jwe

package module
v0.0.0-...-1bfa1da Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 20, 2023 License: MIT Imports: 12 Imported by: 0

README

jwe

build Go Reference

A go (or 'golang' for search engine friendliness) implementation of JSON Web Encryption. This is a companion package to https://github.com/golang-jwt/jwt. A common use-case is to encrypt the contents of a JWT using JWE.

Disclaimer

The public API of this package is highly unstable and we are nowhere near any stable v1.0 version, so expect a number of breaking changes as we develop it.

Currently, this package is considered mostly a pet project, so please be aware that the golang-jwt maintainers can only spent a limited time on this. Therefore, any response to a pull request review might take some time. On the other hand, we might be a little more lax with regards to API breaking pull requests, as long as we are still in the v0.x version range.

Usage

In order to build a new JWE, which encrypts a certain payload the function NewJWE should be used.

import "github.com/golang-jwt/jwe"

func main() {
    originalText := []byte("The true sign of intelligence is not knowledge but imagination.")
    token, err := jwe.NewJWE(jwe.KeyAlgorithmRSAOAEP, pk, jwe.EncryptionTypeA256GCM, originalText)
    if err != nil {
        panic(err)
		return
	}

    compact, err := token.CompactSerialize()
	if err != nil {
        panic(err)
		return
	}
}

Documentation

Index

Constants

View Source 
const TagSizeAESGCM = 16

Variables

View Source 
var (
	ErrInvalidKeySize            = errors.New("invalid key size")
	ErrInvalidTagSize            = errors.New("invalid tag size")
	ErrInvalidNonceSize          = errors.New("invalid nonce size")
	ErrUnsupportedEncryptionType = errors.New("unsupported encryption type")
)
View Source 
var (
	ErrMissingEncHeader = errors.New("missing \"enc\" header")
	ErrMissingAlgHeader = errors.New("missing \"alg\" header")
)
View Source 
var (
	ErrUnsupportedKeyType      = errors.New("unsupported key type")
	ErrUnsupportedKeyAlgorithm = errors.New("unsupported key algorithm")
)
View Source 
var (
	ErrKeyMustBePEMEncoded = errors.New("invalid key: Key must be a PEM encoded PKCS1 or PKCS8 key")
	ErrNotRSAPrivateKey    = errors.New("key is not a valid RSA private key")
	ErrNotRSAPublicKey     = errors.New("key is not a valid RSA public key")
)
View Source 
var EncryptionTypeA256GCM = EncryptionType("A256GCM")
View Source 
var KeyAlgorithmRSAOAEP = KeyAlgorithm("RSA-OAEP")
View Source 
var RandReader = rand.Reader

Functions

func NewJWE 

func NewJWE(alg KeyAlgorithm, key interface{}, method EncryptionType, plaintext []byte) (*jwe, error)

NewJWE creates a new JWE token. The plaintext will be encrypted with the method using a Content Encryption Key (cek). The cek will be encrypted with the alg using the key.

func ParseEncrypted 

func ParseEncrypted(input string) (*jwe, error)

func ParseRSAPrivateKeyFromPEM 

func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error)

ParseRSAPrivateKeyFromPEM parses a PEM encoded PKCS1 or PKCS8 private key

func ParseRSAPublicKeyFromPEM 

func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error)

ParseRSAPublicKeyFromPEM parses a PEM encoded PKCS1 or PKCS8 public key

Types

type EncryptionType 

type EncryptionType string

type KeyAlgorithm 

type KeyAlgorithm string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.