opa: github.com/open-policy-agent/opa/topdown/internal/jwx/jwk Index | Files

package jwk

import "github.com/open-policy-agent/opa/topdown/internal/jwx/jwk"

Package jwk implements JWK as described in https://tools.ietf.org/html/rfc7517

Index

Package Files

ecdsa.go headers.go interface.go jwk.go key_ops.go rsa.go symmetric.go

Constants

const (
    AlgorithmKey     = "alg"
    KeyIDKey         = "kid"
    KeyOpsKey        = "key_ops"
    KeyTypeKey       = "kty"
    KeyUsageKey      = "use"
    PrivateParamsKey = "privateParams"
)

Convenience constants for common JWK parameters

const (
    KeyOpSign       KeyOperation = "sign"       // (compute digital signature or MAC)
    KeyOpVerify                  = "verify"     // (verify digital signature or MAC)
    KeyOpEncrypt                 = "encrypt"    // (encrypt content)
    KeyOpDecrypt                 = "decrypt"    // (decrypt content and validate decryption, if applicable)
    KeyOpWrapKey                 = "wrapKey"    // (encrypt key)
    KeyOpUnwrapKey               = "unwrapKey"  // (decrypt key and validate decryption, if applicable)
    KeyOpDeriveKey               = "deriveKey"  // (derive key)
    KeyOpDeriveBits              = "deriveBits" // (derive bits not to be used as a key)
)

KeyOperation constants

func GetKeyTypeFromKey Uses

func GetKeyTypeFromKey(key interface{}) jwa.KeyType

GetKeyTypeFromKey creates a jwk.Key from the given key.

func GetPublicKey Uses

func GetPublicKey(key interface{}) (interface{}, error)

GetPublicKey returns the public key based on the private key type. For rsa key types *rsa.PublicKey is returned; for ecdsa key types *ecdsa.PublicKey; for byte slice (raw) keys, the key itself is returned. If the corresponding public key cannot be deduced, an error is returned

type ECDSAPrivateKey Uses

type ECDSAPrivateKey struct {
    *StandardHeaders
    // contains filtered or unexported fields
}

ECDSAPrivateKey is a type of JWK generated from ECDH-ES private keys

func (*ECDSAPrivateKey) GenerateKey Uses

func (k *ECDSAPrivateKey) GenerateKey(keyJSON *RawKeyJSON) error

GenerateKey creates a ECDSAPrivateKey from JWK format

func (ECDSAPrivateKey) Materialize Uses

func (k ECDSAPrivateKey) Materialize() (interface{}, error)

Materialize returns the EC-DSA private key represented by this JWK

type ECDSAPublicKey Uses

type ECDSAPublicKey struct {
    *StandardHeaders
    // contains filtered or unexported fields
}

ECDSAPublicKey is a type of JWK generated from ECDSA public keys

func (*ECDSAPublicKey) GenerateKey Uses

func (k *ECDSAPublicKey) GenerateKey(keyJSON *RawKeyJSON) error

GenerateKey creates a ECDSAPublicKey from JWK format

func (ECDSAPublicKey) Materialize Uses

func (k ECDSAPublicKey) Materialize() (interface{}, error)

Materialize returns the EC-DSA public key represented by this JWK

type Headers Uses

type Headers interface {
    Get(string) (interface{}, bool)
    Set(string, interface{}) error
    Walk(func(string, interface{}) error) error
    GetAlgorithm() jwa.SignatureAlgorithm
    GetKeyID() string
    GetKeyOps() KeyOperationList
    GetKeyType() jwa.KeyType
    GetKeyUsage() string
    GetPrivateParams() map[string]interface{}
}

Headers provides a common interface to all future possible headers

type Key Uses

type Key interface {
    Headers

    // Materialize creates the corresponding key. For example,
    // RSA types would create *rsa.PublicKey or *rsa.PrivateKey,
    // EC types would create *ecdsa.PublicKey or *ecdsa.PrivateKey,
    // and OctetSeq types create a []byte key.
    Materialize() (interface{}, error)
    GenerateKey(*RawKeyJSON) error
}

Key defines the minimal interface for each of the key types. Their use and implementation differ significantly between each key types, so you should use type assertions to perform more specific tasks with each key

func New Uses

func New(key interface{}) (Key, error)

New creates a jwk.Key from the given key.

type KeyOperation Uses

type KeyOperation string

KeyOperation is used to denote the allowed operations for a Key

type KeyOperationList Uses

type KeyOperationList []KeyOperation

KeyOperationList represents an slice of KeyOperation

func (*KeyOperationList) Accept Uses

func (keyOperationList *KeyOperationList) Accept(v interface{}) error

Accept determines if Key Operation is valid

func (*KeyOperationList) UnmarshalJSON Uses

func (keyOperationList *KeyOperationList) UnmarshalJSON(data []byte) error

UnmarshalJSON unmarshals and checks data as KeyType Algorithm

type KeyUsageType Uses

type KeyUsageType string

KeyUsageType is used to denote what this key should be used for

const (
    // ForSignature is the value used in the headers to indicate that
    // this key should be used for signatures
    ForSignature KeyUsageType = "sig"
    // ForEncryption is the value used in the headers to indicate that
    // this key should be used for encryptiong
    ForEncryption KeyUsageType = "enc"
)

type RSAPrivateKey Uses

type RSAPrivateKey struct {
    *StandardHeaders
    // contains filtered or unexported fields
}

RSAPrivateKey is a type of JWK generated from RSA private keys

func (*RSAPrivateKey) GenerateKey Uses

func (k *RSAPrivateKey) GenerateKey(keyJSON *RawKeyJSON) error

GenerateKey creates a RSAPublicKey from a RawKeyJSON

func (*RSAPrivateKey) Materialize Uses

func (k *RSAPrivateKey) Materialize() (interface{}, error)

Materialize returns the standard RSA Private Key representation stored in the internal representation

type RSAPublicKey Uses

type RSAPublicKey struct {
    *StandardHeaders
    // contains filtered or unexported fields
}

RSAPublicKey is a type of JWK generated from RSA public keys

func (*RSAPublicKey) GenerateKey Uses

func (k *RSAPublicKey) GenerateKey(keyJSON *RawKeyJSON) error

GenerateKey creates a RSAPublicKey from a RawKeyJSON

func (*RSAPublicKey) Materialize Uses

func (k *RSAPublicKey) Materialize() (interface{}, error)

Materialize returns the standard RSA Public Key representation stored in the internal representation

type RawKeyJSON Uses

type RawKeyJSON struct {
    StandardHeaders
    jwa.AlgorithmParameters
}

RawKeyJSON is generic type that represents any kind JWK

func (*RawKeyJSON) GenerateKey Uses

func (r *RawKeyJSON) GenerateKey() (Key, error)

GenerateKey creates an internal representation of a key from a raw JWK JSON

type RawKeySetJSON Uses

type RawKeySetJSON struct {
    Keys []RawKeyJSON `json:"keys"`
}

RawKeySetJSON is generic type that represents a JWK Set

type Set Uses

type Set struct {
    Keys []Key `json:"keys"`
}

Set is a convenience struct to allow generating and parsing JWK sets as opposed to single JWKs

func ParseBytes Uses

func ParseBytes(buf []byte) (*Set, error)

ParseBytes parses JWK from the incoming byte buffer.

func ParseString Uses

func ParseString(s string) (*Set, error)

ParseString parses JWK from the incoming string.

type StandardHeaders Uses

type StandardHeaders struct {
    Algorithm     *jwa.SignatureAlgorithm `json:"alg,omitempty"`           // https://tools.ietf.org/html/rfc7517#section-4.4
    KeyID         string                  `json:"kid,omitempty"`           // https://tools.ietf.org/html/rfc7515#section-4.1.4
    KeyOps        KeyOperationList        `json:"key_ops,omitempty"`       // https://tools.ietf.org/html/rfc7517#section-4.3
    KeyType       jwa.KeyType             `json:"kty,omitempty"`           // https://tools.ietf.org/html/rfc7517#section-4.1
    KeyUsage      string                  `json:"use,omitempty"`           // https://tools.ietf.org/html/rfc7517#section-4.2
    PrivateParams map[string]interface{}  `json:"privateParams,omitempty"` // https://tools.ietf.org/html/rfc7515#section-4.1.4
}

StandardHeaders stores the common JWK parameters

func (*StandardHeaders) Get Uses

func (h *StandardHeaders) Get(name string) (interface{}, bool)

Get is a general getter function for JWK StandardHeaders structure

func (*StandardHeaders) GetAlgorithm Uses

func (h *StandardHeaders) GetAlgorithm() jwa.SignatureAlgorithm

GetAlgorithm is a convenience function to retrieve the corresponding value stored in the StandardHeaders

func (*StandardHeaders) GetKeyID Uses

func (h *StandardHeaders) GetKeyID() string

GetKeyID is a convenience function to retrieve the corresponding value stored in the StandardHeaders

func (*StandardHeaders) GetKeyOps Uses

func (h *StandardHeaders) GetKeyOps() KeyOperationList

GetKeyOps is a convenience function to retrieve the corresponding value stored in the StandardHeaders

func (*StandardHeaders) GetKeyType Uses

func (h *StandardHeaders) GetKeyType() jwa.KeyType

GetKeyType is a convenience function to retrieve the corresponding value stored in the StandardHeaders

func (*StandardHeaders) GetKeyUsage Uses

func (h *StandardHeaders) GetKeyUsage() string

GetKeyUsage is a convenience function to retrieve the corresponding value stored in the StandardHeaders

func (*StandardHeaders) GetPrivateParams Uses

func (h *StandardHeaders) GetPrivateParams() map[string]interface{}

GetPrivateParams is a convenience function to retrieve the corresponding value stored in the StandardHeaders

func (*StandardHeaders) Set Uses

func (h *StandardHeaders) Set(name string, value interface{}) error

Set is a general getter function for JWK StandardHeaders structure

func (StandardHeaders) Walk Uses

func (h StandardHeaders) Walk(f func(string, interface{}) error) error

Walk iterates over all JWK standard headers fields while applying a function to its value.

type SymmetricKey Uses

type SymmetricKey struct {
    *StandardHeaders
    // contains filtered or unexported fields
}

SymmetricKey is a type of JWK generated from symmetric keys

func (*SymmetricKey) GenerateKey Uses

func (s *SymmetricKey) GenerateKey(keyJSON *RawKeyJSON) error

GenerateKey creates a Symmetric key from a RawKeyJSON

func (SymmetricKey) Materialize Uses

func (s SymmetricKey) Materialize() (interface{}, error)

Materialize returns the octets for this symmetric key. Since this is a symmetric key, this just calls Octets

func (SymmetricKey) Octets Uses

func (s SymmetricKey) Octets() []byte

Octets returns the octets in the key

Package jwk imports 8 packages (graph) and is imported by 3 packages. Updated 2019-10-14. Refresh now. Tools for package owners.