/
interface.go
102 lines (90 loc) · 3.05 KB
/
interface.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
package jwe
import (
"github.com/lestrrat-go/iter/mapiter"
"github.com/lestrrat-go/jwx/internal/iter"
"github.com/lestrrat-go/jwx/jwa"
"github.com/lestrrat-go/jwx/jwe/internal/keyenc"
"github.com/lestrrat-go/jwx/jwe/internal/keygen"
)
// Recipient holds the encrypted key and hints to decrypt the key
type Recipient interface {
Headers() Headers
EncryptedKey() []byte
SetHeaders(Headers) error
SetEncryptedKey([]byte) error
}
type stdRecipient struct {
headers Headers
encryptedKey []byte
}
// Message contains the entire encrypted JWE message. You should not
// expect to use Message for anything other than inspecting the
// state of an encrypted message. This is because encryption is
// highly context sensitive, and once we parse the original payload
// into an object, we may not always be able to recreate the exact
// context in which the encryption happened.
//
// For example, it is totally valid for if the protected header's
// integrity was calculated using a non-standard line breaks:
//
// {"a dummy":
// "protected header"}
//
// Once parsed, though, we can only serialize the protected header as:
//
// {"a dummy":"protected header"}
//
// which would obviously result in a contradicting integrity value
// if we tried to re-calculate it from a parsed message.
//
//nolint:govet
type Message struct {
authenticatedData []byte
cipherText []byte
initializationVector []byte
tag []byte
recipients []Recipient
protectedHeaders Headers
unprotectedHeaders Headers
// These two fields below are not available for the public consumers of this object.
// rawProtectedHeaders stores the original protected header buffer
rawProtectedHeaders []byte
// storeProtectedHeaders is a hint to be used in UnmarshalJSON().
// When this flag is true, UnmarshalJSON() will populate the
// rawProtectedHeaders field
storeProtectedHeaders bool
}
// contentEncrypter encrypts the content using the content using the
// encrypted key
type contentEncrypter interface {
Algorithm() jwa.ContentEncryptionAlgorithm
Encrypt([]byte, []byte, []byte) ([]byte, []byte, []byte, error)
}
//nolint:govet
type encryptCtx struct {
keyEncrypters []keyenc.Encrypter
protected Headers
contentEncrypter contentEncrypter
generator keygen.Generator
compress jwa.CompressionAlgorithm
}
// populater is an interface for things that may modify the
// JWE header. e.g. ByteWithECPrivateKey
type populater interface {
Populate(keygen.Setter) error
}
type Visitor = iter.MapVisitor
type VisitorFunc = iter.MapVisitorFunc
type HeaderPair = mapiter.Pair
type Iterator = mapiter.Iterator
// PostParser is used in conjunction with jwe.WithPostParser().
// This hook is called right after the JWE message has been parsed
// but before the actual decryption takes place during `jwe.Decrypt()`.
type PostParser interface {
PostParse(DecryptCtx) error
}
// PostParseFunc is a PostParser that is represented by a single function
type PostParseFunc func(DecryptCtx) error
func (fn PostParseFunc) PostParse(ctx DecryptCtx) error {
return fn(ctx)
}