cloudkey

package
v0.0.0-...-5004fd2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 19, 2024 License: MIT Imports: 20 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	JsonWebKeyOperationSign       = "sign"
	JsonWebKeyOperationVerify     = "verify"
	JsonWebKeyOperationEncrypt    = "encrypt"
	JsonWebKeyOperationDecrypt    = "decrypt"
	JsonWebKeyOperationWrapKey    = "wrapKey"
	JsonWebKeyOperationUnwrapKey  = "unwrapKey"
	JsonWebKeyOperationDeriveKey  = "deriveKey"
	JsonWebKeyOperationDeriveBits = "deriveBits"
)

Variables

View Source 
var (
	ErrInvalidKeyType   = exportErr(errInvalidKeyType)
	ErrInvalidCurve     = exportErr(errInvalidCurve)
	ErrInvalidKey       = exportErr(errInvalidKey)
	ErrInvalidKeySize   = exportErr(errInvalidKeySize)
	ErrInvalidAlgorithm = exportErr(errInvalidAlg)
)
View Source 
var (
	ErrInvalidJWE = errors.New("invalid JWE")
)

Functions

This section is empty.

Types

type Base64RawURLEncodableBytes 

type Base64RawURLEncodableBytes []byte

func (Base64RawURLEncodableBytes) BitLen 

func (b Base64RawURLEncodableBytes) BitLen() int

func (Base64RawURLEncodableBytes) HexString 

func (b Base64RawURLEncodableBytes) HexString() string

func (Base64RawURLEncodableBytes) MarshalText 

func (b Base64RawURLEncodableBytes) MarshalText() (text []byte, err error)

MarshalText implements encoding.TextMarshaler.

func (*Base64RawURLEncodableBytes) UnmarshalText 

func (b *Base64RawURLEncodableBytes) UnmarshalText(text []byte) error

UnmarshalText implements encoding.TextUnmarshaler.

type CloudKey 

type CloudKey interface {
	KeyType() JsonWebKeyType
}

type CloudSignatureKey 

type CloudSignatureKey interface {
	CloudKey
	crypto.Signer
	KeyID() string
}

type CloudWrappingKey 

type CloudWrappingKey interface {
	CloudKey
	crypto.Decrypter
	KeyID() string
}

type JWEAes256GcmEncBuilder 

type JWEAes256GcmEncBuilder struct {
	JsonWebEncryption
	// contains filtered or unexported fields
}

func (*JWEAes256GcmEncBuilder) Seal 

func (b *JWEAes256GcmEncBuilder) Seal(plaintext []byte) (string, error)

func (*JWEAes256GcmEncBuilder) SetDirectEncryptionKey 

func (b *JWEAes256GcmEncBuilder) SetDirectEncryptionKey(key []byte)

func (*JWEAes256GcmEncBuilder) SetEcdhEsKeyAgreement 

func (b *JWEAes256GcmEncBuilder) SetEcdhEsKeyAgreement(selfJWK *JsonWebKey, remoteJWK *JsonWebKey) error

type JoseHeader 

type JoseHeader struct {
	Algorithm           JsonWebKeyEncryptionAlgorithm `json:"alg,omitempty"`
	EncryptionAlgorithm JsonWebKeyEncryptionAlgorithm `json:"enc"`
	KeyID               string                        `json:"kid,omitempty"`
	EphemeralPublicKey  *JsonWebKey                   `json:"epk,omitempty"`
	AgreementPartyUInfo Base64RawURLEncodableBytes    `json:"apu,omitempty"`
	AgreementPartyVInfo Base64RawURLEncodableBytes    `json:"apv,omitempty"`
	Raw                 string                        `json:"-"`
}

type JsonWebEncryption 

type JsonWebEncryption struct {
	Protected            JoseHeader
	EncryptedKey         Base64RawURLEncodableBytes
	InitializationVector Base64RawURLEncodableBytes
	Ciphertext           Base64RawURLEncodableBytes
	AuthenticationTag    Base64RawURLEncodableBytes
}

func NewJsonWebEncryption 

func NewJsonWebEncryption(text string) (*JsonWebEncryption, error)

func (*JsonWebEncryption) Decrypt 

func (jwe *JsonWebEncryption) Decrypt(keyFunc func(header *JoseHeader) (crypto.PrivateKey, error)) (plaintext []byte, unwrappedKey []byte, err error)

func (*JsonWebEncryption) String 

func (jwe *JsonWebEncryption) String() string

type JsonWebKey 

type JsonWebKey struct {
	KeyType          JsonWebKeyType               `json:"kty"`                // RFC7517 4.1. "kty" (Key Type) Parameter Values for JWK
	Alg              string                       `json:"alg,omitempty"`      // RFC7517 4.4. "alg" (Algorithm) Header Parameter Values for JWS
	KeyID            string                       `json:"kid,omitempty"`      // RFC7517 4.5. "kid" (Key ID) Parameter
	Curve            JsonWebKeyCurveName          `json:"crv,omitempty"`      // RFC7518 6.2.1.1. "crv" (Curve) Parameter
	N                Base64RawURLEncodableBytes   `json:"n,omitempty"`        // RFC7518 6.3.1.1. "n" (Modulus) Parameter
	E                Base64RawURLEncodableBytes   `json:"e,omitempty"`        // RFC7518 6.3.1.2. "e" (Exponent) Parameter
	D                Base64RawURLEncodableBytes   `json:"d,omitempty"`        // RFC7518 6.3.2.1. "d" (Private Exponent) Parameter, or RFC7518 6.2.2.1. "d" (ECC Private Key) Parameter
	P                Base64RawURLEncodableBytes   `json:"p,omitempty"`        // RFC7518 6.3.2.2. "p" (First Prime Factor) Parameter
	Q                Base64RawURLEncodableBytes   `json:"q,omitempty"`        // RFC7518 6.3.3.3. "q" (Second Prime Factor) Parameter
	Dp               Base64RawURLEncodableBytes   `json:"dp,omitempty"`       // RFC7518 6.3.3.4. "dp" (First Factor CRT Exponent) Parameter
	Dq               Base64RawURLEncodableBytes   `json:"dq,omitempty"`       // RFC7518 6.3.3.5. "dq" (Second Factor CRT Exponent) Parameter
	Qinv             Base64RawURLEncodableBytes   `json:"qi,omitempty"`       // RFC7518 6.3.3.6. "qi" (First CRT Coefficient) Parameter
	X                Base64RawURLEncodableBytes   `json:"x,omitempty"`        // RFC7518 6.2.1.2. "x" (X Coordinate) Parameter
	Y                Base64RawURLEncodableBytes   `json:"y,omitempty"`        // RFC7518 6.2.1.3. "y" (Y Coordinate) Parameter
	KeyOperations    []JsonWebKeyOperation        `json:"key_ops,omitempty"`  // RFC7517 4.3. "key_ops" (Key Operations) Parameter Values for JWK
	ThumbprintSHA1   Base64RawURLEncodableBytes   `json:"x5t,omitempty"`      // RFC7517 4.8. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter
	ThumbprintSHA256 Base64RawURLEncodableBytes   `json:"x5t#S256,omitempty"` // RFC7517 4.9. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter
	CertificateChain []Base64RawURLEncodableBytes `json:"x5c,omitempty"`      // RFC7517 4.7. "x5c" (X.509 Certificate Chain) Parameter
	Extractable      *bool                        `json:"ext,omitempty"`
	// contains filtered or unexported fields
}

func NewEphemeralECDHJwk 

func NewEphemeralECDHJwk(cryptoProvider cryptoprovider.CryptoProvider) (*JsonWebKey, error)

func NewJsonWebKeyFromPublicKey 

func NewJsonWebKeyFromPublicKey(publicKey crypto.PublicKey) (*JsonWebKey, error)

func (*JsonWebKey) Digest 

func (jwk *JsonWebKey) Digest(w io.Writer)

func (*JsonWebKey) PrivateKey 

func (jwk *JsonWebKey) PrivateKey() crypto.PrivateKey

Cloud keys typically don't have retrieveable private key

func (*JsonWebKey) PublicJWK 

func (jwk *JsonWebKey) PublicJWK() *JsonWebKey

func (*JsonWebKey) PublicKey 

func (jwk *JsonWebKey) PublicKey() crypto.PublicKey

func (*JsonWebKey) SetPublicKey 

func (jwk *JsonWebKey) SetPublicKey(publicKey crypto.PublicKey) error

type JsonWebKeyCurveName 

type JsonWebKeyCurveName string
const (
	CurveNameP256 JsonWebKeyCurveName = "P-256"
	CurveNameP384 JsonWebKeyCurveName = "P-384"
	CurveNameP521 JsonWebKeyCurveName = "P-521"
)

type JsonWebKeyEncryptionAlgorithm 

type JsonWebKeyEncryptionAlgorithm string
const (
	JwkEncAlgRsaOeap256 JsonWebKeyEncryptionAlgorithm = "RSA-OAEP-256"
	JwkEncAlgAes256Gcm  JsonWebKeyEncryptionAlgorithm = "A256GCM"
	JwkEncAlgEcdhEs     JsonWebKeyEncryptionAlgorithm = "ECDH-ES"
	JwkEncAlgDir        JsonWebKeyEncryptionAlgorithm = "dir"
)

type JsonWebKeyOperation 

type JsonWebKeyOperation string

RFC7517 4.3. "key_ops" (Key Operations) Parameter Values for JWK

func SanitizeKeyOperations 

func SanitizeKeyOperations(keyOps []JsonWebKeyOperation) []JsonWebKeyOperation

type JsonWebKeyType 

type JsonWebKeyType string

RFC7518 6.1.1. "alg" (Algorithm) Parameter Values for JWS 

const (
	KeyTypeRSA JsonWebKeyType = "RSA"
	KeyTypeEC  JsonWebKeyType = "EC"
	KeyTypeOct JsonWebKeyType = "oct"
)

type JsonWebSignatureAlgorithm 

type JsonWebSignatureAlgorithm string
const (
	SignatureAlgoritmNone JsonWebSignatureAlgorithm = ""

	SignatureAlgorithmHS256 JsonWebSignatureAlgorithm = "HS256"
	SignatureAlgorithmHS384 JsonWebSignatureAlgorithm = "HS384"
	SignatureAlgorithmHS512 JsonWebSignatureAlgorithm = "HS512"

	SignatureAlgorithmRS256 JsonWebSignatureAlgorithm = "RS256"
	SignatureAlgorithmRS384 JsonWebSignatureAlgorithm = "RS384"
	SignatureAlgorithmRS512 JsonWebSignatureAlgorithm = "RS512"

	SignatureAlgorithmES256 JsonWebSignatureAlgorithm = "ES256"
	SignatureAlgorithmES384 JsonWebSignatureAlgorithm = "ES384"
	SignatureAlgorithmES512 JsonWebSignatureAlgorithm = "ES512"

	SignatureAlgorithmPS256 JsonWebSignatureAlgorithm = "PS256"
	SignatureAlgorithmPS384 JsonWebSignatureAlgorithm = "PS384"
	SignatureAlgorithmPS512 JsonWebSignatureAlgorithm = "PS512"
)

func (JsonWebSignatureAlgorithm) HashFunc 

func (alg JsonWebSignatureAlgorithm) HashFunc() crypto.Hash

HashFunc implements crypto.SignerOpts.

func (JsonWebSignatureAlgorithm) IsSupported 

func (alg JsonWebSignatureAlgorithm) IsSupported() bool

HashFunc implements crypto.SignerOpts.

func (JsonWebSignatureAlgorithm) X509SignatureAlgorithm 

func (alg JsonWebSignatureAlgorithm) X509SignatureAlgorithm() x509.SignatureAlgorithm

Source Files

View all Source files

Directories

Path Synopsis
x

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.