Documentation
¶
Index ¶
Constants ¶
const ( AlgHS256 ALG = "HS256" AlgHS384 ALG = "HS384" AlgHS512 ALG = "HS512" AlgRS256 ALG = "RS256" AlgRS384 ALG = "RS384" AlgRS512 ALG = "RS512" AlgES256 ALG = "ES256" AlgES384 ALG = "ES384" AlgES512 ALG = "ES512" AlgPS256 ALG = "PS256" AlgPS384 ALG = "PS384" AlgPS512 ALG = "PS512" AlgNone ALG = "none" AlgRSA1_5 ALG = "RSA1_5" AlgRSAOAEP ALG = "RSA-OAEP" AlgRSAOAEP256 ALG = "RSA-OAEP-256" AlgA128KW ALG = "A128KW" AlgA192KW ALG = "A192KW" AlgA256KW ALG = "A256KW" AlgDir ALG = "dir" AlgECDHES ALG = "ECDH-ES" AlgECDHESA128KW ALG = "ECDH-ES+A128KW" AlgECDHESA192KW ALG = "ECDH-ES+A192KW" AlgECDHESA256KW ALG = "ECDH-ES+A256KW" AlgA128GCMKW ALG = "A128GCMKW" AlgA192GCMKW ALG = "A192GCMKW" AlgA256GCMKW ALG = "A256GCMKW" AlgPBES2HS256A128KW ALG = "PBES2-HS256+A128KW" AlgPBES2HS384A192KW ALG = "PBES2-HS384+A192KW" AlgPBES2HS512A256KW ALG = "PBES2-HS512+A256KW" AlgA128CBCHS256 ALG = "A128CBC-HS256" AlgA192CBCHS384 ALG = "A192CBC-HS384" AlgA256CBCHS512 ALG = "A256CBC-HS512" AlgA128GCM ALG = "A128GCM" AlgA192GCM ALG = "A192GCM" AlgA256GCM ALG = "A256GCM" AlgEdDSA ALG = "EdDSA" AlgRS1 ALG = "RS1" // Prohibited. AlgRSAOAEP384 ALG = "RSA-OAEP-384" AlgRSAOAEP512 ALG = "RSA-OAEP-512" AlgA128CBC ALG = "A128CBC" // Prohibited. AlgA192CBC ALG = "A192CBC" // Prohibited. AlgA256CBC ALG = "A256CBC" // Prohibited. AlgA128CTR ALG = "A128CTR" // Prohibited. AlgA192CTR ALG = "A192CTR" // Prohibited. AlgA256CTR ALG = "A256CTR" // Prohibited. AlgHS1 ALG = "HS1" // Prohibited. AlgES256K ALG = "ES256K" CrvP256 CRV = "P-256" CrvP384 CRV = "P-384" CrvP521 CRV = "P-521" CrvEd25519 CRV = "Ed25519" CrvEd448 CRV = "Ed448" CrvX25519 CRV = "X25519" CrvX448 CRV = "X448" CrvSECP256K1 CRV = "secp256k1" KeyOpsSign KEYOPS = "sign" KeyOpsVerify KEYOPS = "verify" KeyOpsEncrypt KEYOPS = "encrypt" KeyOpsDecrypt KEYOPS = "decrypt" KeyOpsWrapKey KEYOPS = "wrapKey" KeyOpsUnwrapKey KEYOPS = "unwrapKey" KeyOpsDeriveKey KEYOPS = "deriveKey" KeyOpsDeriveBits KEYOPS = "deriveBits" KtyEC KTY = "EC" KtyOKP KTY = "OKP" KtyRSA KTY = "RSA" KtyOct KTY = "oct" UseEnc USE = "enc" UseSig USE = "sig" )
These are string constants set in https://www.iana.org/assignments/jose/jose.xhtml See their respective types for more information.
const (
// HeaderKID is a JWT header for the key ID.
HeaderKID = "kid"
)
Variables ¶
var ( // ErrGetX5U indicates there was an error getting the X5U remote resource. ErrGetX5U = errors.New("failed to get X5U via given URI") // ErrJWKValidation indicates that a JWK failed to validate. ErrJWKValidation = errors.New("failed to validate JWK") // ErrKeyUnmarshalParameter indicates that a JWK's attributes are invalid and cannot be unmarshaled. ErrKeyUnmarshalParameter = errors.New("unable to unmarshal JWK due to invalid attributes") // ErrOptions indicates that the given options caused an error. ErrOptions = errors.New("the given options caused an error") // ErrUnsupportedKey indicates a key is not supported. ErrUnsupportedKey = errors.New("unsupported key") // ErrX509Mismatch indicates that the X.509 certificate does not match the key. ErrX509Mismatch = errors.New("the X.509 certificate does not match Golang key type") )
Functions ¶
func ValidateJWK ¶
Types ¶
type ALG ¶
type ALG string
ALG is a set of "JSON Web Signature and Encryption Algorithms" types from https://www.iana.org/assignments/jose/jose.xhtml as defined in https://www.rfc-editor.org/rfc/rfc7518#section-7.1
func (ALG) IANARegistered ¶
type Base64 ¶
type Base64 []byte
func (*Base64) MarshalJSON ¶
func (*Base64) UnmarshalJSON ¶
Trailing padding is required to be removed from base64url encoded keys. RFC 7517 defines base64url the same as RFC 7515 Section 2: https://datatracker.ietf.org/doc/html/rfc7517#section-1.1 https://datatracker.ietf.org/doc/html/rfc7515#section-2
type CRV ¶
type CRV string
CRV is a set of "JSON Web Key Elliptic Curve" types from https://www.iana.org/assignments/jose/jose.xhtml as mentioned in https://www.rfc-editor.org/rfc/rfc7518.html#section-6.2.1.1
func (CRV) IANARegistered ¶
type JWK ¶
type JWK struct {
KTY KTY `json:"kty,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.1
USE USE `json:"use,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.2
KEYOPS []KEYOPS `json:"key_ops,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.3
ALG ALG `json:"alg,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.4 and https://www.rfc-editor.org/rfc/rfc7518#section-4.1
KID string `json:"kid,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.5
X5U string `json:"x5u,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.6
X5C []string `json:"x5c,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.7
X5T string `json:"x5t,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.8
X5TS256 string `json:"x5t#S256,omitempty"` // https://www.rfc-editor.org/rfc/rfc7517#section-4.9
CRV CRV `json:"crv,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.2.1.1 and https://www.rfc-editor.org/rfc/rfc8037.html#section-2
X Base64 `json:"x,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.2.1.2 and https://www.rfc-editor.org/rfc/rfc8037.html#section-2
Y Base64 `json:"y,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.2.1.3
D Base64 `json:"d,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.1 and https://www.rfc-editor.org/rfc/rfc7518#section-6.2.2.1 and https://www.rfc-editor.org/rfc/rfc8037.html#section-2
N Base64 `json:"n,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.1.1
E Base64 `json:"e,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.1.2
P Base64 `json:"p,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.2
Q Base64 `json:"q,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.3
DP Base64 `json:"dp,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.4
DQ Base64 `json:"dq,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.5
QI Base64 `json:"qi,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.6
OTH []OtherPrimes `json:"oth,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.7
K Base64 `json:"k,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.4.1
}
JWK is used to marshal or unmarshal a JSON Web Key. https://www.rfc-editor.org/rfc/rfc7517 https://www.rfc-editor.org/rfc/rfc7518 https://www.rfc-editor.org/rfc/rfc8037
You can find the full list at https://www.iana.org/assignments/jose/jose.xhtml under "JSON Web Key Parameters".
func (*JWK) PrivateKey ¶
func (jwk *JWK) PrivateKey() interface{}
func (*JWK) X509 ¶
func (jwk *JWK) X509() []*x509.Certificate
type KEYOPS ¶
type KEYOPS string
KEYOPS is a set of "JSON Web Key Operations" from https://www.iana.org/assignments/jose/jose.xhtml as mentioned in https://www.rfc-editor.org/rfc/rfc7517#section-4.3
func (KEYOPS) IANARegistered ¶
type KTY ¶
type KTY string
KTY is a set of "JSON Web Key Types" from https://www.iana.org/assignments/jose/jose.xhtml as mentioned in https://www.rfc-editor.org/rfc/rfc7517#section-4.1
func (KTY) IANARegistered ¶
type OtherPrimes ¶
type OtherPrimes struct {
R string `json:"r,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.7.1
D string `json:"d,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.7.2
T string `json:"t,omitempty"` // https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.7.3
}
OtherPrimes is for RSA private keys that have more than 2 primes. https://www.rfc-editor.org/rfc/rfc7518#section-6.3.2.7
type USE ¶
type USE string
USE is a set of "JSON Web Key Use" types from https://www.iana.org/assignments/jose/jose.xhtml as mentioned in https://www.rfc-editor.org/rfc/rfc7517#section-4.2
Source Files