jws

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 3, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

README

jws

Table of Contents

Features
  • Signing a JWS (JSON Web Signature) with a DID
  • Verifying a JWS with a DID

Usage

Signing
package main

import (
    "fmt"
    "github.com/abaxxtech/abaxx-id-go/pkg/dids/didjwk"
    "github.com/abaxxtech/abaxx-id-go/pkg/jws"
)

func main() {
    did, err := didjwk.Create()
    if err != nil {
        fmt.Printf("failed to create did: %v", err)
        return
    }

    payload := map[string]interface{}{"hello": "world"}
    
    compactJWS, err := jws.Sign(payload, did)
    if err != nil {
        fmt.Printf("failed to sign: %v", err)
        return
    }

    fmt.Printf("compact JWS: %s", compactJWS)
}

Detached Content

returning a JWS with detached content can be done like so:

package main

import (
    "fmt"
    "github.com/abaxxtech/abaxx-id-go/pkg/dids/didjwk"
    "github.com/abaxxtech/abaxx-id-go/pkg/jws"
)

func main() {
    did, err := didjwk.Create()
    if err != nil {
        fmt.Printf("failed to create did: %v", err)
        return
    }

    payload := map[string]interface{}{"hello": "world"}
    
    compactJWS, err := jws.Sign(payload, did, Detached(true))
    if err != nil {
        fmt.Printf("failed to sign: %v", err)
        return
    }

    fmt.Printf("compact JWS: %s", compactJWS)
}

specifying a specific category of key associated with the provided did to sign with can be done like so:

package main

import (
    "fmt"
    "github.com/abaxxtech/abaxx-id-go/pkg/dids/didjwk"
    "github.com/abaxxtech/abaxx-id-go/pkg/jws"
)

func main() {
    bearerDID, err := didjwk.Create()
    if err != nil {
        fmt.Printf("failed to create did: %v", err)
        return
    }

    payload := map[string]interface{}{"hello": "world"}
    
    compactJWS, err := jws.Sign(payload, did, Purpose("authentication"))
    if err != nil {
        fmt.Printf("failed to sign: %v", err)
    }

    fmt.Printf("compact JWS: %s", compactJWS)
}
Verifying
package main

import (
    "fmt"
    "github.com/abaxxtech/abaxx-id-go/pkg/dids/didjwk"
    "github.com/abaxxtech/abaxx-id-go/pkg/jws"
)

func main() {
    compactJWS := "SOME_JWS"
    ok, err := jws.Verify(compactJWS)
    if (err != nil) {
        fmt.Printf("failed to verify JWS: %v", err)
    }

    if (!ok) {
        fmt.Errorf("integrity check failed")
    }
}

an error is returned if something in the process of verification failed whereas !ok means the signature is actually shot

Directory Structure
jws
├── jws.go
└── jws_test.go

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecodeSignature

func DecodeSignature(base64UrlEncodedSignature string) ([]byte, error)

DecodeSignature decodes the base64url encoded JWS signature into a byte array

func Sign

func Sign(payload []byte, did _did.BearerDID, opts ...SignOpt) (string, error)

Sign signs the provided payload with a key associated to the provided DID. if no purpose is provided, the default is "assertionMethod". Passing Detached(true) will return a compact JWS with detached content

Types

type DecodeOption

type DecodeOption func(opts *decodeOptions)

DecodeOption represents an option that can be passed to Decode or Verify.

func Payload

func Payload(p []byte) DecodeOption

Payload can be passed to Decode or Verify to provide a detached payload. More info on detached payloads can be found here.

type Decoded

type Decoded struct {
	Header    Header
	Payload   []byte
	Signature []byte
	Parts     []string
	SignerDID _did.DID
}

Decoded is a compact JWS decoded into its parts

func Decode

func Decode(jws string, opts ...DecodeOption) (Decoded, error)

Decode decodes the given JWS string into a Decoded type

Note

The given JWS input is assumed to be a compact JWS

func Verify

func Verify(compactJWS string, opts ...DecodeOption) (Decoded, error)

Verify verifies the given compactJWS by resolving the DID Document from the kid header value and using the associated public key found by resolving the DID Document

func (Decoded) Verify

func (jws Decoded) Verify() error

Verify verifies the given compactJWS by resolving the DID Document from the kid header value and using the associated public key found by resolving the DID Document

type Header struct {
	// Ide	ntifies the cryptographic algorithm used to secure the JWS. The JWS Signature value is not
	// valid if the "alg" value does not represent a supported algorithm or if there is not a key for
	// use with that algorithm associated with the party that digitally signed or MACed the content.
	//
	// "alg" values should either be registered in the IANA "JSON Web Signature and Encryption
	// Algorithms" registry or be a value that contains a Collision-Resistant Name. The "alg" value is
	// a case-sensitive ASCII string.  This Header Parameter MUST be present and MUST be understood
	// and processed by implementations.
	//
	// [Specification]: https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.1
	ALG string `json:"alg,omitempty"`
	// Key ID Header Parameter https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.4
	KID string `json:"kid,omitempty"`
	// Type Header Parameter https://datatracker.ietf.org/doc/html/rfc7515#section-4.1.9
	TYP string `json:"typ,omitempty"`
}

Header represents a JWS (JSON Web Signature) header. See [Specification] for more details. [Specification]: https://datatracker.ietf.org/doc/html/rfc7515#section-4

func DecodeHeader

func DecodeHeader(base64UrlEncodedHeader string) (Header, error)

DecodeHeader decodes the base64url encoded JWS header into a Header

func (Header) Encode

func (j Header) Encode() (string, error)

Encode returns the base64url encoded header.

type SignOpt

type SignOpt func(opts *signOpts)

func DetachedPayload

func DetachedPayload(detached bool) SignOpt

func Purpose

func Purpose(p string) SignOpt

func Type

func Type(typ string) SignOpt

func VMSelector

func VMSelector(selector didcore.VMSelector) SignOpt

func VerificationMethod

func VerificationMethod(id string) SignOpt

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL