The highest tagged major version is v2.

key

package module

v1.3.1 Latest Latest Go to latest Published: Apr 7, 2023 License: MIT Imports: 15 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/svicknesh/key

Links

Open Source Insights

README ¶

Key

Golang helper library to create JWK keys for signing or verifying hashed data from an ED25519, ECDSA or RSA public/private keys

It also supports creating shared keys using Curve25519.

Usage

Generating keys

Possible key types that can be generated are

RSA2048 - RSA 2048 bit
RSA4096 - RSA 4096 bit
ECDSA256 - ECDSA 256 bit
ECDSA384 - ECDSA 384 bit
ECDSA521 - ECDSA 521 bit
ED25519 - ED25519 256 bit

privJWK, err := key.Generate(ECDSA256)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println(privJWK.String()) // prints the JWK JSON string of this key

pubJWK := privJWK.PublicKey() // creates an instance of the public key for the generated private key

Signing hashed data

// assume an instance of the private key in JWK instance (`privJWK`) already exists
hashed := sha256.Sum256([]byte("hello world"))
signed, err := privJWK.Sign(hashed[:])
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}
fmt.Println(hex.EncodeToString(signed))

Verifying hashed data

// assume an instance of the public key in JWK instance (`pubJWK`) already exists
err = pubJWK.Verify(signed, hashed[:])
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

fmt.Println("\nsignature matches, success")

Get key instance

Returns an instance of the public or private key

pemBytes := privJWK.Key()

Generate PEM bytes

pemBytes := privJWK.PEM()

Generate JSON string

jsonStr := privJWK.String()

Reading PEM encoded public/private keys into `JWK` instance

// assume the public/private key in PEM encoded format already exists. password is given in bytes if needed to decrypt the x509 private key PEM
privJWK, err := key.ParsePEM(pemBytes, passwdBytes)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

Reading JWK JSON encoded public/private keys into `JWK` instance

// assume the public/private key in JWK JSON string encoded format already exists
privJWK, err := key.ParseJWK(pemBytes)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

Creating Shared Secret using `Curve25519`


// create new public, private key for Curve25519 for self
aPriv, aPub, err := NewKX()
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

fmt.Printf("A Private key (a):\t%x\n", aPriv)
fmt.Printf("A Public key:\t\t%x\n", aPub)

// create new public, private key for Curve25519 for target
bPriv, bPub, err := NewKX()
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

fmt.Printf("B Private key (b):\t%x\n", bPriv)
fmt.Printf("B Public key:\t\t%x\n", bPub)

// created shared secret for A
sharedSecretA, err := SharedSecret(aPriv, bPub)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

// created shared secret for B
sharedSecretB, err := SharedSecret(bPriv, aPub)
if nil != err {
    fmt.Println(err)
    os.Exit(1)
}

fmt.Printf("Shared key (A):\t\t%x\n", sharedSecretA)
fmt.Printf("Shared key (B):\t\t%x\n", sharedSecretB)

Documentation ¶

Index ¶

func GetKXPubKey(privateKey [32]byte) (publicKey [32]byte)
func NewKX() (privateKey [32]byte, err error)
func SharedSecret(ownPrivateKey, targetPubKey [32]byte) (sharedSecret []byte, err error)
type JWK
type KeyType

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func GetKXPubKey ¶ added in v1.3.0

func GetKXPubKey(privateKey [32]byte) (publicKey [32]byte)

func NewKX ¶ added in v1.2.0

func NewKX() (privateKey [32]byte, err error)

func SharedSecret ¶ added in v1.2.0

func SharedSecret(ownPrivateKey, targetPubKey [32]byte) (sharedSecret []byte, err error)

Types ¶

type JWK ¶

type JWK struct {
	Kty string `yaml:"kty,omitempty" json:"kty,omitempty"`
	Crv string `yaml:"crv,omitempty" json:"crv,omitempty"`
	N   string `yaml:"n,omitempty" json:"n,omitempty"`
	E   string `yaml:"e,omitempty" json:"e,omitempty"`
	G   string `yaml:"g,omitempty" json:"g,omitempty"`
	P   string `yaml:"p,omitempty" json:"p,omitempty"`
	Q   string `yaml:"q,omitempty" json:"q,omitempty"`
	X   string `yaml:"x,omitempty" json:"x,omitempty"`
	Y   string `yaml:"y,omitempty" json:"y,omitempty"`
	D   string `yaml:"d,omitempty" json:"d,omitempty"`
	DP  string `yaml:"dp,omitempty" json:"dp,omitempty"`
	DQ  string `yaml:"dq,omitempty" json:"dq,omitempty"`
	QI  string `yaml:"qi,omitempty" json:"qi,omitempty"`
	Kid string `yaml:"kid,omitempty" json:"kid,omitempty"`
	// contains filtered or unexported fields
}

JWK - RSA & EC keys is in JWK format

func Generate ¶

func Generate(keytype KeyType) (j *JWK, err error)

Generate - generates a new key

func New ¶

func New(key interface{}) (j *JWK, err error)

New - creates a new instance of JWK from a given public or private key

func ParseJWK ¶

func ParseJWK(jsonBytes []byte) (j *JWK, err error)

ParseJWK - parses JWK JSON encoded bytes into a key

func ParsePEM ¶

func ParsePEM(pemBytes, password []byte) (j *JWK, err error)

ParsePEM - parses PEM encoded bytes into a key

func (*JWK) Bytes ¶

func (j *JWK) Bytes() (bytes []byte)

Bytes - returns a JSON encoded byte of the key

func (*JWK) Key ¶

func (j *JWK) Key() (key interface{})

Key - returns an `RSA` or `ECDSA` instance of the Key, this will return private key first and if it doesn't exist, only then return the public key

func (*JWK) PEM ¶

func (j *JWK) PEM() (pemBytes []byte)

PEM - returns a PEM encoded string of the key

func (*JWK) PublicKey ¶

func (j *JWK) PublicKey() (p *JWK)

PublicKey - returns a JWK instance of `PublicKey`

func (*JWK) SetKeyID ¶

func (j *JWK) SetKeyID(kid string)

SetKeyID - set a key id for a given key

func (*JWK) Sign ¶

func (j *JWK) Sign(hashed []byte) (signed []byte, err error)

Sign - signs the given data using the private key in this JWK instance

func (*JWK) String ¶

func (j *JWK) String() (str string)

String - returns a JSON encoded string of the key

func (*JWK) Verify ¶

func (j *JWK) Verify(signed, hashed []byte) (err error)

Verify - verifies the given data using the public key in this JWK instance

type KeyType ¶

type KeyType uint8 // new type to define key types to be generated

const (

	// RSA2048 - generate an RSA 2048 bit key
	RSA2048 KeyType = iota

	// RSA4096 - generate an RSA 4096 bit key
	RSA4096

	// ECDSA256 - generate an ECDSA 256 bit key
	ECDSA256

	// ECDSA384 - generate an ECDSA 384 bit key
	ECDSA384

	// ECDSA521 - generate an ECDSA 512 bit key
	ECDSA521

	// ED25519 - generates an ED25519 256 bit key
	ED25519
)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL