crypto

package
v0.0.0-...-920a7e7 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 31, 2023 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Ed25519   KeyType = "Ed25519"
	X25519    KeyType = "X25519"
	SECP256k1 KeyType = "secp256k1"
	P224      KeyType = "P-224"
	P256      KeyType = "P-256"
	P384      KeyType = "P-384"
	P521      KeyType = "P-521"
	RSA       KeyType = "RSA"

	RSAKeySize int = 2048
)

Variables

This section is empty.

Functions

func AlgFromKeyAndCurve

func AlgFromKeyAndCurve(kty jwa.KeyType, crv jwa.EllipticCurveAlgorithm) (jwa.SignatureAlgorithm, error)

AlgFromKeyAndCurve returns the supported JSON Web Algorithm for signing for a given key type and curve pair The curve parameter is optional (e.g. "") as in the case of RSA.

func BytesToPrivKey

func BytesToPrivKey(keyBytes []byte, kt KeyType) (crypto.PrivateKey, error)

BytesToPrivKey reconstructs a private key given some bytes and a target key type It is assumed the key was turned into byte form using the sibling method `PrivKeyToBytes`

func BytesToPubKey

func BytesToPubKey(keyBytes []byte, kt KeyType) (crypto.PublicKey, error)

BytesToPubKey reconstructs a public key given some bytes and a target key type It is assumed the key was turned into byte form using the sibling method `PubKeyToBytes`

func GenerateEd25519Key

func GenerateEd25519Key() (ed25519.PublicKey, ed25519.PrivateKey, error)

func GenerateKeyByKeyType

func GenerateKeyByKeyType(kt KeyType) (crypto.PublicKey, crypto.PrivateKey, error)

GenerateKeyByKeyType creates a brand-new key, returning the public and private key for the given key type

func GenerateP224Key

func GenerateP224Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateP256Key

func GenerateP256Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateP384Key

func GenerateP384Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateP521Key

func GenerateP521Key() (ecdsa.PublicKey, ecdsa.PrivateKey, error)

func GenerateRSA2048Key

func GenerateRSA2048Key() (rsa.PublicKey, rsa.PrivateKey, error)

func GenerateSECP256k1Key

func GenerateSECP256k1Key() (secp.PublicKey, secp.PrivateKey, error)

func GenerateX25519Key

func GenerateX25519Key() (x25519.PublicKey, x25519.PrivateKey, error)

func GetCRVFromJWK

func GetCRVFromJWK(key jwk.Key) (string, error)

func GetSupportedJWTSigningVerificationAlgorithms

func GetSupportedJWTSigningVerificationAlgorithms() []jwa.SignatureAlgorithm

GetSupportedJWTSigningVerificationAlgorithms returns a list of supported signing and verifying algorithms for JWTs

func IsSupportedJWTSigningVerificationAlgorithm

func IsSupportedJWTSigningVerificationAlgorithm(algorithm jwa.SignatureAlgorithm) bool

IsSupportedJWTSigningVerificationAlgorithm returns true if the algorithm is supported for signing or verifying JWTs

func IsSupportedKeyType

func IsSupportedKeyType(kt KeyType) bool

func IsSupportedSignatureAlg

func IsSupportedSignatureAlg(sa SignatureAlgorithm) bool

func PrivKeyToBytes

func PrivKeyToBytes(key crypto.PrivateKey) ([]byte, error)

PrivKeyToBytes constructs a byte representation of a private key, for a set number of supported key types

func PrivateKeyToJWK

func PrivateKeyToJWK(key crypto.PrivateKey) (jwk.Key, error)

PrivateKeyToJWK converts a private key to a JWK

func PrivateKeyToPrivateKeyJWK

func PrivateKeyToPrivateKeyJWK(key crypto.PrivateKey) (*PublicKeyJWK, *PrivateKeyJWK, error)

PrivateKeyToPrivateKeyJWK converts a private key to a PrivateKeyJWK

func PubKeyToBytes

func PubKeyToBytes(key crypto.PublicKey) ([]byte, error)

PubKeyToBytes constructs a byte representation of a public key, for a set number of supported key types

func PublicKeyToJWK

func PublicKeyToJWK(key crypto.PublicKey) (jwk.Key, error)

PublicKeyToJWK converts a public key to a JWK

Types

type HashType

type HashType string
const (
	SHA256 HashType = "SHA256"
)

type JWTSigner

type JWTSigner struct {
	jwa.SignatureAlgorithm
	jwk.Key
}

JWTSigner is a struct that contains the key and algorithm used to sign JWTs

func NewJWTSigner

func NewJWTSigner(kid string, key crypto.PrivateKey) (*JWTSigner, error)

func NewJWTSignerFromJWK

func NewJWTSignerFromJWK(kid string, key PrivateKeyJWK) (*JWTSigner, error)

func NewJWTSignerFromKey

func NewJWTSignerFromKey(kid string, key jwk.Key) (*JWTSigner, error)

func (*JWTSigner) GetSigningAlgorithm

func (s *JWTSigner) GetSigningAlgorithm() string

GetSigningAlgorithm returns the algorithm used to sign the JWT

func (*JWTSigner) ParseJWT

func (*JWTSigner) ParseJWT(token string) (jwt.Token, error)

ParseJWT attempts to turn a string into a jwt.Token

func (*JWTSigner) SignJWT

func (s *JWTSigner) SignJWT(kvs map[string]interface{}) ([]byte, error)

SignJWT takes a set of JWT keys and values to add to a JWT before singing them with the key defined in the signer

func (*JWTSigner) ToVerifier

func (s *JWTSigner) ToVerifier() (*JWTVerifier, error)

type JWTVerifier

type JWTVerifier struct {
	jwk.Key
}

JWTVerifier is a struct that contains the key and algorithm used to verify JWTs

func NewJWTVerifier

func NewJWTVerifier(kid string, key crypto.PublicKey) (*JWTVerifier, error)

func NewJWTVerifierFromJWK

func NewJWTVerifierFromJWK(kid string, key PublicKeyJWK) (*JWTVerifier, error)

func NewJWTVerifierFromKey

func NewJWTVerifierFromKey(kid string, key jwk.Key) (*JWTVerifier, error)

func (*JWTVerifier) ParseJWS

func (*JWTVerifier) ParseJWS(token string) (*jws.Signature, error)

ParseJWS attempts to pull of a single signature from a token, containing its headers

func (*JWTVerifier) ParseJWT

func (*JWTVerifier) ParseJWT(token string) (jwt.Token, error)

ParseJWT attempts to turn a string into a jwt.Token

func (*JWTVerifier) VerifyAndParseJWT

func (v *JWTVerifier) VerifyAndParseJWT(token string) (jwt.Token, error)

VerifyAndParseJWT attempts to turn a string into a jwt.Token and verify its signature using the verifier

func (*JWTVerifier) VerifyJWS

func (v *JWTVerifier) VerifyJWS(token string) error

VerifyJWS parses a token given the verifier's known algorithm and key, and returns an error, which is nil upon success.

func (*JWTVerifier) VerifyJWT

func (v *JWTVerifier) VerifyJWT(token string) error

VerifyJWT parses a token given the verifier's known algorithm and key, and returns an error, which is nil upon success

type KeyType

type KeyType string

func GetKeyTypeFromPrivateKey

func GetKeyTypeFromPrivateKey(key crypto.PrivateKey) (KeyType, error)

GetKeyTypeFromPrivateKey returns the key type of a private key for known key types

func GetSupportedKeyTypes

func GetSupportedKeyTypes() []KeyType

func (KeyType) String

func (kt KeyType) String() string

type PrivateKeyJWK

type PrivateKeyJWK struct {
	KTY    string `json:"kty" validate:"required"`
	CRV    string `json:"crv,omitempty"`
	X      string `json:"x,omitempty"`
	Y      string `json:"y,omitempty"`
	N      string `json:"n,omitempty"`
	E      string `json:"e,omitempty"`
	Use    string `json:"use,omitempty"`
	KeyOps string `json:"key_ops,omitempty"`
	Alg    string `json:"alg,omitempty"`
	KID    string `json:"kid,omitempty"`
	D      string `json:"d,omitempty"`
	DP     string `json:"dp,omitempty"`
	DQ     string `json:"dq,omitempty"`
	P      string `json:"p,omitempty"`
	Q      string `json:"q,omitempty"`
	QI     string `json:"qi,omitempty"`
}

PrivateKeyJWK complies with RFC7517 https://datatracker.ietf.org/doc/html/rfc7517

func JWKToPrivateKeyJWK

func JWKToPrivateKeyJWK(key jwk.Key) (*PrivateKeyJWK, error)

JWKToPrivateKeyJWK converts a JWK to a PrivateKeyJWK

type Proof

type Proof interface{}

type PublicKeyJWK

type PublicKeyJWK struct {
	KTY    string `json:"kty" validate:"required"`
	CRV    string `json:"crv,omitempty"`
	X      string `json:"x,omitempty"`
	Y      string `json:"y,omitempty"`
	N      string `json:"n,omitempty"`
	E      string `json:"e,omitempty"`
	Use    string `json:"use,omitempty"`
	KeyOps string `json:"key_ops,omitempty"`
	Alg    string `json:"alg,omitempty"`
	KID    string `json:"kid,omitempty"`
}

PublicKeyJWK complies with RFC7517 https://datatracker.ietf.org/doc/html/rfc7517

func JWKToPublicKeyJWK

func JWKToPublicKeyJWK(key jwk.Key) (*PublicKeyJWK, error)

JWKToPublicKeyJWK converts a JWK to a PublicKeyJWK

func PublicKeyToPublicKeyJWK

func PublicKeyToPublicKeyJWK(key crypto.PublicKey) (*PublicKeyJWK, error)

PublicKeyToPublicKeyJWK converts a public key to a PublicKeyJWK

type SignatureAlgorithm

type SignatureAlgorithm string
const (
	// EdDSA uses an ed25519 key
	EdDSA SignatureAlgorithm = "EdDSA"
	// ES256K uses a secp256k1 key
	ES256K SignatureAlgorithm = "ES256K"
	// ES256 uses a p-256 curve key
	ES256 SignatureAlgorithm = "ES256"
	// ES384 uses a p-384 curve key
	ES384 SignatureAlgorithm = "ES384"
	// PS256 uses a 2048-bit RSA key
	PS256 SignatureAlgorithm = "PS256"
)

func GetSupportedSignatureAlgs

func GetSupportedSignatureAlgs() []SignatureAlgorithm

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL