Versions in this module Expand all Collapse all v0 v0.2.1 Feb 17, 2024 v0.2.0 Dec 22, 2023 Changes in this version + const ContentLength + const Created + const Date + const Digest + const Expires + const HeaderAuthorization + const HeaderSignature + const Host + const Nonce + const RequestTarget + const SchemeAuthentication + const SchemeSignature + const SchemeUnspecified + var ErrAlgorithmMismatch = errors.New("algorithm does not match") + var ErrAlgorithmUnsupported = errors.New("algorithm unsupported") + var ErrCreatedInvalid = errors.New("(created) invalid") + var ErrCreatedNotInRange = errors.New("(created) is not in acceptable range") + var ErrDateInvalid = errors.New("date invalid in header") + var ErrDateNotInRange = errors.New("date is not in acceptable range") + var ErrDigestMismatch = errors.New("body is not match with digest") + var ErrExpiresInvalid = errors.New("(expires) invalid") + var ErrHashUnavailable = errors.New("the requested hash function is unavailable") + var ErrKeyIdInvalid = errors.New("keyId invalid") + var ErrKeyIdMissing = errors.New("keyId must be in header value") + var ErrKeyInvalid = errors.New("key is invalid") + var ErrKeyMustBePEMEncoded = errors.New("invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key") + var ErrKeyTypeInvalid = errors.New("key is invalid type") + var ErrMinimumRequiredHeader = errors.New("header field is not meet minimum requirement") + var ErrMissingDoubleQuote = errors.New(`Missing " after = character`) + var ErrMissingEqualCharacter = errors.New(`Missing = character =`) + var ErrNoSignatureInRequest = errors.New("signature not found in request") + var ErrNotECPrivateKey = errors.New("key is not a valid ECDSA private key") + var ErrNotECPublicKey = errors.New("key is not a valid ECDSA public key") + var ErrNotEdPrivateKey = errors.New("key is not a valid Ed25519 private key") + var ErrNotEdPublicKey = errors.New("key is not a valid Ed25519 public key") + var ErrNotRSAPrivateKey = errors.New("key is not a valid RSA private key") + var ErrNotRSAPublicKey = errors.New("key is not a valid RSA public key") + var ErrSchemeUnsupported = errors.New("scheme unsupported") + var ErrSignatureExpired = errors.New("signature has be expired") + var ErrSignatureInvalid = errors.New("signature invalid") + var ErrSignatureMissing = errors.New("signature must be in header value") + var ErrUnterminatedParameter = errors.New("Unterminated parameter") + var SigningMethodEcdsaSha256 = &SigningMethodECDSA + var SigningMethodEcdsaSha384 = &SigningMethodECDSA + var SigningMethodEcdsaSha512 = &SigningMethodECDSA + var SigningMethodEdDSA = &SigningMethodEd25519 + var SigningMethodHmacMd5 = &SigningMethodHMAC + var SigningMethodHmacSha256 = &SigningMethodHMAC + var SigningMethodHmacSha384 = &SigningMethodHMAC + var SigningMethodHmacSha512 = &SigningMethodHMAC + var SigningMethodRsaPssSha256 = &SigningMethodRSAPSS + var SigningMethodRsaPssSha384 = &SigningMethodRSAPSS + var SigningMethodRsaPssSha512 = &SigningMethodRSAPSS + var SigningMethodRsaSha256 = &SigningMethodRSA + var SigningMethodRsaSha384 = &SigningMethodRSA + var SigningMethodRsaSha512 = &SigningMethodRSA + func ConstructSignMessageFromRequest(r *http.Request, p *Parameter) string + func ParseECPrivateKeyFromPEM(key []byte) (*ecdsa.PrivateKey, error) + func ParseECPublicKeyFromPEM(key []byte) (*ecdsa.PublicKey, error) + func ParseEdPrivateKeyFromPEM(key []byte) (crypto.PrivateKey, error) + func ParseEdPublicKeyFromPEM(key []byte) (crypto.PublicKey, error) + func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error) + func ParseRSAPrivateKeyFromPEMWithPassword(key []byte, password string) (*rsa.PrivateKey, error) + func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error) + type AuthorizationSignatureExtractor string + func NewAuthorizationSignatureExtractor(h string) AuthorizationSignatureExtractor + func (h AuthorizationSignatureExtractor) Extract(r *http.Request) (string, Scheme, error) + type CreatedValidator struct + Gap time.Duration + func NewCreatedValidator() *CreatedValidator + func (v *CreatedValidator) Validate(r *http.Request, p *Parameter) error + type DateValidator struct + Gap time.Duration + func NewDateValidator() *DateValidator + func (v *DateValidator) Validate(r *http.Request, _ *Parameter) error + type DigestUsingShared struct + func NewDigestUsingShared(signingMethod SigningMethod) *DigestUsingShared + func (m *DigestUsingShared) Sign(signingBytes []byte, key any) (string, error) + func (m *DigestUsingShared) Verify(signingBytes []byte, digestString string, key any) error + type DigestUsingSharedValidator struct + func NewDigestUsingSharedValidator() *DigestUsingSharedValidator + func (v *DigestUsingSharedValidator) Validate(r *http.Request, p *Parameter) error + type DigestValidator struct + func NewDigestValidator(digest digest.Digest) *DigestValidator + func (v *DigestValidator) Validate(r *http.Request, _ *Parameter) error + type ExpiresValidator struct + Gap time.Duration + func NewExpiresValidator() *ExpiresValidator + func (v *ExpiresValidator) Validate(r *http.Request, p *Parameter) error + type Extractor interface + Extract func(*http.Request) (string, Scheme, error) + type KeyId string + type Keystone interface + AddMetadata func(KeyId, Metadata) error + DeleteMetadata func(KeyId) error + GetMetadata func(KeyId) (Metadata, error) + type KeystoneMemory struct + func NewKeystoneMemory() *KeystoneMemory + func (k *KeystoneMemory) AddMetadata(keyId KeyId, md Metadata) error + func (k *KeystoneMemory) DeleteMetadata(keyId KeyId) error + func (k *KeystoneMemory) GetMetadata(keyId KeyId) (Metadata, error) + type Metadata struct + Alg string + Key any + Scheme Scheme + type MultiExtractor []Extractor + func NewMultiExtractor(es ...Extractor) MultiExtractor + func (e MultiExtractor) Extract(r *http.Request) (string, Scheme, error) + type Parameter struct + Algorithm string + Created int64 + Expires int64 + Headers []string + Key any + KeyId KeyId + Method SigningMethod + Scheme Scheme + Signature string + func (p *Parameter) ContainsHeader(header string) bool + func (p *Parameter) MergerHeader(r *http.Request) error + type Parser struct + func NewParser(opts ...ParserOption) *Parser + func (p *Parser) AddMetadata(keyId KeyId, md Metadata) error + func (p *Parser) DeleteMetadata(keyId KeyId) error + func (p *Parser) GetMetadata(keyId KeyId) (Metadata, error) + func (p *Parser) GetSigningMethod(alg string) (method SigningMethod) + func (p *Parser) GetSigningMethodAlgorithms() []string + func (p *Parser) ParseFromRequest(r *http.Request) (*Parameter, error) + func (p *Parser) ParseVerify(r *http.Request) (Scheme, error) + func (p *Parser) RegisterSigningMethod(alg string, f func() SigningMethod) *Parser + func (p *Parser) Verify(r *http.Request, param *Parameter) error + type ParserOption func(*Parser) + func WithExtractor(e Extractor) ParserOption + func WithKeystone(ks Keystone) ParserOption + func WithMinimumRequiredHeaders(headers []string) ParserOption + func WithSigningMethods(alg string, f func() SigningMethod) ParserOption + func WithValidators(vs ...Validator) ParserOption + type Scheme int + type SignatureExtractor string + func NewSignatureExtractor(h string) SignatureExtractor + func (h SignatureExtractor) Extract(r *http.Request) (string, Scheme, error) + type SigningMethod interface + Alg func() string + Sign func(signingBytes []byte, key any) ([]byte, error) + Verify func(signingBytes []byte, sig []byte, key any) error + type SigningMethodECDSA struct + CurveBits int + Hash crypto.Hash + KeySize int + Name string + func (m *SigningMethodECDSA) Alg() string + func (m *SigningMethodECDSA) Sign(signingBytes []byte, key any) ([]byte, error) + func (m *SigningMethodECDSA) Verify(signingBytes, sig []byte, key any) error + type SigningMethodEd25519 struct + func (m *SigningMethodEd25519) Alg() string + func (m *SigningMethodEd25519) Sign(signingBytes []byte, key any) ([]byte, error) + func (m *SigningMethodEd25519) Verify(signingBytes, sig []byte, key any) error + type SigningMethodHMAC struct + Hash crypto.Hash + Name string + func (m *SigningMethodHMAC) Alg() string + func (m *SigningMethodHMAC) Sign(signingBytes []byte, key any) ([]byte, error) + func (m *SigningMethodHMAC) Verify(signingBytes, sig []byte, key any) error + type SigningMethodRSA struct + Hash crypto.Hash + Name string + func (m *SigningMethodRSA) Alg() string + func (m *SigningMethodRSA) Sign(signingBytes []byte, key any) ([]byte, error) + func (m *SigningMethodRSA) Verify(signingBytes, sig []byte, key any) error + type SigningMethodRSAPSS struct + Options *rsa.PSSOptions + VerifyOptions *rsa.PSSOptions + func (m *SigningMethodRSAPSS) Sign(signingBytes []byte, key any) ([]byte, error) + func (m *SigningMethodRSAPSS) Verify(signingBytes, sig []byte, key any) error + type Validator interface + Validate func(*http.Request, *Parameter) error