Documentation ¶
Index ¶
- Constants
- Variables
- func IsCompactJWS(s string) bool
- type AlgSignatureVerifier
- type CompositeAlgSigVerifier
- type Decrypter
- type EncAlg
- type Encrypter
- type Headers
- type JSONWebEncryption
- type JSONWebSignature
- type JWEDecrypt
- type JWEEncrypt
- type JWK
- type JWSParseOpt
- type Recipient
- type RecipientHeaders
- type SignatureVerifier
- type SignatureVerifierFunc
- type Signer
Constants ¶
const ( // HeaderAlgorithm identifies: // For JWS: the cryptographic algorithm used to secure the JWS. // For JWE: the cryptographic algorithm used to encrypt or determine the value of the CEK. HeaderAlgorithm = "alg" // string // HeaderEncryption identifies the JWE content encryption algorithm. HeaderEncryption = "enc" // string // HeaderJWKSetURL is a URI that refers to a resource for a set of JSON-encoded public keys, one of which: // For JWS: corresponds to the key used to digitally sign the JWS. // For JWE: corresponds to the public key to which the JWE was encrypted. HeaderJWKSetURL = "jku" // string // HeaderJSONWebKey is: // For JWS: the public key that corresponds to the key used to digitally sign the JWS. // For JWE: the public key to which the JWE was encrypted. HeaderJSONWebKey = "jwk" // JSON // HeaderKeyID is a hint: // For JWS: indicating which key was used to secure the JWS. // For JWE: which references the public key to which the JWE was encrypted. HeaderKeyID = "kid" // string // HeaderSenderKeyID is a hint: // For JWS: not used. // For JWE: which references the (sender) public key used in the JWE key derivation/wrapping to encrypt the CEK. HeaderSenderKeyID = "skid" // string // HeaderX509URL is a URI that refers to a resource for the X.509 public key certificate or certificate chain: // For JWS: corresponding to the key used to digitally sign the JWS. // For JWE: corresponding to the public key to which the JWE was encrypted. HeaderX509URL = "x5u" // HeaderX509CertificateChain contains the X.509 public key certificate or certificate chain: // For JWS: corresponding to the key used to digitally sign the JWS. // For JWE: corresponding to the public key to which the JWE was encrypted. HeaderX509CertificateChain = "x5c" // HeaderX509CertificateDigest (X.509 certificate SHA-1 thumbprint) is a base64url-encoded // SHA-1 thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate: // For JWS: corresponding to the key used to digitally sign the JWS. // For JWE: corresponding to the public key to which the JWE was encrypted. HeaderX509CertificateDigestSha1 = "x5t" // HeaderX509CertificateDigestSha256 (X.509 certificate SHA-256 thumbprint) is a base64url-encoded SHA-256 // thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate: // For JWS: corresponding to the key used to digitally sign the JWS. // For JWE: corresponding to the public key to which the JWE was encrypted. HeaderX509CertificateDigestSha256 = "x5t#S256" // string // HeaderType is: // For JWS: used by JWS applications to declare the media type of this complete JWS. // For JWE: used by JWE applications to declare the media type of this complete JWE. HeaderType = "typ" // string // HeaderContentType is used by JWS applications to declare the media type of: // For JWS: the secured content (the payload). // For JWE: the secured content (the plaintext). HeaderContentType = "cty" // string // HeaderCritical indicates that extensions to: // For JWS: this JWS header specification and/or JWA are being used that MUST be understood and processed. // For JWE: this JWE header specification and/or JWA are being used that MUST be understood and processed. HeaderCritical = "crit" // array // HeaderEPK is used by JWE applications to wrap/unwrap the CEK for a recipient. HeaderEPK = "epk" // JSON )
IANA registered JOSE headers (https://tools.ietf.org/html/rfc7515#section-4.1)
const ( // HeaderB64 determines whether the payload is represented in the JWS and the JWS Signing // Input as ASCII(BASE64URL(JWS Payload)) or as the JWS Payload value itself with no encoding performed. HeaderB64Payload = "b64" // bool // A256GCMALG is the default content encryption algorithm value as per // the JWA specification: https://tools.ietf.org/html/rfc7518#section-5.1 A256GCMALG = "A256GCM" // XC20PALG represented XChacha20Poly1305 content encryption algorithm value. XC20PALG = "XC20P" // DIDCommEncType representing the JWE 'Typ' protected type header. DIDCommEncType = "didcomm-envelope-enc" )
Header defined in https://tools.ietf.org/html/rfc7797
const ( // A256GCM for AES256GCM content encryption. A256GCM = EncAlg(A256GCMALG) // XC20P for XChacha20Poly1305 content encryption. XC20P = EncAlg(XC20PALG) )
Variables ¶
var ErrInvalidKey = errors.New("invalid JWK")
ErrInvalidKey is returned when passed JWK is invalid.
Functions ¶
func IsCompactJWS ¶
IsCompactJWS checks weather input is a compact JWS (based on https://tools.ietf.org/html/rfc7516#section-9)
Types ¶
type AlgSignatureVerifier ¶
type AlgSignatureVerifier struct { Alg string Verifier SignatureVerifier }
AlgSignatureVerifier defines verifier for particular signature algorithm.
type CompositeAlgSigVerifier ¶
type CompositeAlgSigVerifier struct {
// contains filtered or unexported fields
}
CompositeAlgSigVerifier defines composite signature verifier based on the algorithm taken from JOSE header alg.
func NewCompositeAlgSigVerifier ¶
func NewCompositeAlgSigVerifier(v AlgSignatureVerifier, vOther ...AlgSignatureVerifier) *CompositeAlgSigVerifier
NewCompositeAlgSigVerifier creates a new CompositeAlgSigVerifier.
type Decrypter ¶
type Decrypter interface { // Decrypt a deserialized JWE, extracts the corresponding recipient key to decrypt plaintext and returns it Decrypt(jwe *JSONWebEncryption) ([]byte, error) }
Decrypter interface to Decrypt JWE messages.
type Encrypter ¶
type Encrypter interface { // EncryptWithAuthData encrypt plaintext and aad sent to more than 1 recipients and returns a valid // JSONWebEncryption instance EncryptWithAuthData(plaintext, aad []byte) (*JSONWebEncryption, error) // Encrypt plaintext with empty aad sent to 1 or more recipients and returns a valid JSONWebEncryption instance Encrypt(plaintext []byte) (*JSONWebEncryption, error) }
Encrypter interface to Encrypt/Decrypt JWE messages.
type Headers ¶
type Headers map[string]interface{}
Headers represents JOSE headers.
func (Headers) Encryption ¶
Encryption gets content encryption algorithm from JOSE headers.
func (Headers) SenderKeyID ¶
SenderKeyID gets the sender Key ID from Jose headers.
type JSONWebEncryption ¶
type JSONWebEncryption struct { ProtectedHeaders Headers OrigProtectedHders string UnprotectedHeaders Headers Recipients []*Recipient AAD string IV string Ciphertext string Tag string }
JSONWebEncryption represents a JWE as defined in https://tools.ietf.org/html/rfc7516.
func Deserialize ¶
func Deserialize(serializedJWE string) (*JSONWebEncryption, error)
Deserialize deserializes the given serialized JWE into a JSONWebEncryption object.
func (*JSONWebEncryption) CompactSerialize ¶
func (e *JSONWebEncryption) CompactSerialize(marshal marshalFunc) (string, error)
CompactSerialize serializes the given JWE into a compact, URL-safe string as defined in https://tools.ietf.org/html/rfc7516#section-7.1.
func (*JSONWebEncryption) FullSerialize ¶
func (e *JSONWebEncryption) FullSerialize(marshal marshalFunc) (string, error)
FullSerialize serializes the given JWE into JSON as defined in https://tools.ietf.org/html/rfc7516#section-7.2. The full serialization syntax is used. If there is only one recipient, then the flattened syntax is used.
type JSONWebSignature ¶
type JSONWebSignature struct { ProtectedHeaders Headers UnprotectedHeaders Headers Payload []byte // contains filtered or unexported fields }
JSONWebSignature defines JSON Web Signature (https://tools.ietf.org/html/rfc7515)
func NewJWS ¶
func NewJWS(protectedHeaders, unprotectedHeaders Headers, payload []byte, signer Signer) (*JSONWebSignature, error)
NewJWS creates JSON Web Signature.
func ParseJWS ¶
func ParseJWS(jws string, verifier SignatureVerifier, opts ...JWSParseOpt) (*JSONWebSignature, error)
ParseJWS parses serialized JWS. Currently only JWS Compact Serialization parsing is supported.
func (JSONWebSignature) SerializeCompact ¶
func (s JSONWebSignature) SerializeCompact(detached bool) (string, error)
SerializeCompact makes JWS Compact Serialization (https://tools.ietf.org/html/rfc7515#section-7.1)
func (JSONWebSignature) Signature ¶
func (s JSONWebSignature) Signature() []byte
Signature returns a copy of JWS signature.
type JWEDecrypt ¶
type JWEDecrypt struct {
// contains filtered or unexported fields
}
JWEDecrypt is responsible for decrypting a JWE message and returns its protected plaintext.
func NewJWEDecrypt ¶
func NewJWEDecrypt(store storage.Store, c cryptoapi.Crypto, k kms.KeyManager) *JWEDecrypt
NewJWEDecrypt creates a new JWEDecrypt instance to parse and decrypt a JWE message for a given recipient store is needed for Authcrypt only (to fetch sender's pre agreed upon public key), it is not needed for Anoncrypt.
func (*JWEDecrypt) Decrypt ¶
func (jd *JWEDecrypt) Decrypt(jwe *JSONWebEncryption) ([]byte, error)
Decrypt a deserialized JWE, decrypts its protected content and returns plaintext.
type JWEEncrypt ¶
type JWEEncrypt struct {
// contains filtered or unexported fields
}
JWEEncrypt is responsible for encrypting a plaintext and its AAD into a protected JWE and decrypting it.
func NewJWEEncrypt ¶
func NewJWEEncrypt(encAlg EncAlg, encType, senderKID string, senderKH *keyset.Handle, recipientsPubKeys []*cryptoapi.PublicKey, crypto cryptoapi.Crypto) (*JWEEncrypt, error)
NewJWEEncrypt creates a new JWEEncrypt instance to build JWE with recipientsPubKeys senderKID and senderKH are used for Authcrypt (to authenticate the sender), if not set JWEEncrypt assumes Anoncrypt.
func (*JWEEncrypt) Encrypt ¶
func (je *JWEEncrypt) Encrypt(plaintext []byte) (*JSONWebEncryption, error)
Encrypt encrypt plaintext with AAD and returns a JSONWebEncryption instance to serialize a JWE instance.
func (*JWEEncrypt) EncryptWithAuthData ¶
func (je *JWEEncrypt) EncryptWithAuthData(plaintext, aad []byte) (*JSONWebEncryption, error)
EncryptWithAuthData encrypt plaintext with AAD and returns a JSONWebEncryption instance to serialize a JWE instance.
type JWK ¶
JWK (JSON Web Key) is a JSON data structure that represents a cryptographic key.
func JWEFromX25519Key ¶
JWEFromX25519Key is similar to JWKFromPublicKey but is specific to X25519 keys when using a public key as raw []byte. This builder function presets the curve and key type in the JWK. Using JWKFromPublicKey for X25519 raw keys will not have these fields set and will not provide the right JWK output.
func JWKFromPublicKey ¶
JWKFromPublicKey creates a JWK from public key struct. It's e.g. *ecdsa.PublicKey or ed25519.VerificationMethod.
func (*JWK) MarshalJSON ¶
MarshalJSON serializes the given key to its JSON representation.
func (*JWK) PublicKeyBytes ¶
PublicKeyBytes converts a public key to bytes.
func (*JWK) UnmarshalJSON ¶
UnmarshalJSON reads a key from its JSON representation.
type JWSParseOpt ¶
type JWSParseOpt func(opts *jwsParseOpts)
JWSParseOpt is the JWS Parser option.
func WithJWSDetachedPayload ¶
func WithJWSDetachedPayload(payload []byte) JWSParseOpt
WithJWSDetachedPayload option is for definition of JWS detached payload.
type Recipient ¶
type Recipient struct { Header *RecipientHeaders `json:"header,omitempty"` EncryptedKey string `json:"encrypted_key,omitempty"` }
Recipient is a recipient of a JWE including the shared encryption key.
type RecipientHeaders ¶
type RecipientHeaders struct { Alg string `json:"alg,omitempty"` APU string `json:"apu,omitempty"` APV string `json:"apv,omitempty"` IV string `json:"iv,omitempty"` Tag string `json:"tag,omitempty"` KID string `json:"kid,omitempty"` EPK json.RawMessage `json:"epk,omitempty"` }
RecipientHeaders are the recipient headers.
type SignatureVerifier ¶
type SignatureVerifier interface { // Verify verifies JWS based on the signing input. Verify(joseHeaders Headers, payload, signingInput, signature []byte) error }
SignatureVerifier makes verification of JSON Web Signature.
type SignatureVerifierFunc ¶
SignatureVerifierFunc is a function wrapper for SignatureVerifier.
type Signer ¶
type Signer interface { // Sign signs. Sign(data []byte) ([]byte, error) // Headers provides JWS headers. "alg" header must be provided (see https://tools.ietf.org/html/rfc7515#section-4.1) Headers() Headers }
Signer defines JWS Signer interface. It makes signing of data and provides custom JWS headers relevant to the signer.