jose

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 16, 2024 License: Apache-2.0 Imports: 30 Imported by: 26

Documentation

Index

Constants

View Source
const (
	// HeaderAlgorithm identifies:
	// For JWS: the cryptographic algorithm used to secure the JWS.
	// For JWE: the cryptographic algorithm used to encrypt or determine the value of the CEK.
	HeaderAlgorithm = "alg" // string

	// HeaderEncryption identifies the JWE content encryption algorithm.
	HeaderEncryption = "enc" // string

	// HeaderJWKSetURL is a URI that refers to a resource for a set of JSON-encoded public keys, one of which:
	// For JWS: corresponds to the key used to digitally sign the JWS.
	// For JWE: corresponds to the public key to which the JWE was encrypted.
	HeaderJWKSetURL = "jku" // string

	// HeaderJSONWebKey is:
	// For JWS: the public key that corresponds to the key used to digitally sign the JWS.
	// For JWE: the public key to which the JWE was encrypted.
	HeaderJSONWebKey = "jwk" // JSON

	// HeaderKeyID is a hint:
	// For JWS: indicating which key was used to secure the JWS.
	// For JWE: which references the public key to which the JWE was encrypted.
	HeaderKeyID = "kid" // string

	// HeaderSenderKeyID is a hint:
	// For JWS: not used.
	// For JWE: which references the (sender) public key used in the JWE key derivation/wrapping to encrypt the CEK.
	HeaderSenderKeyID = "skid" // string

	// HeaderX509URL is a URI that refers to a resource for the X.509 public key certificate or certificate chain:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509URL = "x5u"

	// HeaderX509CertificateChain contains the X.509 public key certificate or certificate chain:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509CertificateChain = "x5c"

	// HeaderX509CertificateDigest (X.509 certificate SHA-1 thumbprint) is a base64url-encoded
	// SHA-1 thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509CertificateDigestSha1 = "x5t"

	// HeaderX509CertificateDigestSha256 (X.509 certificate SHA-256 thumbprint) is a base64url-encoded SHA-256
	// thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate:
	// For JWS: corresponding to the key used to digitally sign the JWS.
	// For JWE: corresponding to the public key to which the JWE was encrypted.
	HeaderX509CertificateDigestSha256 = "x5t#S256" // string

	// HeaderType is:
	// For JWS: used by JWS applications to declare the media type of this complete JWS.
	// For JWE: used by JWE applications to declare the media type of this complete JWE.
	HeaderType = "typ" // string

	// HeaderContentType is used by JWS applications to declare the media type of:
	// For JWS: the secured content (the payload).
	// For JWE: the secured content (the plaintext).
	HeaderContentType = "cty" // string

	// HeaderCritical indicates that extensions to:
	// For JWS: this JWS header specification and/or JWA are being used that MUST be understood and processed.
	// For JWE: this JWE header specification and/or JWA are being used that MUST be understood and processed.
	HeaderCritical = "crit" // array

	// HeaderEPK is used by JWE applications to wrap/unwrap the CEK for a recipient.
	HeaderEPK = "epk" // JSON
)

IANA registered JOSE headers (https://tools.ietf.org/html/rfc7515#section-4.1)

View Source
const (
	// HeaderB64 determines whether the payload is represented in the JWS and the JWS Signing
	// Input as ASCII(BASE64URL(JWS Payload)) or as the JWS Payload value itself with no encoding performed.
	HeaderB64Payload = "b64" // bool
	// A256GCMALG is the default content encryption algorithm value as per
	// the JWA specification: https://tools.ietf.org/html/rfc7518#section-5.1
	A256GCMALG = "A256GCM"
	// XC20PALG represents XChacha20Poly1305 content encryption algorithm value.
	XC20PALG = "XC20P"
	// A128CBCHS256ALG represents AES_128_CBC_HMAC_SHA_256 encryption algorithm value.
	A128CBCHS256ALG = "A128CBC-HS256"
	// A192CBCHS384ALG represents AES_192_CBC_HMAC_SHA_384 encryption algorithm value.
	A192CBCHS384ALG = "A192CBC-HS384"
	// A256CBCHS384ALG represents AES_256_CBC_HMAC_SHA_384 encryption algorithm value (not defined in JWA spec above).
	A256CBCHS384ALG = "A256CBC-HS384"
	// A256CBCHS512ALG represents AES_256_CBC_HMAC_SHA_512 encryption algorithm value.
	A256CBCHS512ALG = "A256CBC-HS512"
)

Header defined in https://tools.ietf.org/html/rfc7797

View Source
const (
	// A256GCM for AES256GCM content encryption.
	A256GCM = EncAlg(A256GCMALG)
	// XC20P for XChacha20Poly1305 content encryption.
	XC20P = EncAlg(XC20PALG)
	// A128CBCHS256 for A128CBC-HS256 (AES128-CBC+HMAC-SHA256) content encryption.
	A128CBCHS256 = EncAlg(A128CBCHS256ALG)
	// A192CBCHS384 for A192CBC-HS384 (AES192-CBC+HMAC-SHA384) content encryption.
	A192CBCHS384 = EncAlg(A192CBCHS384ALG)
	// A256CBCHS384 for A256CBC-HS384 (AES256-CBC+HMAC-SHA384) content encryption.
	A256CBCHS384 = EncAlg(A256CBCHS384ALG)
	// A256CBCHS512 for A256CBC-HS512 (AES256-CBC+HMAC-SHA512) content encryption.
	A256CBCHS512 = EncAlg(A256CBCHS512ALG)
)

Variables

This section is empty.

Functions

func IsCompactJWS

func IsCompactJWS(s string) bool

IsCompactJWS checks weather input is a compact JWS (based on https://tools.ietf.org/html/rfc7516#section-9)

Types

type AlgSignatureVerifier

type AlgSignatureVerifier struct {
	Alg      string
	Verifier SignatureVerifier
}

AlgSignatureVerifier defines verifier for particular signature algorithm.

type CompositeAlgSigVerifier

type CompositeAlgSigVerifier struct {
	// contains filtered or unexported fields
}

CompositeAlgSigVerifier defines composite signature verifier based on the algorithm taken from JOSE header alg.

func NewCompositeAlgSigVerifier

func NewCompositeAlgSigVerifier(v AlgSignatureVerifier, vOther ...AlgSignatureVerifier) *CompositeAlgSigVerifier

NewCompositeAlgSigVerifier creates a new CompositeAlgSigVerifier.

func (*CompositeAlgSigVerifier) Verify

func (v *CompositeAlgSigVerifier) Verify(joseHeaders Headers, payload, signingInput, signature []byte) error

Verify verifiers JWS signature.

type Decrypter

type Decrypter interface {
	// Decrypt a deserialized JWE, extracts the corresponding recipient key to decrypt plaintext and returns it
	Decrypt(jwe *JSONWebEncryption) ([]byte, error)
}

Decrypter interface to Decrypt JWE messages.

type DefaultSigningInputVerifier

type DefaultSigningInputVerifier func(joseHeaders Headers, payload, signingInput, signature []byte) error

DefaultSigningInputVerifier is a SignatureVerifier that generates the signing input from the given headers and payload, instead of using the signing input parameter.

func (DefaultSigningInputVerifier) Verify

func (s DefaultSigningInputVerifier) Verify(joseHeaders Headers, payload, _, signature []byte) error

Verify verifies JWS signature.

type EncAlg

type EncAlg string

EncAlg represents the JWE content encryption algorithm.

type Encrypter

type Encrypter interface {
	// EncryptWithAuthData encrypt plaintext and aad sent to more than 1 recipients and returns a valid
	// JSONWebEncryption instance
	EncryptWithAuthData(plaintext, aad []byte) (*JSONWebEncryption, error)

	// Encrypt plaintext with empty aad sent to 1 or more recipients and returns a valid JSONWebEncryption instance
	Encrypt(plaintext []byte) (*JSONWebEncryption, error)
}

Encrypter interface to Encrypt/Decrypt JWE messages.

type Headers

type Headers map[string]interface{}

Headers represents JOSE headers.

func (Headers) Algorithm

func (h Headers) Algorithm() (string, bool)

Algorithm gets Algorithm from JOSE headers.

func (Headers) ContentType

func (h Headers) ContentType() (string, bool)

ContentType gets the payload content type from JOSE headers.

func (Headers) Encryption

func (h Headers) Encryption() (string, bool)

Encryption gets content encryption algorithm from JOSE headers.

func (Headers) JWK

func (h Headers) JWK() (*jwk.JWK, bool)

JWK gets JWK from JOSE headers.

func (Headers) KeyID

func (h Headers) KeyID() (string, bool)

KeyID gets Key ID from JOSE headers.

func (Headers) SenderKeyID

func (h Headers) SenderKeyID() (string, bool)

SenderKeyID gets the sender Key ID from Jose headers.

func (Headers) Type

func (h Headers) Type() (string, bool)

Type gets content encryption type from JOSE headers.

type JSONWebEncryption

type JSONWebEncryption struct {
	ProtectedHeaders   Headers
	OrigProtectedHders string
	UnprotectedHeaders Headers
	Recipients         []*Recipient
	AAD                string
	IV                 string
	Ciphertext         string
	Tag                string
}

JSONWebEncryption represents a JWE as defined in https://tools.ietf.org/html/rfc7516.

func Deserialize

func Deserialize(serializedJWE string) (*JSONWebEncryption, error)

Deserialize deserializes the given serialized JWE into a JSONWebEncryption object.

func (*JSONWebEncryption) CompactSerialize

func (e *JSONWebEncryption) CompactSerialize(marshal marshalFunc) (string, error)

CompactSerialize serializes the given JWE into a compact, URL-safe string as defined in https://tools.ietf.org/html/rfc7516#section-7.1.

func (*JSONWebEncryption) FullSerialize

func (e *JSONWebEncryption) FullSerialize(marshal marshalFunc) (string, error)

FullSerialize serializes the given JWE into JSON as defined in https://tools.ietf.org/html/rfc7516#section-7.2. The full serialization syntax is used. If there is only one recipient, then the flattened syntax is used.

type JSONWebSignature

type JSONWebSignature struct {
	ProtectedHeaders   Headers
	UnprotectedHeaders Headers
	Payload            []byte
	// contains filtered or unexported fields
}

JSONWebSignature defines JSON Web Signature (https://tools.ietf.org/html/rfc7515)

func NewJWS

func NewJWS(protectedHeaders, unprotectedHeaders Headers, payload []byte, signer Signer) (*JSONWebSignature, error)

NewJWS creates JSON Web Signature.

func ParseJWS

func ParseJWS(jws string, verifier SignatureVerifier, opts ...JWSParseOpt) (*JSONWebSignature, error)

ParseJWS parses serialized JWS. Currently only JWS Compact Serialization parsing is supported.

func (JSONWebSignature) SerializeCompact

func (s JSONWebSignature) SerializeCompact(detached bool) (string, error)

SerializeCompact makes JWS Compact Serialization (https://tools.ietf.org/html/rfc7515#section-7.1)

func (JSONWebSignature) Signature

func (s JSONWebSignature) Signature() []byte

Signature returns a copy of JWS signature.

type JWEDecrypt

type JWEDecrypt struct {
	// contains filtered or unexported fields
}

JWEDecrypt is responsible for decrypting a JWE message and returns its protected plaintext.

func NewJWEDecrypt

func NewJWEDecrypt(kidResolvers []resolver.KIDResolver, c cryptoapi.Crypto, k kms.KeyManager) *JWEDecrypt

NewJWEDecrypt creates a new JWEDecrypt instance to parse and decrypt a JWE message for a given recipient store is needed for Authcrypt only (to fetch sender's pre agreed upon public key), it is not needed for Anoncrypt.

func (*JWEDecrypt) Decrypt

func (jd *JWEDecrypt) Decrypt(jwe *JSONWebEncryption) ([]byte, error)

Decrypt a deserialized JWE, decrypts its protected content and returns plaintext.

type JWEEncrypt

type JWEEncrypt struct {
	// contains filtered or unexported fields
}

JWEEncrypt is responsible for encrypting a plaintext and its AAD into a protected JWE and decrypting it.

func NewJWEEncrypt

func NewJWEEncrypt(encAlg EncAlg, envelopMediaType, cty, senderKID string, senderKH *keyset.Handle,
	recipientsPubKeys []*cryptoapi.PublicKey, crypto cryptoapi.Crypto) (*JWEEncrypt, error)

NewJWEEncrypt creates a new JWEEncrypt instance to build JWE with recipientsPubKeys senderKID and senderKH are used for Authcrypt (to authenticate the sender), if not set JWEEncrypt assumes Anoncrypt.

func (*JWEEncrypt) Encrypt

func (je *JWEEncrypt) Encrypt(plaintext []byte) (*JSONWebEncryption, error)

Encrypt encrypt plaintext with AAD and returns a JSONWebEncryption instance to serialize a JWE instance.

func (*JWEEncrypt) EncryptWithAuthData

func (je *JWEEncrypt) EncryptWithAuthData(plaintext, aad []byte) (*JSONWebEncryption, error)

EncryptWithAuthData encrypt plaintext with AAD and returns a JSONWebEncryption instance to serialize a JWE instance.

type JWSParseOpt

type JWSParseOpt func(opts *jwsParseOpts)

JWSParseOpt is the JWS Parser option.

func WithJWSDetachedPayload

func WithJWSDetachedPayload(payload []byte) JWSParseOpt

WithJWSDetachedPayload option is for definition of JWS detached payload.

type Recipient

type Recipient struct {
	Header       *RecipientHeaders `json:"header,omitempty"`
	EncryptedKey string            `json:"encrypted_key,omitempty"`
}

Recipient is a recipient of a JWE including the shared encryption key.

type RecipientHeaders

type RecipientHeaders struct {
	Alg string          `json:"alg,omitempty"`
	APU string          `json:"apu,omitempty"`
	APV string          `json:"apv,omitempty"`
	IV  string          `json:"iv,omitempty"`
	Tag string          `json:"tag,omitempty"`
	KID string          `json:"kid,omitempty"`
	EPK json.RawMessage `json:"epk,omitempty"`
}

RecipientHeaders are the recipient headers.

type SignatureVerifier

type SignatureVerifier interface {
	// Verify verifies JWS based on the signing input.
	Verify(joseHeaders Headers, payload, signingInput, signature []byte) error
}

SignatureVerifier makes verification of JSON Web Signature.

type SignatureVerifierFunc

type SignatureVerifierFunc func(joseHeaders Headers, payload, signingInput, signature []byte) error

SignatureVerifierFunc is a function wrapper for SignatureVerifier.

func (SignatureVerifierFunc) Verify

func (s SignatureVerifierFunc) Verify(joseHeaders Headers, payload, signingInput, signature []byte) error

Verify verifies JWS signature.

type Signer

type Signer interface {
	// Sign signs.
	Sign(data []byte) ([]byte, error)

	// Headers provides JWS headers. "alg" header must be provided (see https://tools.ietf.org/html/rfc7515#section-4.1)
	Headers() Headers
}

Signer defines JWS Signer interface. It makes signing of data and provides custom JWS headers relevant to the signer.

Directories

Path Synopsis
jwk

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL