root
/
keypairs
mirror of https://github.com/therootcompany/keypairs
2
0
Fork 0
Code Issues Releases Wiki Activity
Cross-platform RSA & EC keypair generation, signing and verification - suitable for JWT, JOSE, and asymmetric cryptography.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45 Commits
5 Branches
22 Tags
124 KiB
 
 
Branch: license
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'license'
${ noResults }
ignore 78847a9cfd
add MIT license 		5 years ago
fixtures friendlier error reporting 5 years ago
keyfetch update error message 5 years ago
keyserve doc updates 5 years ago
LICENSE add MIT license 5 years ago
README.md add MIT license 5 years ago
doc.go doc cleanup 5 years ago
go.mod friendlier error reporting 5 years ago
keypairs.go friendlier error reporting 5 years ago
keypairs_test.go friendlier error reporting 5 years ago

README.md

go-keypairs

The lightest touch over top of Go's crypto/ecdsa and crypto/rsa to make them typesafe and to provide JSON Web Key (JWK) support.

Documentation

Use the source, Luke!

https://godoc.org/github.com/big-squid/go-keypairs

Philosophy

Always remember:

Don't roll your own crypto.

But also remember:

Just because you don't know someone doesn't make them smart.

Don't get the two mixed up!

(furthermore, just because you do know someone doesn't make them not smart)

Although I would not want to invent my own cryptographic algorithm, I've read enough source code to know that, for standards I know well, I feel much more confident in the security, extensibility, and documentation of tooling that I've write myself.

Type Safety

Go has excellent crytography support and provides wonderful primitives for dealing with them. Its Achilles' heel is they're not typesafe!

As of Go 1.11.5 crypto.PublicKey and crypto.PrivateKey are "marker interfaces" or, in other words, empty interfaces that only serve to document intent without actually providing a constraint to the type system.

go-keypairs defines type keypairs.PrivateKey interface { Public() crypto.PublicKey }, which is implemented by crypto/rsa and crypto/ecdsa (but not crypto/dsa, which we really don't care that much about).

Since there are no common methods between rsa.PublicKey and ecdsa.PublicKey, go-keypairs lightly wraps each to implement Thumbprint() string (part of the JOSE/JWK spec).

JSON Web Key "codec"

Although there are many, many ways that JWKs could be interpreted (possibly why they haven't made it into the standard library), go-keypairs follows the basic pattern of encoding/x509 to Parse and Marshal only the most basic and most meaningful parts of a key.

I highly recommend that you use Thumbprint() for KeyID you also get the benefit of not losing information when encoding and decoding between the ASN.1, x509, PEM, and JWK formats.

LICENSE

Copyright (c) 2018-2019 Big Squid, Inc.

This work is licensed under the terms of the MIT license. For a copy, see https://opensource.org/licenses/MIT.