jwa

package
v2.0.18 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 3, 2023 License: MIT Imports: 3 Imported by: 427

README

JWA Go Reference

Package github.com/lestrrat-go/jwx/v2/jwa defines the various algorithm described in RFC7518

Documentation

Overview

Package jwa defines the various algorithm described in https://tools.ietf.org/html/rfc7518

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterCompressionAlgorithm added in v2.0.10

func RegisterCompressionAlgorithm(v CompressionAlgorithm)

RegisterCompressionAlgorithm registers a new CompressionAlgorithm so that the jwx can properly handle the new value. Duplicates will silently be ignored

func RegisterContentEncryptionAlgorithm added in v2.0.10

func RegisterContentEncryptionAlgorithm(v ContentEncryptionAlgorithm)

RegisterContentEncryptionAlgorithm registers a new ContentEncryptionAlgorithm so that the jwx can properly handle the new value. Duplicates will silently be ignored

func RegisterEllipticCurveAlgorithm added in v2.0.10

func RegisterEllipticCurveAlgorithm(v EllipticCurveAlgorithm)

RegisterEllipticCurveAlgorithm registers a new EllipticCurveAlgorithm so that the jwx can properly handle the new value. Duplicates will silently be ignored

func RegisterKeyEncryptionAlgorithm added in v2.0.10

func RegisterKeyEncryptionAlgorithm(v KeyEncryptionAlgorithm)

RegisterKeyEncryptionAlgorithm registers a new KeyEncryptionAlgorithm so that the jwx can properly handle the new value. Duplicates will silently be ignored

func RegisterKeyType added in v2.0.10

func RegisterKeyType(v KeyType)

RegisterKeyType registers a new KeyType so that the jwx can properly handle the new value. Duplicates will silently be ignored

func RegisterSignatureAlgorithm added in v2.0.10

func RegisterSignatureAlgorithm(v SignatureAlgorithm)

RegisterSignatureAlgorithm registers a new SignatureAlgorithm so that the jwx can properly handle the new value. Duplicates will silently be ignored

func UnregisterCompressionAlgorithm added in v2.0.10

func UnregisterCompressionAlgorithm(v CompressionAlgorithm)

UnregisterCompressionAlgorithm unregisters a CompressionAlgorithm from its known database. Non-existentn entries will silently be ignored

func UnregisterContentEncryptionAlgorithm added in v2.0.10

func UnregisterContentEncryptionAlgorithm(v ContentEncryptionAlgorithm)

UnregisterContentEncryptionAlgorithm unregisters a ContentEncryptionAlgorithm from its known database. Non-existentn entries will silently be ignored

func UnregisterEllipticCurveAlgorithm added in v2.0.10

func UnregisterEllipticCurveAlgorithm(v EllipticCurveAlgorithm)

UnregisterEllipticCurveAlgorithm unregisters a EllipticCurveAlgorithm from its known database. Non-existentn entries will silently be ignored

func UnregisterKeyEncryptionAlgorithm added in v2.0.10

func UnregisterKeyEncryptionAlgorithm(v KeyEncryptionAlgorithm)

UnregisterKeyEncryptionAlgorithm unregisters a KeyEncryptionAlgorithm from its known database. Non-existentn entries will silently be ignored

func UnregisterKeyType added in v2.0.10

func UnregisterKeyType(v KeyType)

UnregisterKeyType unregisters a KeyType from its known database. Non-existentn entries will silently be ignored

func UnregisterSignatureAlgorithm added in v2.0.10

func UnregisterSignatureAlgorithm(v SignatureAlgorithm)

UnregisterSignatureAlgorithm unregisters a SignatureAlgorithm from its known database. Non-existentn entries will silently be ignored

Types

type CompressionAlgorithm

type CompressionAlgorithm string

CompressionAlgorithm represents the compression algorithms as described in https://tools.ietf.org/html/rfc7518#section-7.3

const (
	Deflate    CompressionAlgorithm = "DEF" // DEFLATE (RFC 1951)
	NoCompress CompressionAlgorithm = ""    // No compression
)

Supported values for CompressionAlgorithm

func CompressionAlgorithms

func CompressionAlgorithms() []CompressionAlgorithm

CompressionAlgorithms returns a list of all available values for CompressionAlgorithm

func (*CompressionAlgorithm) Accept

func (v *CompressionAlgorithm) Accept(value interface{}) error

Accept is used when conversion from values given by outside sources (such as JSON payloads) is required

func (CompressionAlgorithm) String

func (v CompressionAlgorithm) String() string

String returns the string representation of a CompressionAlgorithm

type ContentEncryptionAlgorithm

type ContentEncryptionAlgorithm string

ContentEncryptionAlgorithm represents the various encryption algorithms as described in https://tools.ietf.org/html/rfc7518#section-5

const (
	A128CBC_HS256 ContentEncryptionAlgorithm = "A128CBC-HS256" // AES-CBC + HMAC-SHA256 (128)
	A128GCM       ContentEncryptionAlgorithm = "A128GCM"       // AES-GCM (128)
	A192CBC_HS384 ContentEncryptionAlgorithm = "A192CBC-HS384" // AES-CBC + HMAC-SHA384 (192)
	A192GCM       ContentEncryptionAlgorithm = "A192GCM"       // AES-GCM (192)
	A256CBC_HS512 ContentEncryptionAlgorithm = "A256CBC-HS512" // AES-CBC + HMAC-SHA512 (256)
	A256GCM       ContentEncryptionAlgorithm = "A256GCM"       // AES-GCM (256)
)

Supported values for ContentEncryptionAlgorithm

func ContentEncryptionAlgorithms

func ContentEncryptionAlgorithms() []ContentEncryptionAlgorithm

ContentEncryptionAlgorithms returns a list of all available values for ContentEncryptionAlgorithm

func (*ContentEncryptionAlgorithm) Accept

func (v *ContentEncryptionAlgorithm) Accept(value interface{}) error

Accept is used when conversion from values given by outside sources (such as JSON payloads) is required

func (ContentEncryptionAlgorithm) String

String returns the string representation of a ContentEncryptionAlgorithm

type EllipticCurveAlgorithm

type EllipticCurveAlgorithm string

EllipticCurveAlgorithm represents the algorithms used for EC keys

const (
	Ed25519              EllipticCurveAlgorithm = "Ed25519"
	Ed448                EllipticCurveAlgorithm = "Ed448"
	InvalidEllipticCurve EllipticCurveAlgorithm = "P-invalid"
	P256                 EllipticCurveAlgorithm = "P-256"
	P384                 EllipticCurveAlgorithm = "P-384"
	P521                 EllipticCurveAlgorithm = "P-521"
	X25519               EllipticCurveAlgorithm = "X25519"
	X448                 EllipticCurveAlgorithm = "X448"
)

Supported values for EllipticCurveAlgorithm

func EllipticCurveAlgorithms

func EllipticCurveAlgorithms() []EllipticCurveAlgorithm

EllipticCurveAlgorithms returns a list of all available values for EllipticCurveAlgorithm

func (*EllipticCurveAlgorithm) Accept

func (v *EllipticCurveAlgorithm) Accept(value interface{}) error

Accept is used when conversion from values given by outside sources (such as JSON payloads) is required

func (EllipticCurveAlgorithm) String

func (v EllipticCurveAlgorithm) String() string

String returns the string representation of a EllipticCurveAlgorithm

type InvalidKeyAlgorithm

type InvalidKeyAlgorithm string

InvalidKeyAlgorithm represents an algorithm that the library is not aware of.

func (InvalidKeyAlgorithm) Accept

func (InvalidKeyAlgorithm) Accept(_ interface{}) error

func (InvalidKeyAlgorithm) String

func (s InvalidKeyAlgorithm) String() string

type KeyAlgorithm

type KeyAlgorithm interface {
	String() string
}

KeyAlgorithm is a workaround for jwk.Key being able to contain different types of algorithms in its `alg` field.

Previously the storage for the `alg` field was represented as a string, but this caused some users to wonder why the field was not typed appropriately like other fields.

Ideally we would like to keep track of Signature Algorithms and Content Encryption Algorithms separately, and force the APIs to type-check at compile time, but this allows users to pass a value from a jwk.Key directly

func KeyAlgorithmFrom

func KeyAlgorithmFrom(v interface{}) KeyAlgorithm

KeyAlgorithmFrom takes either a string, `jwa.SignatureAlgorithm` or `jwa.KeyEncryptionAlgorithm` and returns a `jwa.KeyAlgorithm`.

If the value cannot be handled, it returns an `jwa.InvalidKeyAlgorithm` object instead of returning an error. This design choice was made to allow users to directly pass the return value to functions such as `jws.Sign()`

type KeyEncryptionAlgorithm

type KeyEncryptionAlgorithm string

KeyEncryptionAlgorithm represents the various encryption algorithms as described in https://tools.ietf.org/html/rfc7518#section-4.1

const (
	A128GCMKW          KeyEncryptionAlgorithm = "A128GCMKW"          // AES-GCM key wrap (128)
	A128KW             KeyEncryptionAlgorithm = "A128KW"             // AES key wrap (128)
	A192GCMKW          KeyEncryptionAlgorithm = "A192GCMKW"          // AES-GCM key wrap (192)
	A192KW             KeyEncryptionAlgorithm = "A192KW"             // AES key wrap (192)
	A256GCMKW          KeyEncryptionAlgorithm = "A256GCMKW"          // AES-GCM key wrap (256)
	A256KW             KeyEncryptionAlgorithm = "A256KW"             // AES key wrap (256)
	DIRECT             KeyEncryptionAlgorithm = "dir"                // Direct encryption
	ECDH_ES            KeyEncryptionAlgorithm = "ECDH-ES"            // ECDH-ES
	ECDH_ES_A128KW     KeyEncryptionAlgorithm = "ECDH-ES+A128KW"     // ECDH-ES + AES key wrap (128)
	ECDH_ES_A192KW     KeyEncryptionAlgorithm = "ECDH-ES+A192KW"     // ECDH-ES + AES key wrap (192)
	ECDH_ES_A256KW     KeyEncryptionAlgorithm = "ECDH-ES+A256KW"     // ECDH-ES + AES key wrap (256)
	PBES2_HS256_A128KW KeyEncryptionAlgorithm = "PBES2-HS256+A128KW" // PBES2 + HMAC-SHA256 + AES key wrap (128)
	PBES2_HS384_A192KW KeyEncryptionAlgorithm = "PBES2-HS384+A192KW" // PBES2 + HMAC-SHA384 + AES key wrap (192)
	PBES2_HS512_A256KW KeyEncryptionAlgorithm = "PBES2-HS512+A256KW" // PBES2 + HMAC-SHA512 + AES key wrap (256)
	RSA1_5             KeyEncryptionAlgorithm = "RSA1_5"             // RSA-PKCS1v1.5
	RSA_OAEP           KeyEncryptionAlgorithm = "RSA-OAEP"           // RSA-OAEP-SHA1
	RSA_OAEP_256       KeyEncryptionAlgorithm = "RSA-OAEP-256"       // RSA-OAEP-SHA256
)

Supported values for KeyEncryptionAlgorithm

func KeyEncryptionAlgorithms

func KeyEncryptionAlgorithms() []KeyEncryptionAlgorithm

KeyEncryptionAlgorithms returns a list of all available values for KeyEncryptionAlgorithm

func (*KeyEncryptionAlgorithm) Accept

func (v *KeyEncryptionAlgorithm) Accept(value interface{}) error

Accept is used when conversion from values given by outside sources (such as JSON payloads) is required

func (KeyEncryptionAlgorithm) IsSymmetric

func (v KeyEncryptionAlgorithm) IsSymmetric() bool

IsSymmetric returns true if the algorithm is a symmetric type

func (KeyEncryptionAlgorithm) String

func (v KeyEncryptionAlgorithm) String() string

String returns the string representation of a KeyEncryptionAlgorithm

type KeyType

type KeyType string

KeyType represents the key type ("kty") that are supported

const (
	EC             KeyType = "EC"  // Elliptic Curve
	InvalidKeyType KeyType = ""    // Invalid KeyType
	OKP            KeyType = "OKP" // Octet string key pairs
	OctetSeq       KeyType = "oct" // Octet sequence (used to represent symmetric keys)
	RSA            KeyType = "RSA" // RSA
)

Supported values for KeyType

func KeyTypes

func KeyTypes() []KeyType

KeyTypes returns a list of all available values for KeyType

func (*KeyType) Accept

func (v *KeyType) Accept(value interface{}) error

Accept is used when conversion from values given by outside sources (such as JSON payloads) is required

func (KeyType) String

func (v KeyType) String() string

String returns the string representation of a KeyType

type SignatureAlgorithm

type SignatureAlgorithm string

SignatureAlgorithm represents the various signature algorithms as described in https://tools.ietf.org/html/rfc7518#section-3.1

const (
	ES256       SignatureAlgorithm = "ES256"  // ECDSA using P-256 and SHA-256
	ES256K      SignatureAlgorithm = "ES256K" // ECDSA using secp256k1 and SHA-256
	ES384       SignatureAlgorithm = "ES384"  // ECDSA using P-384 and SHA-384
	ES512       SignatureAlgorithm = "ES512"  // ECDSA using P-521 and SHA-512
	EdDSA       SignatureAlgorithm = "EdDSA"  // EdDSA signature algorithms
	HS256       SignatureAlgorithm = "HS256"  // HMAC using SHA-256
	HS384       SignatureAlgorithm = "HS384"  // HMAC using SHA-384
	HS512       SignatureAlgorithm = "HS512"  // HMAC using SHA-512
	NoSignature SignatureAlgorithm = "none"
	PS256       SignatureAlgorithm = "PS256" // RSASSA-PSS using SHA256 and MGF1-SHA256
	PS384       SignatureAlgorithm = "PS384" // RSASSA-PSS using SHA384 and MGF1-SHA384
	PS512       SignatureAlgorithm = "PS512" // RSASSA-PSS using SHA512 and MGF1-SHA512
	RS256       SignatureAlgorithm = "RS256" // RSASSA-PKCS-v1.5 using SHA-256
	RS384       SignatureAlgorithm = "RS384" // RSASSA-PKCS-v1.5 using SHA-384
	RS512       SignatureAlgorithm = "RS512" // RSASSA-PKCS-v1.5 using SHA-512
)

Supported values for SignatureAlgorithm

func SignatureAlgorithms

func SignatureAlgorithms() []SignatureAlgorithm

SignatureAlgorithms returns a list of all available values for SignatureAlgorithm

func (*SignatureAlgorithm) Accept

func (v *SignatureAlgorithm) Accept(value interface{}) error

Accept is used when conversion from values given by outside sources (such as JSON payloads) is required

func (SignatureAlgorithm) String

func (v SignatureAlgorithm) String() string

String returns the string representation of a SignatureAlgorithm

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL