jose

package
v0.1.6-0...-5c25bcb Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 1, 2021 License: Apache-2.0 Imports: 27 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// HeaderAlgorithm identifies:
	// For JWS: the cryptographic algorithm used to secure the JWS.
	// For JWE: the cryptographic algorithm used to encrypt or determine the value of the CEK.
	HeaderAlgorithm = "alg" // string

	// HeaderEncryption identifies the JWE content encryption algorithm.
	HeaderEncryption = "enc" // string

	// HeaderJWKSetURL is a URI that refers to a resource for a set of JSON-encoded public keys, one of which:
	// For JWS: corresponds to the key used to digitally sign the JWS.
	// For JWE: corresponds to the public key to which the JWE was encrypted.
	HeaderJWKSetURL = "jku" // string

	// HeaderJSONWebKey is:
	// For JWS: the public key that corresponds to the key used to digitally sign the JWS.
	// For JWE: the public key to which the JWE was encrypted.
	HeaderJSONWebKey = "jwk" // JSON

	// HeaderKeyID is a hint:
	// For JWS: indicating which key was used to secure the JWS.
	// For JWE: which references the public key to which the JWE was encrypted.
	HeaderKeyID = "kid" // string

	// HeaderSenderKeyID is a hint:
	// For JWS: not used.
	// For JWE: which references the (sender) public key used in the JWE key derivation/wrapping to encrypt the CEK.
	HeaderSenderKeyID = "skid" // string

	// HeaderX509URL is a URI that refers to a resource for the X.509 public key certificate or certificate chain:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509URL = "x5u"

	// HeaderX509CertificateChain contains the X.509 public key certificate or certificate chain:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509CertificateChain = "x5c"

	// HeaderX509CertificateDigest (X.509 certificate SHA-1 thumbprint) is a base64url-encoded
	// SHA-1 thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509CertificateDigestSha1 = "x5t"

	// HeaderX509CertificateDigestSha256 (X.509 certificate SHA-256 thumbprint) is a base64url-encoded SHA-256
	// thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509CertificateDigestSha256 = "x5t#S256" // string

	// HeaderType is:
	// For JWS: used by JWS applications to declare the media type of this complete JWS.
	// For JWE: used by JWE applications to declare the media type of this complete JWE.
	HeaderType = "typ" // string

	// HeaderContentType is used by JWS applications to declare the media type of:
	// For JWS: the secured content (the payload).
	// For JWE: the secured content (the plaintext).
	HeaderContentType = "cty" // string

	// HeaderCritical indicates that extensions to:
	// For JWS: this JWS header specification and/or JWA are being used that MUST be understood and processed.
	// For JWE: this JWE header specification and/or JWA are being used that MUST be understood and processed.
	HeaderCritical = "crit" // array

	// HeaderEPK is used by JWE applications to wrap/unwrap the CEK for a recipient.
	HeaderEPK = "epk" // JSON
)

IANA registered JOSE headers (https://tools.ietf.org/html/rfc7515#section-4.1)

View Source
const (
	// HeaderB64 determines whether the payload is represented in the JWS and the JWS Signing
	// Input as ASCII(BASE64URL(JWS Payload)) or as the JWS Payload value itself with no encoding performed.
	HeaderB64Payload = "b64" // bool
	// A256GCMALG is the default content encryption algorithm value as per
	// the JWA specification: https://tools.ietf.org/html/rfc7518#section-5.1
	A256GCMALG = "A256GCM"
	// XC20PALG represented XChacha20Poly1305 content encryption algorithm value.
	XC20PALG = "XC20P"
	// DIDCommEncType representing the JWE 'Typ' protected type header.
	DIDCommEncType = "didcomm-envelope-enc"
)

Header defined in https://tools.ietf.org/html/rfc7797

View Source
const (
	// A256GCM for AES256GCM content encryption.
	A256GCM = EncAlg(A256GCMALG)
	// XC20P for XChacha20Poly1305 content encryption.
	XC20P = EncAlg(XC20PALG)
)

Variables

View Source
var ErrInvalidKey = errors.New("invalid JWK")

ErrInvalidKey is returned when passed JWK is invalid.

Functions

func IsCompactJWS

func IsCompactJWS(s string) bool

IsCompactJWS checks weather input is a compact JWS (based on https://tools.ietf.org/html/rfc7516#section-9)

Types

type AlgSignatureVerifier

type AlgSignatureVerifier struct {
	Alg      string
	Verifier SignatureVerifier
}

AlgSignatureVerifier defines verifier for particular signature algorithm.

type CompositeAlgSigVerifier

type CompositeAlgSigVerifier struct {
	// contains filtered or unexported fields
}

CompositeAlgSigVerifier defines composite signature verifier based on the algorithm taken from JOSE header alg.

func NewCompositeAlgSigVerifier

func NewCompositeAlgSigVerifier(v AlgSignatureVerifier, vOther ...AlgSignatureVerifier) *CompositeAlgSigVerifier

NewCompositeAlgSigVerifier creates a new CompositeAlgSigVerifier.

func (*CompositeAlgSigVerifier) Verify

func (v *CompositeAlgSigVerifier) Verify(joseHeaders Headers, payload, signingInput, signature []byte) error

Verify verifiers JWS signature.

type Decrypter

type Decrypter interface {
	// Decrypt a deserialized JWE, extracts the corresponding recipient key to decrypt plaintext and returns it
	Decrypt(jwe *JSONWebEncryption) ([]byte, error)
}

Decrypter interface to Decrypt JWE messages.

type EncAlg

type EncAlg string

EncAlg represents the JWE content encryption algorithm.

type Encrypter

type Encrypter interface {
	// EncryptWithAuthData encrypt plaintext and aad sent to more than 1 recipients and returns a valid
	// JSONWebEncryption instance
	EncryptWithAuthData(plaintext, aad []byte) (*JSONWebEncryption, error)

	// Encrypt plaintext with empty aad sent to 1 or more recipients and returns a valid JSONWebEncryption instance
	Encrypt(plaintext []byte) (*JSONWebEncryption, error)
}

Encrypter interface to Encrypt/Decrypt JWE messages.

type Headers

type Headers map[string]interface{}

Headers represents JOSE headers.

func (Headers) Algorithm

func (h Headers) Algorithm() (string, bool)

Algorithm gets Algorithm from JOSE headers.

func (Headers) Encryption

func (h Headers) Encryption() (string, bool)

Encryption gets content encryption algorithm from JOSE headers.

func (Headers) JWK

func (h Headers) JWK() (*JWK, bool)

JWK gets JWK from JOSE headers.

func (Headers) KeyID

func (h Headers) KeyID() (string, bool)

KeyID gets Key ID from JOSE headers.

func (Headers) SenderKeyID

func (h Headers) SenderKeyID() (string, bool)

SenderKeyID gets the sender Key ID from Jose headers.

func (Headers) Type

func (h Headers) Type() (string, bool)

Type gets content encryption type from JOSE headers.

type JSONWebEncryption

type JSONWebEncryption struct {
	ProtectedHeaders   Headers
	OrigProtectedHders string
	UnprotectedHeaders Headers
	Recipients         []*Recipient
	AAD                string
	IV                 string
	Ciphertext         string
	Tag                string
}

JSONWebEncryption represents a JWE as defined in https://tools.ietf.org/html/rfc7516.

func Deserialize

func Deserialize(serializedJWE string) (*JSONWebEncryption, error)

Deserialize deserializes the given serialized JWE into a JSONWebEncryption object.

func (*JSONWebEncryption) CompactSerialize

func (e *JSONWebEncryption) CompactSerialize(marshal marshalFunc) (string, error)

CompactSerialize serializes the given JWE into a compact, URL-safe string as defined in https://tools.ietf.org/html/rfc7516#section-7.1.

func (*JSONWebEncryption) FullSerialize

func (e *JSONWebEncryption) FullSerialize(marshal marshalFunc) (string, error)

FullSerialize serializes the given JWE into JSON as defined in https://tools.ietf.org/html/rfc7516#section-7.2. The full serialization syntax is used. If there is only one recipient, then the flattened syntax is used.

type JSONWebSignature

type JSONWebSignature struct {
	ProtectedHeaders   Headers
	UnprotectedHeaders Headers
	Payload            []byte
	// contains filtered or unexported fields
}

JSONWebSignature defines JSON Web Signature (https://tools.ietf.org/html/rfc7515)

func NewJWS

func NewJWS(protectedHeaders, unprotectedHeaders Headers, payload []byte, signer Signer) (*JSONWebSignature, error)

NewJWS creates JSON Web Signature.

func ParseJWS

func ParseJWS(jws string, verifier SignatureVerifier, opts ...JWSParseOpt) (*JSONWebSignature, error)

ParseJWS parses serialized JWS. Currently only JWS Compact Serialization parsing is supported.

func (JSONWebSignature) SerializeCompact

func (s JSONWebSignature) SerializeCompact(detached bool) (string, error)

SerializeCompact makes JWS Compact Serialization (https://tools.ietf.org/html/rfc7515#section-7.1)

func (JSONWebSignature) Signature

func (s JSONWebSignature) Signature() []byte

Signature returns a copy of JWS signature.

type JWEDecrypt

type JWEDecrypt struct {
	// contains filtered or unexported fields
}

JWEDecrypt is responsible for decrypting a JWE message and returns its protected plaintext.

func NewJWEDecrypt

func NewJWEDecrypt(store storage.Store, c cryptoapi.Crypto, k kms.KeyManager) *JWEDecrypt

NewJWEDecrypt creates a new JWEDecrypt instance to parse and decrypt a JWE message for a given recipient store is needed for Authcrypt only (to fetch sender's pre agreed upon public key), it is not needed for Anoncrypt.

func (*JWEDecrypt) Decrypt

func (jd *JWEDecrypt) Decrypt(jwe *JSONWebEncryption) ([]byte, error)

Decrypt a deserialized JWE, decrypts its protected content and returns plaintext.

type JWEEncrypt

type JWEEncrypt struct {
	// contains filtered or unexported fields
}

JWEEncrypt is responsible for encrypting a plaintext and its AAD into a protected JWE and decrypting it.

func NewJWEEncrypt

func NewJWEEncrypt(encAlg EncAlg, encType, senderKID string, senderKH *keyset.Handle,
	recipientsPubKeys []*cryptoapi.PublicKey, crypto cryptoapi.Crypto) (*JWEEncrypt, error)

NewJWEEncrypt creates a new JWEEncrypt instance to build JWE with recipientsPubKeys senderKID and senderKH are used for Authcrypt (to authenticate the sender), if not set JWEEncrypt assumes Anoncrypt.

func (*JWEEncrypt) Encrypt

func (je *JWEEncrypt) Encrypt(plaintext []byte) (*JSONWebEncryption, error)

Encrypt encrypt plaintext with AAD and returns a JSONWebEncryption instance to serialize a JWE instance.

func (*JWEEncrypt) EncryptWithAuthData

func (je *JWEEncrypt) EncryptWithAuthData(plaintext, aad []byte) (*JSONWebEncryption, error)

EncryptWithAuthData encrypt plaintext with AAD and returns a JSONWebEncryption instance to serialize a JWE instance.

type JWK

type JWK struct {
	jose.JSONWebKey

	Kty string
	Crv string
}

JWK (JSON Web Key) is a JSON data structure that represents a cryptographic key.

func JWEFromX25519Key

func JWEFromX25519Key(pubKey []byte) (*JWK, error)

JWEFromX25519Key is similar to JWKFromPublicKey but is specific to X25519 keys when using a public key as raw []byte. This builder function presets the curve and key type in the JWK. Using JWKFromPublicKey for X25519 raw keys will not have these fields set and will not provide the right JWK output.

func JWKFromPublicKey

func JWKFromPublicKey(pubKey interface{}) (*JWK, error)

JWKFromPublicKey creates a JWK from public key struct. It's e.g. *ecdsa.PublicKey or ed25519.VerificationMethod.

func (*JWK) MarshalJSON

func (j *JWK) MarshalJSON() ([]byte, error)

MarshalJSON serializes the given key to its JSON representation.

func (*JWK) PublicKeyBytes

func (j *JWK) PublicKeyBytes() ([]byte, error)

PublicKeyBytes converts a public key to bytes.

func (*JWK) UnmarshalJSON

func (j *JWK) UnmarshalJSON(jwkBytes []byte) error

UnmarshalJSON reads a key from its JSON representation.

type JWSParseOpt

type JWSParseOpt func(opts *jwsParseOpts)

JWSParseOpt is the JWS Parser option.

func WithJWSDetachedPayload

func WithJWSDetachedPayload(payload []byte) JWSParseOpt

WithJWSDetachedPayload option is for definition of JWS detached payload.

type Recipient

type Recipient struct {
	Header       *RecipientHeaders `json:"header,omitempty"`
	EncryptedKey string            `json:"encrypted_key,omitempty"`
}

Recipient is a recipient of a JWE including the shared encryption key.

type RecipientHeaders

type RecipientHeaders struct {
	Alg string          `json:"alg,omitempty"`
	APU string          `json:"apu,omitempty"`
	APV string          `json:"apv,omitempty"`
	IV  string          `json:"iv,omitempty"`
	Tag string          `json:"tag,omitempty"`
	KID string          `json:"kid,omitempty"`
	EPK json.RawMessage `json:"epk,omitempty"`
}

RecipientHeaders are the recipient headers.

type SignatureVerifier

type SignatureVerifier interface {
	// Verify verifies JWS based on the signing input.
	Verify(joseHeaders Headers, payload, signingInput, signature []byte) error
}

SignatureVerifier makes verification of JSON Web Signature.

type SignatureVerifierFunc

type SignatureVerifierFunc func(joseHeaders Headers, payload, signingInput, signature []byte) error

SignatureVerifierFunc is a function wrapper for SignatureVerifier.

func (SignatureVerifierFunc) Verify

func (s SignatureVerifierFunc) Verify(joseHeaders Headers, payload, signingInput, signature []byte) error

Verify verifies JWS signature.

type Signer

type Signer interface {
	// Sign signs.
	Sign(data []byte) ([]byte, error)

	// Headers provides JWS headers. "alg" header must be provided (see https://tools.ietf.org/html/rfc7515#section-4.1)
	Headers() Headers
}

Signer defines JWS Signer interface. It makes signing of data and provides custom JWS headers relevant to the signer.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL