jwe

package
v1.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 16, 2020 License: MIT Imports: 32 Imported by: 20

Documentation

Overview

This file is auto-generated by internal/cmd/genheaders/main.go. DO NOT EDIT

Package jwe implements JWE as described in https://tools.ietf.org/html/rfc7516

Index

Examples

Constants

View Source 
const (
	AgreementPartyUInfoKey    = "apu"
	AgreementPartyVInfoKey    = "apv"
	AlgorithmKey              = "alg"
	CompressionKey            = "zip"
	ContentEncryptionKey      = "enc"
	ContentTypeKey            = "cty"
	CriticalKey               = "crit"
	EphemeralPublicKeyKey     = "epk"
	JWKKey                    = "jwk"
	JWKSetURLKey              = "jku"
	KeyIDKey                  = "kid"
	TypeKey                   = "typ"
	X509CertChainKey          = "x5c"
	X509CertThumbprintKey     = "x5t"
	X509CertThumbprintS256Key = "x5t#S256"
	X509URLKey                = "x5u"
)
View Source 
const (
	AuthenticatedDataKey    = "aad"
	CipherTextKey           = "ciphertext"
	CountKey                = "p2c"
	InitializationVectorKey = "iv"
	ProtectedHeadersKey     = "protected"
	RecipientsKey           = "recipients"
	SaltKey                 = "p2s"
	TagKey                  = "tag"
	UnprotectedHeadersKey   = "unprotected"
	HeadersKey              = "header"
	EncryptedKeyKey         = "encrypted_key"
)

Variables

This section is empty.

Functions

func Compact added in v1.0.0 

func Compact(m *Message, _ ...Option) ([]byte, error)

Compact encodes the given message into a JWE compact serialization format.

func Decrypt 

func Decrypt(buf []byte, alg jwa.KeyEncryptionAlgorithm, key interface{}) ([]byte, error)

Decrypt takes the key encryption algorithm and the corresponding key to decrypt the JWE message, and returns the decrypted payload. The JWE message can be either compact or full JSON format.

func Encrypt 

func Encrypt(payload []byte, keyalg jwa.KeyEncryptionAlgorithm, key interface{}, contentalg jwa.ContentEncryptionAlgorithm, compressalg jwa.CompressionAlgorithm) ([]byte, error)

Encrypt takes the plaintext payload and encrypts it in JWE compact format.

Example 
privkey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
	log.Printf("failed to generate private key: %s", err)
	return
}

payload := []byte("Lorem Ipsum")

encrypted, err := Encrypt(payload, jwa.RSA1_5, &privkey.PublicKey, jwa.A128CBC_HS256, jwa.NoCompress)
if err != nil {
	log.Printf("failed to encrypt payload: %s", err)
	return
}

decrypted, err := Decrypt(encrypted, jwa.RSA1_5, privkey)
if err != nil {
	log.Printf("failed to decrypt: %s", err)
	return
}

if string(decrypted) != "Lorem Ipsum" {
	log.Printf("WHAT?!")
	return
}

Output:

func JSON added in v1.0.0 

func JSON(m *Message, options ...Option) ([]byte, error)

JSON encodes the message into a JWE JSON serialization format.

Types

type Decrypter added in v1.0.6 

type Decrypter struct {
	// contains filtered or unexported fields
}

Decrypter is responsible for taking various components to decrypt a message. its operation is not concurrency safe. You must provide locking yourself

func NewDecrypter added in v1.0.6 

func NewDecrypter(keyalg jwa.KeyEncryptionAlgorithm, ctalg jwa.ContentEncryptionAlgorithm, privkey interface{}) *Decrypter

NewDecrypter Creates a new Decrypter instance. You must supply the rest of parameters via their respective setter methods before calling Decrypt().

privkey must be a private key in its "raw" format (i.e. something like *rsa.PrivateKey, instead of jwk.Key)

You should consider this object immutable once you assign values to it.

func (*Decrypter) AgreementPartyUInfo added in v1.0.6 

func (d *Decrypter) AgreementPartyUInfo(apu []byte) *Decrypter

func (*Decrypter) AgreementPartyVInfo added in v1.0.6 

func (d *Decrypter) AgreementPartyVInfo(apv []byte) *Decrypter

func (*Decrypter) AuthenticatedData added in v1.0.6 

func (d *Decrypter) AuthenticatedData(aad []byte) *Decrypter

func (*Decrypter) BuildKeyDecrypter added in v1.0.6 

func (d *Decrypter) BuildKeyDecrypter() (keyenc.Decrypter, error)

func (*Decrypter) ComputedAuthenticatedData added in v1.0.6 

func (d *Decrypter) ComputedAuthenticatedData(aad []byte) *Decrypter

func (*Decrypter) ContentCipher added in v1.0.6 

func (d *Decrypter) ContentCipher() (content_crypt.Cipher, error)

func (*Decrypter) ContentEncryptionAlgorithm added in v1.0.6 

func (d *Decrypter) ContentEncryptionAlgorithm(ctalg jwa.ContentEncryptionAlgorithm) *Decrypter

func (*Decrypter) Decrypt added in v1.0.6 

func (d *Decrypter) Decrypt(recipientKey, ciphertext []byte) (plaintext []byte, err error)

func (*Decrypter) DecryptKey added in v1.0.6 

func (d *Decrypter) DecryptKey(recipientKey []byte) (cek []byte, err error)

func (*Decrypter) InitializationVector added in v1.0.6 

func (d *Decrypter) InitializationVector(iv []byte) *Decrypter

func (*Decrypter) KeyCount added in v1.0.6 

func (d *Decrypter) KeyCount(keycount int) *Decrypter

func (*Decrypter) KeyInitializationVector added in v1.0.6 

func (d *Decrypter) KeyInitializationVector(keyiv []byte) *Decrypter

func (*Decrypter) KeySalt added in v1.0.6 

func (d *Decrypter) KeySalt(keysalt []byte) *Decrypter

func (*Decrypter) KeyTag added in v1.0.6 

func (d *Decrypter) KeyTag(keytag []byte) *Decrypter

func (*Decrypter) PublicKey added in v1.0.6 

func (d *Decrypter) PublicKey(pubkey interface{}) *Decrypter

PublicKey sets the public key to be used in decoding EC based encryptions. The key must be in its "raw" format (i.e. *ecdsa.PublicKey, instead of jwk.Key)

func (*Decrypter) Tag added in v1.0.6 

func (d *Decrypter) Tag(tag []byte) *Decrypter

type HeaderPair added in v1.0.0 

type HeaderPair = mapiter.Pair

type Headers added in v1.0.0 

type Headers interface {
	AgreementPartyUInfo() buffer.Buffer
	AgreementPartyVInfo() buffer.Buffer
	Algorithm() jwa.KeyEncryptionAlgorithm
	Compression() jwa.CompressionAlgorithm
	ContentEncryption() jwa.ContentEncryptionAlgorithm
	ContentType() string
	Critical() []string
	EphemeralPublicKey() jwk.ECDSAPublicKey
	JWK() jwk.Key
	JWKSetURL() string
	KeyID() string
	Type() string
	X509CertChain() []string
	X509CertThumbprint() string
	X509CertThumbprintS256() string
	X509URL() string
	Iterate(ctx context.Context) Iterator
	Walk(ctx context.Context, v Visitor) error
	AsMap(ctx context.Context) (map[string]interface{}, error)
	Get(string) (interface{}, bool)
	Set(string, interface{}) error
	Remove(string) error
	Encode() ([]byte, error)
	Decode([]byte) error
	// PrivateParams returns the map containing the non-standard ('private') parameters
	// in the associated header. WARNING: DO NOT USE PrivateParams()
	// IF YOU HAVE CONCURRENT CODE ACCESSING THEM. Use AsMap() to
	// get a copy of the entire header instead
	PrivateParams() map[string]interface{}
	Clone(context.Context) (Headers, error)
	Copy(context.Context, Headers) error
	Merge(context.Context, Headers) (Headers, error)
}

Headers describe a standard Header set.

func NewHeaders added in v1.0.0 

func NewHeaders() Headers

type Iterator added in v1.0.0 

type Iterator = mapiter.Iterator

type Message 

type Message struct {
	// contains filtered or unexported fields
}

Message contains the entire encrypted JWE message

func NewMessage 

func NewMessage() *Message

NewMessage creates a new message

func Parse 

func Parse(buf []byte) (*Message, error)

Parse parses the JWE message into a Message object. The JWE message can be either compact or full JSON format.

func ParseString 

func ParseString(s string) (*Message, error)

ParseString is the same as Parse, but takes a string.

func (*Message) AuthenticatedData 

func (m *Message) AuthenticatedData() []byte

func (*Message) CipherText 

func (m *Message) CipherText() []byte

func (*Message) Decrypt 

func (m *Message) Decrypt(alg jwa.KeyEncryptionAlgorithm, key interface{}) ([]byte, error)

Decrypt decrypts the message using the specified algorithm and key

func (*Message) InitializationVector 

func (m *Message) InitializationVector() []byte

func (*Message) MarshalJSON added in v1.0.0 

func (m *Message) MarshalJSON() ([]byte, error)

func (*Message) ProtectedHeaders added in v1.0.0 

func (m *Message) ProtectedHeaders() Headers

func (*Message) Recipients 

func (m *Message) Recipients() []Recipient

func (*Message) Set added in v1.0.2 

func (m *Message) Set(k string, v interface{}) error

func (*Message) Tag 

func (m *Message) Tag() []byte

func (*Message) UnmarshalJSON added in v1.0.0 

func (m *Message) UnmarshalJSON(buf []byte) error

func (*Message) UnprotectedHeaders added in v1.0.0 

func (m *Message) UnprotectedHeaders() Headers

type Option added in v1.0.0 

type Option = option.Interface

func WithPrettyJSONFormat added in v1.0.0 

func WithPrettyJSONFormat(b bool) Option

WithPrettyJSONFormat specifies if the `jwe.JSON` serialization tool should generate pretty-formatted output

type Recipient 

type Recipient interface {
	Headers() Headers
	EncryptedKey() buffer.Buffer
	SetHeaders(Headers) error
	SetEncryptedKey(interface{}) error
}

Recipient holds the encrypted key and hints to decrypt the key

func NewRecipient 

func NewRecipient() Recipient

NewRecipient creates a Recipient object

type Visitor added in v1.0.0 

type Visitor = iter.MapVisitor

type VisitorFunc added in v1.0.0 

type VisitorFunc = iter.MapVisitorFunc

Source Files

View all Source files

Directories

Path Synopsis
internal
aescbc
cipher
cmd/genheader
content_crypt
keyenc
keygen

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.