root
/
keypairs
mirror of https://github.com/therootcompany/keypairs
2
0
Fork 0
Code Issues Releases Wiki Activity
Cross-platform RSA & EC keypair generation, signing and verification - suitable for JWT, JOSE, and asymmetric cryptography.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
50 Commits
5 Branches
22 Tags
124 KiB
 
 
Tree: 94f22e1948
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '94f22e1948'
${ noResults }
AJ ONeal 94f22e1948
fix flag parsing 		4 years ago
cmd/keypairs fix flag parsing 4 years ago
examples update documented import path 4 years ago
fixtures friendlier error reporting 5 years ago
keyfetch update canonical import path 4 years ago
keyserve update canonical import path 4 years ago
.gitignore fix flag parsing 4 years ago
LICENSE add MIT license 5 years ago
README.md update documented import path 4 years ago
doc.go update canonical import path 4 years ago
generate.go add CLI to generate and marshal keypair 4 years ago
go.mod update canonical import path 4 years ago
keypairs.go go lint and update docs 4 years ago
keypairs_test.go friendlier error reporting 5 years ago
marshal.go add CLI to generate and marshal keypair 4 years ago

README.md

go-keypairs

JSON Web Key (JWK) support and type safety lightly placed over top of Go's crypto/ecdsa and crypto/rsa

Useful for JWT, JOSE, etc.

key, err := keypairs.ParsePrivateKey(bytesForJWKOrPEMOrDER)

pub, err := keypairs.ParsePublicKey(bytesForJWKOrPEMOrDER)

jwk, err := keypairs.MarshalJWKPublicKey(pub, time.Now().Add(2 * time.Day))

kid, err := keypairs.ThumbprintPublicKey(pub)

API Documentation

See https://pkg.go.dev/git.rootprojects.org/root/keypairs

Philosophy

Go's standard library is great.

Go has excellent crytography support and provides wonderful primitives for dealing with them.

I prefer to stay as close to Go's crypto package as possible, just adding a light touch for JWT support and type safety.

Type Safety

crypto.PublicKey is a "marker interface", meaning that it is not typesafe!

go-keypairs defines type keypairs.PrivateKey interface { Public() crypto.PublicKey }, which is implemented by crypto/rsa and crypto/ecdsa (but not crypto/dsa, which we really don't care that much about).

Go1.15 will add [PublicKey.Equal(crypto.PublicKey)](https://github.com/golang/go/issues/21704), which will make it possible to remove the additional wrapper over PublicKey and use an interface instead.

Since there are no common methods between rsa.PublicKey and ecdsa.PublicKey, go-keypairs lightly wraps each to implement Thumbprint() string (part of the JOSE/JWK spec).

JSON Web Key (JWK) as a "codec"

Although there are many, many ways that JWKs could be interpreted (possibly why they haven't made it into the standard library), go-keypairs follows the basic pattern of encoding/x509 to Parse and Marshal only the most basic and most meaningful parts of a key.

I highly recommend that you use Thumbprint() for KeyID you also get the benefit of not losing information when encoding and decoding between the ASN.1, x509, PEM, and JWK formats.

LICENSE

Copyright (c) 2020-present AJ ONeal Copyright (c) 2018-2019 Big Squid, Inc.

This work is licensed under the terms of the MIT license. For a copy, see https://opensource.org/licenses/MIT.