signer

package
v0.0.0-...-39628cf Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 4, 2024 License: AGPL-3.0 Imports: 16 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckRSATimeSignature 

func CheckRSATimeSignature(
	b *SignedRSABlock, k *rsa.PublicKey, w time.Duration,
) error

CheckRSATimeSignature checks if the signed RSA block is signed with the given key, and with in the time window.

func SignTime 

func SignTime(key []byte) string

SignTime signes the current time.

Types

type RSATimeSigner 

type RSATimeSigner struct {
	TimeFunc func() time.Time
	// contains filtered or unexported fields
}

RSATimeSigner signes the current time, or checks if a signed time is within a time window of the current time reading.

func NewRSATimeSigner 

func NewRSATimeSigner(k *rsa.PublicKey, w time.Duration) *RSATimeSigner

NewRSATimeSigner creates a new time signer that uses an RSA key.

func (*RSATimeSigner) Check 

func (s *RSATimeSigner) Check(b *SignedRSABlock) error

Check checks if the timestamp is with in the time window.

type Sessions 

type Sessions struct {

	// TimeFunc is an optional function for reading the current timestamp.
	// When it is nil, the Sessions object uses time.Now().
	TimeFunc func() time.Time
	// contains filtered or unexported fields
}

Sessions signs a session data so that the server can run statelessly.

func NewSessions 

func NewSessions(key []byte, ttl time.Duration) *Sessions

NewSessions creates a new session store.

func (*Sessions) Check 

func (s *Sessions) Check(session string) ([]byte, time.Duration, bool)

Check checks if it is a signed data

func (*Sessions) CheckJSON 

func (s *Sessions) CheckJSON(session string, dat interface{}) bool

CheckJSON checks if the session is valid and unmarshals if it is. It will return false if it is fails to unmarshal.

func (*Sessions) CheckState 

func (s *Sessions) CheckState(session string) bool

CheckState checks if it is a signed session with no data.

func (*Sessions) NeedRefresh 

func (s *Sessions) NeedRefresh(ttl time.Duration) bool

NeedRefresh returns if it is recommended to refresh for a new token.

func (*Sessions) New 

func (s *Sessions) New(data []byte, ttl time.Duration) (string, time.Time)

New creates a new session with some data.

func (*Sessions) NewJSON 

func (s *Sessions) NewJSON(data interface{}) (string, time.Time, error)

NewJSON creates a new session with a JSON marshallabe data.

func (*Sessions) NewState 

func (s *Sessions) NewState() string

NewState creates a new state, which is a session with no data.

type SignedRSABlock 

type SignedRSABlock struct {
	Data []byte
	Hash []byte
	Sig  []byte

	KeyID string `json:",omitempty"`
}

SignedRSABlock is a signed RSA block.

func RSASignTime 

func RSASignTime(k *rsa.PrivateKey) (*SignedRSABlock, error)

RSASignTime signes the current time with the given RSA key.

type Signer 

type Signer struct {
	// contains filtered or unexported fields
}

Signer is a signer that contains a secrect key.

func New 

func New(key []byte) *Signer

New creates a signing pen.

func (*Signer) Check 

func (s *Signer) Check(bs []byte) (bool, []byte)

Check verifies if the signed blob is valid. If it is valid, it returns the original data that is protected by the signature.

func (*Signer) CheckChallenge 

func (s *Signer) CheckChallenge(bs []byte, now time.Time, w time.Duration) (
	*timeutil.Challenge, error,
)

CheckChallenge checks if a challenge is properly signed and if the time is after mustAfter.

func (*Signer) CheckHex 

func (s *Signer) CheckHex(str string) (bool, []byte)

CheckHex verifies if the signed blob is valid, and if it is, returns the original data that is protected by the signature.

func (*Signer) CheckHexJSON 

func (s *Signer) CheckHexJSON(str string, dat interface{}) (bool, error)

CheckHexJSON verifies if the signed blob is valid, and if it is, unmarshals the original data into dat.

func (*Signer) CheckJSON 

func (s *Signer) CheckJSON(bs []byte, dat interface{}) (bool, error)

CheckJSON verifies if the signed blob is valid, and if it is, unmarshals the original data into dat.

func (*Signer) NewSignedChallenge 

func (s *Signer) NewSignedChallenge(t time.Time, rand io.Reader) (
	[]byte, *timeutil.Challenge, error,
)

NewSignedChallenge creates a new signed challenge.

func (*Signer) Sign 

func (s *Signer) Sign(dat []byte) []byte

Sign signs a blob and returns the combination of the data and the signature.

func (*Signer) SignHex 

func (s *Signer) SignHex(dat []byte) string

SignHex signs a blob and returns the data along with the signature in a hex string.

func (*Signer) SignHexJSON 

func (s *Signer) SignHexJSON(dat interface{}) (string, error)

SignHexJSON signs a JSON marshalable blob and returns the data along with the signature in a hex string.

func (*Signer) SignJSON 

func (s *Signer) SignJSON(dat interface{}) ([]byte, error)

SignJSON signs a JSON marshalable blob and returns the combination of the data and the signature.

type TimeSigner 

type TimeSigner struct {

	// TimeFunc is an optional function for reading teh current timestamp.
	// When it is nil, the TimeSinger uses time.Now()
	TimeFunc func() time.Time
	// contains filtered or unexported fields
}

TimeSigner signs the current time, or checks if a signed time is within a time window of the current time reading.

func NewTimeSigner 

func NewTimeSigner(key []byte, window time.Duration) *TimeSigner

NewTimeSigner creates a new time singer.

func (*TimeSigner) Check 

func (s *TimeSigner) Check(token string) bool

Check checks if the timestamp is with in the time window.

func (*TimeSigner) Token 

func (s *TimeSigner) Token() string

Token generates a signed token that has the current time reading.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.