Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose ways to integrate new key types better #969

Closed
wants to merge 7 commits into from
Closed

Expose ways to integrate new key types better #969

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a077c65
Rough cut of exposing ways to integrate new key types better
lestrrat Aug 24, 2023
d966b13
Update go.mod
lestrrat Aug 24, 2023
f733c9a
Fix BUILD.bazel
lestrrat Aug 24, 2023
e704b4f
tweak
lestrrat Aug 24, 2023
7ec8e06
Fix naming
lestrrat Aug 24, 2023
92bd45d
tweak doc
lestrrat Aug 24, 2023
f7ab98e
Merge branch 'develop/v2' into flexible-raw-keys
lestrrat Sep 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions examples/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@ go 1.16

require (
github.com/cloudflare/circl v1.3.3
github.com/lestrrat-go/jwx/v2 v2.0.11
github.com/lestrrat-go/jwx/v2 v2.0.12-0.20230824024517-a077c65f16eb
)

replace github.com/cloudflare/circl v1.0.0 => github.com/cloudflare/circl v1.0.1-0.20210104183656-96a0695de3c3

replace github.com/lestrrat-go/jwx/v2 v2.0.11 => ../
replace github.com/lestrrat-go/jwx/v2 v2.0.11 => ../
2 changes: 2 additions & 0 deletions examples/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG
github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
github.com/lestrrat-go/jwx/v2 v2.0.12-0.20230824024517-a077c65f16eb h1:qPUmVTD6gWn0S8zfmAzjgzF5xdYtJrGhroN+i7u/TrE=
github.com/lestrrat-go/jwx/v2 v2.0.12-0.20230824024517-a077c65f16eb/go.mod h1:Mq4KN1mM7bp+5z/W5HS8aCNs5RKZ911G/0y2qUjAQuQ=
github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU=
github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
Expand Down
2 changes: 1 addition & 1 deletion examples/jwk_example_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ func ExampleJWK_Usage() {
key := pair.Value.(jwk.Key)

var rawkey interface{} // This is the raw key, like *rsa.PrivateKey or *ecdsa.PrivateKey
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Raw(key, &rawkey); err != nil {
log.Printf("failed to create public key: %s", err)
return
}
Expand Down
10 changes: 5 additions & 5 deletions internal/jwxtest/jwxtest.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -270,7 +270,7 @@ func DecryptJweFile(ctx context.Context, file string, alg jwa.KeyEncryptionAlgor
}

var rawkey interface{}
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Raw(key, &rawkey); err != nil {
return nil, fmt.Errorf(`failed to obtain raw key from JWK: %w`, err)
}

Expand All @@ -288,19 +288,19 @@ func EncryptJweFile(ctx context.Context, payload []byte, keyalg jwa.KeyEncryptio
switch keyalg {
case jwa.RSA1_5, jwa.RSA_OAEP, jwa.RSA_OAEP_256:
var rawkey rsa.PrivateKey
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Raw(key, &rawkey); err != nil {
return "", nil, fmt.Errorf(`failed to obtain raw key: %w`, err)
}
keyif = rawkey.PublicKey
case jwa.ECDH_ES, jwa.ECDH_ES_A128KW, jwa.ECDH_ES_A192KW, jwa.ECDH_ES_A256KW:
var rawkey ecdsa.PrivateKey
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Raw(key, &rawkey); err != nil {
return "", nil, fmt.Errorf(`failed to obtain raw key: %w`, err)
}
keyif = rawkey.PublicKey
default:
var rawkey []byte
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Raw(key, &rawkey); err != nil {
return "", nil, fmt.Errorf(`failed to obtain raw key: %w`, err)
}
keyif = rawkey
Expand All @@ -326,7 +326,7 @@ func VerifyJwsFile(ctx context.Context, file string, alg jwa.SignatureAlgorithm,
}

var rawkey, pubkey interface{}
if err := key.Raw(&rawkey); err != nil {
if err := jwk.Raw(key, &rawkey); err != nil {
return nil, fmt.Errorf(`failed to obtain raw key from JWK: %w`, err)
}
pubkey = rawkey
Expand Down
14 changes: 7 additions & 7 deletions internal/keyconv/keyconv.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ import (
func RSAPrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw rsa.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce rsa.PrivateKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -42,7 +42,7 @@ func RSAPrivateKey(dst, src interface{}) error {
func RSAPublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw rsa.PublicKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce rsa.PublicKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -66,7 +66,7 @@ func RSAPublicKey(dst, src interface{}) error {
func ECDSAPrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ecdsa.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ecdsa.PrivateKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -89,7 +89,7 @@ func ECDSAPrivateKey(dst, src interface{}) error {
func ECDSAPublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ecdsa.PublicKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ecdsa.PublicKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -110,7 +110,7 @@ func ECDSAPublicKey(dst, src interface{}) error {
func ByteSliceKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw []byte
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce []byte from %T: %w`, src, err)
}
src = raw
Expand All @@ -125,7 +125,7 @@ func ByteSliceKey(dst, src interface{}) error {
func Ed25519PrivateKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ed25519.PrivateKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ed25519.PrivateKey from %T: %w`, src, err)
}
src = &raw
Expand All @@ -146,7 +146,7 @@ func Ed25519PrivateKey(dst, src interface{}) error {
func Ed25519PublicKey(dst, src interface{}) error {
if jwkKey, ok := src.(jwk.Key); ok {
var raw ed25519.PublicKey
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return fmt.Errorf(`failed to produce ed25519.PublicKey from %T: %w`, src, err)
}
src = &raw
Expand Down
4 changes: 2 additions & 2 deletions jwe/internal/keyenc/keyenc_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,15 +101,15 @@ func TestDeriveECDHES(t *testing.T) {
if !assert.NoError(t, err, `jwk.ParseKey should succeed`) {
return
}
if !assert.NoError(t, aliceWebKey.Raw(&aliceKey), `aliceWebKey.Raw should succeed`) {
if !assert.NoError(t, jwk.Raw(aliceWebKey, &aliceKey), `aliceWebKey.Raw should succeed`) {
return
}

bobWebKey, err := jwk.ParseKey([]byte(bobKeySrc))
if !assert.NoError(t, err, `jwk.ParseKey should succeed`) {
return
}
if !assert.NoError(t, bobWebKey.Raw(&bobKey), `bobWebKey.Raw should succeed`) {
if !assert.NoError(t, jwk.Raw(bobWebKey, &bobKey), `bobWebKey.Raw should succeed`) {
return
}

Expand Down
8 changes: 4 additions & 4 deletions jwe/jwe.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ func (b *recipientBuilder) Build(cek []byte, calg jwa.ContentEncryptionAlgorithm
keyID = jwkKey.KeyID()

var raw interface{}
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return nil, nil, fmt.Errorf(`failed to retrieve raw key out of %T: %w`, b.key, err)
}

Expand Down Expand Up @@ -573,7 +573,7 @@ func (dctx *decryptCtx) try(ctx context.Context, recipient Recipient, keyUsed in
func (dctx *decryptCtx) decryptContent(ctx context.Context, alg jwa.KeyEncryptionAlgorithm, key interface{}, recipient Recipient) ([]byte, error) {
if jwkKey, ok := key.(jwk.Key); ok {
var raw interface{}
if err := jwkKey.Raw(&raw); err != nil {
if err := jwk.Raw(jwkKey, &raw); err != nil {
return nil, fmt.Errorf(`failed to retrieve raw key from %T: %w`, key, err)
}
key = raw
Expand Down Expand Up @@ -609,13 +609,13 @@ func (dctx *decryptCtx) decryptContent(ctx context.Context, alg jwa.KeyEncryptio
switch epk := epkif.(type) {
case jwk.ECDSAPublicKey:
var pubkey ecdsa.PublicKey
if err := epk.Raw(&pubkey); err != nil {
if err := jwk.Raw(epk, &pubkey); err != nil {
return nil, fmt.Errorf(`failed to get public key: %w`, err)
}
dec.PublicKey(&pubkey)
case jwk.OKPPublicKey:
var pubkey interface{}
if err := epk.Raw(&pubkey); err != nil {
if err := jwk.Raw(epk, &pubkey); err != nil {
return nil, fmt.Errorf(`failed to get public key: %w`, err)
}
dec.PublicKey(pubkey)
Expand Down
8 changes: 4 additions & 4 deletions jwe/jwe_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ func init() {
panic(err)
}

if err := privkey.Raw(&rsaPrivKey); err != nil {
if err := jwk.Raw(privkey, &rsaPrivKey); err != nil {
panic(err)
}
}
Expand Down Expand Up @@ -168,7 +168,7 @@ func TestParse_RSAES_OAEP_AES_GCM(t *testing.T) {
}

var rawkey rsa.PrivateKey
if !assert.NoError(t, privkey.Raw(&rawkey), `obtaining raw key should succeed`) {
if !assert.NoError(t, jwk.Raw(privkey, &rawkey), `obtaining raw key should succeed`) {
return
}

Expand Down Expand Up @@ -503,7 +503,7 @@ func Test_GHIssue207(t *testing.T) {
}

var key ecdsa.PrivateKey
if !assert.NoError(t, webKey.Raw(&key), `jwk.Raw should succeed`) {
if !assert.NoError(t, jwk.Raw(webKey, &key), `jwk.Raw should succeed`) {
return
}

Expand Down Expand Up @@ -630,7 +630,7 @@ func TestDecodePredefined_Direct(t *testing.T) {
}

var key []byte
if !assert.NoError(t, webKey.Raw(&key), `jwk.Raw should succeed`) {
if !assert.NoError(t, jwk.Raw(webKey, &key), `jwk.Raw should succeed`) {
return
}

Expand Down
2 changes: 2 additions & 0 deletions jwk/BUILD.bazel
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ go_library(
name = "jwk",
srcs = [
"cache.go",
"convert.go",
"ecdsa.go",
"ecdsa_gen.go",
"fetch.go",
Expand All @@ -16,6 +17,7 @@ go_library(
"okp_gen.go",
"options.go",
"options_gen.go",
"pem.go",
"rsa.go",
"rsa_gen.go",
"set.go",
Expand Down
Loading
Loading