Documentation
¶
Index ¶
Constants ¶
const ( // HeaderAlgorithm identifies the cryptographic algorithm used to secure the JWS. HeaderAlgorithm = "alg" // string // HeaderJWKSetURL is a URI that refers to a resource for a set of JSON-encoded public keys, one of // which corresponds to the key used to digitally sign the JWS. HeaderJWKSetURL = "jku" // string // HeaderJSONWebKey is the public key that corresponds to the key used to digitally sign the JWS. HeaderJSONWebKey = "jwk" // JSON // HeaderKeyID is a hint indicating which key was used to secure the JWS. HeaderKeyID = "kid" // string // HeaderX509URL is a URI that refers to a resource for the X.509 public key certificate or certificate // chain corresponding to the key used to digitally sign the JWS. HeaderX509URL = "x5u" // HeaderX509CertificateChain contains the X.509 public key certificate or certificate chain // corresponding to the key used to digitally sign the JWS. HeaderX509CertificateChain = "x5c" // HeaderX509CertificateDigest (X.509 certificate SHA-1 thumbprint) is a base64url-encoded // SHA-1 thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate corresponding to the key // used to digitally sign the JWS. HeaderX509CertificateDigestSha1 = "x5t" // HeaderX509CertificateDigestSha256 (X.509 certificate SHA-256 thumbprint) is a base64url-encoded SHA-256 // thumbprint (a.k.a. digest) of the DER encoding of the X.509 certificate corresponding to the key used to // digitally sign the JWS. HeaderX509CertificateDigestSha256 = "x5t#S256" // string // HeaderType is used by JWS applications to declare the media type of this complete JWS. HeaderType = "typ" // string // HeaderContentType is used by JWS applications to declare the media type of the // secured content (the payload). HeaderContentType = "cty" // string // HeaderCritical indicates that extensions to this specification and/or are being used that MUST be // understood and processed. HeaderCritical = "crit" // array )
IANA registered JOSE headers (https://tools.ietf.org/html/rfc7515#section-4.1)
const ( // HeaderB64 determines whether the payload is represented in the JWS and the JWS Signing // Input as ASCII(BASE64URL(JWS Payload)) or as the JWS Payload value itself with no encoding performed. HeaderB64Payload = "b64" // bool )
Header defined in https://tools.ietf.org/html/rfc7797
Variables ¶
This section is empty.
Functions ¶
func IsCompactJWS ¶
IsCompactJWS checks weather input is a compact JWS (based on https://tools.ietf.org/html/rfc7516#section-9)
Types ¶
type AlgSignatureVerifier ¶
type AlgSignatureVerifier struct {
Alg string
Verifier SignatureVerifier
}
AlgSignatureVerifier defines verifier for particular signature algorithm.
type CompositeAlgSigVerifier ¶
type CompositeAlgSigVerifier struct {
// contains filtered or unexported fields
}
CompositeAlgSigVerifier defines composite signature verifier based on the algorithm taken from JOSE header alg.
func NewCompositeAlgSigVerifier ¶
func NewCompositeAlgSigVerifier(v AlgSignatureVerifier, vOther ...AlgSignatureVerifier) *CompositeAlgSigVerifier
NewCompositeAlgSigVerifier creates a new CompositeAlgSigVerifier
type Headers ¶
type Headers map[string]interface{}
Headers represents JOSE headers.
type JSONWebSignature ¶
type JSONWebSignature struct {
ProtectedHeaders Headers
UnprotectedHeaders Headers
Payload []byte
// contains filtered or unexported fields
}
JSONWebSignature defines JSON Web Signature (https://tools.ietf.org/html/rfc7515)
func NewJWS ¶
func NewJWS(protectedHeaders, unprotectedHeaders Headers, payload []byte, signer Signer) (*JSONWebSignature, error)
NewJWS creates JSON Web Signature.
func ParseJWS ¶
func ParseJWS(jws string, verifier SignatureVerifier, opts ...JWSParseOpt) (*JSONWebSignature, error)
ParseJWS parses serialized JWS. Currently only JWS Compact Serialization parsing is supported.
func (JSONWebSignature) SerializeCompact ¶
func (s JSONWebSignature) SerializeCompact(detached bool) (string, error)
SerializeCompact makes JWS Compact Serialization (https://tools.ietf.org/html/rfc7515#section-7.1)
func (JSONWebSignature) Signature ¶
func (s JSONWebSignature) Signature() []byte
Signature returns a copy of JWS signature.
type JWK ¶
type JWK jose.JSONWebKey
JWK (JSON Web Key) is a JSON data structure that represents a cryptographic key.
type JWSParseOpt ¶
type JWSParseOpt func(opts *jwsParseOpts)
JWSParseOpt is the JWS Parser option.
func WithJWSDetachedPayload ¶
func WithJWSDetachedPayload(payload []byte) JWSParseOpt
WithJWSDetachedPayload option is for definition of JWS detached payload.
type SignatureVerifier ¶
type SignatureVerifier interface {
// Verify verifies JWS based on the signing input.
Verify(joseHeaders Headers, payload, signingInput, signature []byte) error
}
SignatureVerifier makes verification of JSON Web Signature.
type SignatureVerifierFunc ¶
SignatureVerifierFunc is a function wrapper for SignatureVerifier.
type Signer ¶
type Signer interface {
// Sign signs.
Sign(data []byte) ([]byte, error)
// Headers provides JWS headers. "alg" header must be provided (see https://tools.ietf.org/html/rfc7515#section-4.1)
Headers() Headers
}
Signer defines JWS Signer interface. It makes signing of data and provides custom JWS headers relevant to the signer.
Source Files