package sign
import "github.com/open-policy-agent/opa/internal/jwx/jws/sign"
Index ¶
- func GetSigningKey(key string, alg jwa.SignatureAlgorithm) (interface{}, error)
- type ECDSASigner
- func (s ECDSASigner) Algorithm() jwa.SignatureAlgorithm
- func (s ECDSASigner) Sign(payload []byte, key interface{}) ([]byte, error)
- func (s ECDSASigner) SignWithRand(payload []byte, key interface{}, r io.Reader) ([]byte, error)
- type HMACSigner
- func (s HMACSigner) Algorithm() jwa.SignatureAlgorithm
- func (s HMACSigner) Sign(payload []byte, key interface{}) ([]byte, error)
- type RSASigner
- func (s RSASigner) Algorithm() jwa.SignatureAlgorithm
- func (s RSASigner) Sign(payload []byte, key interface{}) ([]byte, error)
- type Signer
Functions ¶
func GetSigningKey ¶
func GetSigningKey(key string, alg jwa.SignatureAlgorithm) (interface{}, error)
GetSigningKey returns a *rsa.PrivateKey or *ecdsa.PrivateKey typically encoded in PEM blocks of type "RSA PRIVATE KEY" or "EC PRIVATE KEY" for RSA and ECDSA family of algorithms. For HMAC family, it return a []byte value
Types ¶
type ECDSASigner ¶
type ECDSASigner struct {
// contains filtered or unexported fields
}
ECDSASigner uses crypto/ecdsa to sign the payloads.
func (ECDSASigner) Algorithm ¶
func (s ECDSASigner) Algorithm() jwa.SignatureAlgorithm
Algorithm returns the signer algorithm
func (ECDSASigner) Sign ¶
func (s ECDSASigner) Sign(payload []byte, key interface{}) ([]byte, error)
Sign signs payload with a ECDSA private key
func (ECDSASigner) SignWithRand ¶
SignWithRand signs payload with a ECDSA private key and a provided randomness source (such as `rand.Reader`).
type HMACSigner ¶
type HMACSigner struct {
// contains filtered or unexported fields
}
HMACSigner uses crypto/hmac to sign the payloads.
func (HMACSigner) Algorithm ¶
func (s HMACSigner) Algorithm() jwa.SignatureAlgorithm
Algorithm returns the signer algorithm
func (HMACSigner) Sign ¶
func (s HMACSigner) Sign(payload []byte, key interface{}) ([]byte, error)
Sign signs payload with a Symmetric key
type RSASigner ¶
type RSASigner struct {
// contains filtered or unexported fields
}
RSASigner uses crypto/rsa to sign the payloads.
func (RSASigner) Algorithm ¶
func (s RSASigner) Algorithm() jwa.SignatureAlgorithm
Algorithm returns the signer algorithm
func (RSASigner) Sign ¶
Sign creates a signature using crypto/rsa. key must be a non-nil instance of `*"crypto/rsa".PrivateKey`.
type Signer ¶
type Signer interface {
// Sign creates a signature for the given `payload`.
// `key` is the key used for signing the payload, and is usually
// the private key type associated with the signature method. For example,
// for `jwa.RSXXX` and `jwa.PSXXX` types, you need to pass the
// `*"crypto/rsa".PrivateKey` type.
// Check the documentation for each signer for details
Sign(payload []byte, key interface{}) ([]byte, error)
Algorithm() jwa.SignatureAlgorithm
}
Signer provides a common interface for supported alg signing methods
func New ¶
func New(alg jwa.SignatureAlgorithm) (Signer, error)
New creates a signer that signs payloads using the given signature algorithm.
Source Files ¶
ecdsa.go hmac.go interface.go rsa.go sign.go
- Version
- v1.4.2 (latest)
- Published
- May 2, 2025
- Platform
- linux/amd64
- Imports
- 14 packages
- Last checked
- 2 weeks ago –
Tools for package owners.