandardHeaders) ExtractMap(m map[string]interface{}) (err error)

                                            ExtractMap populates the appropriate values from a map that represent the headers as a JSON object. This exists primarily because JWKs are represented as flat objects instead of differentiating the different parts of the message in separate sub objects.

                                            func (*StandardHeaders) Get

                                            func (h *StandardHeaders) Get(name string) (interface{}, bool)

                                            func (*StandardHeaders) KeyID

                                            func (h *StandardHeaders) KeyID() string

                                            func (*StandardHeaders) KeyOps

                                            func (h *StandardHeaders) KeyOps() []KeyOperation

                                            func (*StandardHeaders) KeyType

                                            func (h *StandardHeaders) KeyType() jwa.KeyType

                                            func (*StandardHeaders) KeyUsage

                                            func (h *StandardHeaders) KeyUsage() string

                                            func (StandardHeaders) MarshalJSON

                                            func (h StandardHeaders) MarshalJSON() ([]byte, error)

                                            func (StandardHeaders) PopulateMap

                                            func (h StandardHeaders) PopulateMap(m map[string]interface{}) error

                                              PopulateMap populates a map with appropriate values that represent the headers as a JSON object. This exists primarily because JWKs are represented as flat objects instead of differentiating the different parts of the message in separate sub objects.

                                              func (*StandardHeaders) Remove

                                              func (h *StandardHeaders) Remove(s string)

                                              func (*StandardHeaders) Set

                                              func (h *StandardHeaders) Set(name string, value interface{}) error

                                              func (*StandardHeaders) UnmarshalJSON

                                              func (h *StandardHeaders) UnmarshalJSON(buf []byte) error

                                              func (StandardHeaders) Walk

                                              func (h StandardHeaders) Walk(f func(string, interface{}) error) error

                                              func (*StandardHeaders) X509CertChain

                                              func (h *StandardHeaders) X509CertChain() []*x509.Certificate

                                              func (*StandardHeaders) X509CertThumbprint

                                              func (h *StandardHeaders) X509CertThumbprint() string

                                              func (*StandardHeaders) X509CertThumbprintS256

                                              func (h *StandardHeaders) X509CertThumbprintS256() string

                                              func (*StandardHeaders) X509URL

                                              func (h *StandardHeaders) X509URL() string

                                              type SymmetricKey

                                              type SymmetricKey struct {
                                              	// contains filtered or unexported fields
                                              }

                                                SymmetricKey is a type of JWK generated from symmetric keys

                                                func (*SymmetricKey) ExtractMap

                                                func (s *SymmetricKey) ExtractMap(m map[string]interface{}) (err error)

                                                func (SymmetricKey) MarshalJSON

                                                func (s SymmetricKey) MarshalJSON() (buf []byte, err error)

                                                func (SymmetricKey) Materialize

                                                func (s SymmetricKey) Materialize() (interface{}, error)

                                                  Materialize returns the octets for this symmetric key. Since this is a symmetric key, this just calls Octets

                                                  func (SymmetricKey) Octets

                                                  func (s SymmetricKey) Octets() []byte

                                                    Octets returns the octets in the key

                                                    func (SymmetricKey) PopulateMap

                                                    func (s SymmetricKey) PopulateMap(m map[string]interface{}) (err error)

                                                    func (SymmetricKey) Thumbprint

                                                    func (s SymmetricKey) Thumbprint(hash crypto.Hash) ([]byte, error)

                                                      Thumbprint returns the JWK thumbprint using the indicated hashing algorithm, according to RFC 7638

                                                      func (*SymmetricKey) UnmarshalJSON

                                                      func (k *SymmetricKey) UnmarshalJSON(data []byte) (err error)

                                                      Directories

                                                      Path Synopsis
                                                      internal