Documentation
¶
Index ¶
- func ResolveSigningVM(kid string, didResolver didResolver) (*did.VerificationMethod, string, error)
- func ResolveSigningVMWithRelationship(kid string, didResolver didResolver) (*did.VerificationMethod, string, string, error)
- func SignJWT(headers, claims map[string]interface{}, kid string, ...) (string, error)
- func VerifyJWT(compactJWT string, didResolver didResolver) error
- type PublicKeyFetcher
- type Signer
- type SignerGetter
- type VDRKeyResolver
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ResolveSigningVM ¶
func ResolveSigningVM(kid string, didResolver didResolver) (*did.VerificationMethod, string, error)
ResolveSigningVM resolves a DID KeyID using the given did resolver, and returns either:
- the Verification Method identified by the given key ID, or
- the first Assertion Method in the DID doc, if the DID provided has no fragment component.
Returns:
- a verification method suitable for signing.
- the full DID#KID identifier of the returned verification method.
func ResolveSigningVMWithRelationship ¶
func ResolveSigningVMWithRelationship( kid string, didResolver didResolver, ) (*did.VerificationMethod, string, string, error)
ResolveSigningVMWithRelationship resolves a DID KeyID using the given did resolver, and returns either:
- the Verification Method identified by the given key ID, or
- the first Assertion Method in the DID doc, if the DID provided has no fragment component.
Returns:
- a verification method suitable for signing.
- the full DID#KID identifier of the returned verification method.
- the name of the signing-supporting verification relationship found for this verification method.
func SignJWT ¶
func SignJWT( headers, claims map[string]interface{}, kid string, signerProvider SignerGetter, didResolver didResolver, ) (string, error)
SignJWT signs a JWT using a key in the given KMS, identified by an owned DID.
Args: - Headers to include in the created JWT. - Claims for the created JWT. - The ID of the key to use for signing, as a DID, either with a fragment identifier to specify a verification method, or without, in which case the first Authentication or Assertion verification method is used. - A SignerGetter that can provide a signer when given the key ID for the signing key. - A VDR that can resolve the provided DID.
Types ¶
type PublicKeyFetcher ¶
PublicKeyFetcher fetches public key for JWT signing verification based on Issuer ID (possibly DID) and Key ID. If not defined, JWT encoding is not tested.
type SignerGetter ¶
type SignerGetter func(vm *did.VerificationMethod) (Signer, error)
SignerGetter creates a signer that signs with the private key corresponding to the given public key.
func UseDefaultSigner ¶
func UseDefaultSigner(r keyReader, s cryptoSigner) SignerGetter
UseDefaultSigner provides SignJWT with a signer that uses the given KMS and Crypto instances.
type VDRKeyResolver ¶
type VDRKeyResolver struct {
// contains filtered or unexported fields
}
VDRKeyResolver resolves DID in order to find public keys for VC verification using vdr.Registry. A source of DID could be issuer of VC or holder of VP. It can be also obtained from JWS "issuer" claim or "verificationMethod" of Linked Data Proof.
func NewVDRKeyResolver ¶
func NewVDRKeyResolver(vdr didResolver) *VDRKeyResolver
NewVDRKeyResolver creates VDRKeyResolver.
func (*VDRKeyResolver) PublicKeyFetcher ¶
func (r *VDRKeyResolver) PublicKeyFetcher() PublicKeyFetcher
PublicKeyFetcher returns Public Key Fetcher via DID resolution mechanism.
Source Files