jwk

package

v0.1.0 Latest Latest Go to latest Published: Oct 8, 2023 License: MIT Imports: 28 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/shogo82148/goat

Links

Open Source Insights

Documentation ¶

Overview ¶

Package jwk handles JSON Web Key defined in RFC 7517.

Index ¶

type Key
type Set
- func ParseSet(data []byte) (*Set, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Key ¶

type Key struct {
	// Raw is the raw data of JSON-decoded JWK.
	// JSON numbers are decoded as json.Number to avoid data loss.
	Raw map[string]any
	// contains filtered or unexported fields
}

Key is a JSON Web Key.

func DecodePEM ¶ added in v0.0.2

func DecodePEM(data []byte) (key *Key, rest []byte, err error)

DecodePEM decodes the PEM data encoded keys.

Example ¶

package main

import (
	"crypto/ed25519"
	"fmt"
	"log"

	"github.com/shogo82148/goat/jwk"
)

func main() {
	ed25519PrivateKey := `-----BEGIN PRIVATE KEY-----
MC4CAQAwBQYDK2VwBCIEIKwAUfUUia9rBpRD+sgNlTI5n5RhwMNDaaWFN5Kl3tiF
-----END PRIVATE KEY-----
and some more`

	key, _, err := jwk.DecodePEM([]byte(ed25519PrivateKey))
	if err != nil {
		log.Fatal(err)
	}

	priv := key.PrivateKey().(ed25519.PrivateKey)
	fmt.Printf("%064x", priv.Seed())
}

Output:

ac0051f51489af6b069443fac80d9532399f9461c0c34369a5853792a5ded885

func NewPrivateKey ¶ added in v0.0.2

func NewPrivateKey(key crypto.PrivateKey) (*Key, error)

NewPrivateKey returns a new JWK from the private key.

key must be one of *crypto/ecdsa.PrivateKey, *crypto/rsa.PrivateKey, crypto/ed25519.PrivateKey, *crypto/ecdh.PrivateKey, x25519.PrivateKey, ed448.PrivateKey, x448.PrivateKey or []byte.

Example ¶

package main

import (
	"crypto/ed25519"
	"encoding/hex"
	"fmt"
	"log"

	"github.com/shogo82148/goat/jwk"
)

func main() {
	// generate a new private key of Ed25519.
	seed, err := hex.DecodeString("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60")
	if err != nil {
		log.Fatal(err)
	}
	priv := ed25519.NewKeyFromSeed(seed)

	// generate a new JWK from ed25519.PrivateKey.
	key, err := jwk.NewPrivateKey(priv)
	if err != nil {
		log.Fatal(err)
	}

	data, err := key.MarshalJSON()
	if err != nil {
		log.Fatal(err)
	}
	fmt.Println(string(data))
}

Output:

{"crv":"Ed25519","d":"nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A","kty":"OKP","x":"11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo"}

func NewPublicKey ¶ added in v0.0.2

func NewPublicKey(key crypto.PublicKey) (*Key, error)

NewPublicKey returns a new JWK from the public key.

key must be one of *crypto/ecdsa.PublicKey, *crypto/rsa.PublicKey, crypto/ed25519.PublicKey, *crypto/ecdh.PublicKey, x25519.PublicKey, ed448.PublicKey, x448.PublicKey.

Example ¶

package main

import (
	"crypto/ed25519"
	"encoding/hex"
	"fmt"
	"log"

	"github.com/shogo82148/goat/jwk"
)

func main() {
	// generate a new private key of Ed25519.
	seed, err := hex.DecodeString("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60")
	if err != nil {
		log.Fatal(err)
	}
	priv := ed25519.NewKeyFromSeed(seed)

	// generate a new JWK from ed25519.PublicKey.
	key, err := jwk.NewPublicKey(priv.Public())
	if err != nil {
		log.Fatal(err)
	}

	data, err := key.MarshalJSON()
	if err != nil {
		log.Fatal(err)
	}
	fmt.Println(string(data))
}

Output:

{"crv":"Ed25519","kty":"OKP","x":"11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo"}

func ParseKey ¶

func ParseKey(data []byte) (*Key, error)

ParseKey parses a JWK.

Example ¶

package main

import (
	"crypto/ed25519"
	"fmt"
	"log"

	"github.com/shogo82148/goat/jwk"
)

func main() {
	raw := `{"kty":"OKP","crv":"Ed25519",
		"d":"nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A",
		"x":"11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo"}`
	key, err := jwk.ParseKey([]byte(raw))
	if err != nil {
		log.Fatal(err)
	}

	priv := key.PrivateKey().(ed25519.PrivateKey)
	fmt.Printf("%064x", priv.Seed())
}

Output:

9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60

func ParseMap ¶

func ParseMap(raw map[string]any) (*Key, error)

ParseMap parses a JWK that is decoded by the encoding/json package.

Example ¶

package main

import (
	"crypto/ed25519"
	"fmt"
	"log"

	"github.com/shogo82148/goat/jwk"
)

func main() {
	raw := map[string]any{
		"kty": "OKP",
		"crv": "Ed25519",
		"d":   "nWGxne_9WmC6hEr0kuwsxERJxWl7MmkZcDusAxyuf2A",
		"x":   "11qYAYKxCrfVS_7TyWQHOg7hcvPapiMlrwIaaPcHURo",
	}
	key, err := jwk.ParseMap(raw)
	if err != nil {
		log.Fatal(err)
	}

	priv := key.PrivateKey().(ed25519.PrivateKey)
	fmt.Printf("%064x", priv.Seed())
}

Output:

9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60

func (*Key) Algorithm ¶

func (key *Key) Algorithm() jwa.KeyAlgorithm

Algorithm returns RFC 7517 Section 4.4. "alg" (Algorithm) Parameter.

func (*Key) KeyID ¶

func (key *Key) KeyID() string

KeyID is RFC 7517 Section 4.5. "kid" (Key ID) Parameter.

func (*Key) KeyOperations ¶

func (key *Key) KeyOperations() []jwktypes.KeyOp

KeyOperations returns RFC 7517 Section 4.3. "key_ops" (Key Operations) Parameter.

func (*Key) KeyType ¶

func (key *Key) KeyType() jwa.KeyType

KeyType returns RFC 7517 Section 4.1. "kty" (Key Type) Parameter.

func (*Key) MarshalJSON ¶

func (key *Key) MarshalJSON() ([]byte, error)

MarshalJSON implements encoding/json.Marshaler

func (*Key) PrivateKey ¶

func (key *Key) PrivateKey() crypto.PrivateKey

PrivateKey returns the private key. If the key doesn't contain any private key, it returns nil.

func (*Key) PublicKey ¶

func (key *Key) PublicKey() crypto.PublicKey

PublicKey returns the public key. If the key doesn't contain any public key, it returns nil.

func (*Key) PublicKeyUse ¶

func (key *Key) PublicKeyUse() jwktypes.KeyUse

PublicKeyUse returns RFC 7517 Section 4.2. "use" (Public Key Use) Parameter.

func (*Key) SetAlgorithm ¶

func (key *Key) SetAlgorithm(alg jwa.KeyAlgorithm)

SetAlgorithm sets RFC 7517 Section 4.4. "alg" (Algorithm) Parameter.

func (*Key) SetKeyID ¶

func (key *Key) SetKeyID(kid string)

SetKeyID sets RFC 7517 Section 4.5. "kid" (Key ID) Parameter.

func (*Key) SetKeyOperation ¶

func (key *Key) SetKeyOperation(keyOps []jwktypes.KeyOp)

SetKeyOperation sets RFC 7517 Section 4.3. "key_ops" (Key Operations) Parameter.

func (*Key) SetPrivateKey ¶

func (key *Key) SetPrivateKey(priv crypto.PrivateKey)

SetPrivateKey sets the private key. If priv has Public() method, it sets the public key as well.

func (*Key) SetPublicKey ¶

func (key *Key) SetPublicKey(pub crypto.PublicKey)

SetPublicKey sets the public key, and removes the private key.

func (*Key) SetPublicKeyUse ¶

func (key *Key) SetPublicKeyUse(use jwktypes.KeyUse)

SetPublicKeyUse sets RFC 7517 Section 4.2. "use" (Public Key Use) Parameter.

func (*Key) SetX509CertificateChain ¶

func (key *Key) SetX509CertificateChain(x5c []*x509.Certificate)

SetX509CertificateChain sets RFC 7517 Section 4.7. "x5c" (X.509 Certificate Chain) Parameter.

func (*Key) SetX509CertificateSHA1 ¶

func (key *Key) SetX509CertificateSHA1(x5t []byte)

SetX509CertificateSHA1 sets RFC 7517 Section 4.8. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter.

func (*Key) SetX509CertificateSHA256 ¶

func (key *Key) SetX509CertificateSHA256(x5tS256 []byte)

SetX509CertificateSHA256 sets RFC 7517 Section 4.9. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter.

func (*Key) SetX509URL ¶

func (key *Key) SetX509URL(x5u *url.URL)

SetX509URL sets RFC 7517 Section 4.6. "x5u" (X.509 URL) Parameter.

func (*Key) Thumbprint ¶

func (key *Key) Thumbprint(h hash.Hash) ([]byte, error)

Thumbprint computes the thumbprint of the key defined in RFC 7638.

func (*Key) UnmarshalJSON ¶

func (key *Key) UnmarshalJSON(data []byte) error

UnmarshalJSON implements encoding/json.Unmarshaler

func (*Key) X509CertificateChain ¶

func (key *Key) X509CertificateChain() []*x509.Certificate

X509CertificateChain is RFC 7517 Section 4.7. "x5c" (X.509 Certificate Chain) Parameter.

func (*Key) X509CertificateSHA1 ¶

func (key *Key) X509CertificateSHA1() []byte

X509CertificateSHA1 is RFC 7517 Section 4.8. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter.

func (*Key) X509CertificateSHA256 ¶

func (key *Key) X509CertificateSHA256() []byte

X509CertificateSHA256 is RFC 7517 Section 4.9. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter.

func (*Key) X509URL ¶

func (key *Key) X509URL() *url.URL

X509URL is RFC 7517 Section 4.6. "x5u" (X.509 URL) Parameter.

type Set ¶

type Set struct {
	Keys []*Key
}

Set is a JWK Set.

func ParseSet ¶

func ParseSet(data []byte) (*Set, error)

ParseSet parses a JWK Set.

func (*Set) Find ¶

func (set *Set) Find(kid string) (key *Key, found bool)

Find finds the key that has kid.

func (*Set) MarshalJSON ¶

func (set *Set) MarshalJSON() ([]byte, error)

MarshalJSON implements encoding/json.Marshaler

func (*Set) UnmarshalJSON ¶

func (set *Set) UnmarshalJSON(data []byte) error

UnmarshalJSON implements encoding/json.Unmarshaler

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
jwktypes Package jwktypes contains types used by the package jwk.	Package jwktypes contains types used by the package jwk.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL