interface.go

Documentation: github.com/lestrrat-go/jwx/jwe

     1  package jwe
     2  
     3  import (
     4  	"github.com/lestrrat-go/iter/mapiter"
     5  	"github.com/lestrrat-go/jwx/internal/iter"
     6  	"github.com/lestrrat-go/jwx/jwa"
     7  	"github.com/lestrrat-go/jwx/jwe/internal/keyenc"
     8  	"github.com/lestrrat-go/jwx/jwe/internal/keygen"
     9  )
    10  
    11  // Recipient holds the encrypted key and hints to decrypt the key
    12  type Recipient interface {
    13  	Headers() Headers
    14  	EncryptedKey() []byte
    15  	SetHeaders(Headers) error
    16  	SetEncryptedKey([]byte) error
    17  }
    18  
    19  type stdRecipient struct {
    20  	headers      Headers
    21  	encryptedKey []byte
    22  }
    23  
    24  // Message contains the entire encrypted JWE message. You should not
    25  // expect to use Message for anything other than inspecting the
    26  // state of an encrypted message. This is because encryption is
    27  // highly context sensitive, and once we parse the original payload
    28  // into an object, we may not always be able to recreate the exact
    29  // context in which the encryption happened.
    30  //
    31  // For example, it is totally valid for if the protected header's
    32  // integrity was calculated using a non-standard line breaks:
    33  //
    34  //    {"a dummy":
    35  //      "protected header"}
    36  //
    37  // Once parsed, though, we can only serialize the protected header as:
    38  //
    39  //    {"a dummy":"protected header"}
    40  //
    41  // which would obviously result in a contradicting integrity value
    42  // if we tried to re-calculate it from a parsed message.
    43  //nolint:govet
    44  type Message struct {
    45  	authenticatedData    []byte
    46  	cipherText           []byte
    47  	initializationVector []byte
    48  	tag                  []byte
    49  	recipients           []Recipient
    50  	protectedHeaders     Headers
    51  	unprotectedHeaders   Headers
    52  
    53  	// These two fields below are not available for the public consumers of this object.
    54  	// rawProtectedHeaders stores the original protected header buffer
    55  	rawProtectedHeaders []byte
    56  	// storeProtectedHeaders is a hint to be used in UnmarshalJSON().
    57  	// When this flag is true, UnmarshalJSON() will populate the
    58  	// rawProtectedHeaders field
    59  	storeProtectedHeaders bool
    60  }
    61  
    62  // contentEncrypter encrypts the content using the content using the
    63  // encrypted key
    64  type contentEncrypter interface {
    65  	Algorithm() jwa.ContentEncryptionAlgorithm
    66  	Encrypt([]byte, []byte, []byte) ([]byte, []byte, []byte, error)
    67  }
    68  
    69  //nolint:govet
    70  type encryptCtx struct {
    71  	keyEncrypters    []keyenc.Encrypter
    72  	protected        Headers
    73  	contentEncrypter contentEncrypter
    74  	generator        keygen.Generator
    75  	compress         jwa.CompressionAlgorithm
    76  }
    77  
    78  // populater is an interface for things that may modify the
    79  // JWE header. e.g. ByteWithECPrivateKey
    80  type populater interface {
    81  	Populate(keygen.Setter) error
    82  }
    83  
    84  type Visitor = iter.MapVisitor
    85  type VisitorFunc = iter.MapVisitorFunc
    86  type HeaderPair = mapiter.Pair
    87  type Iterator = mapiter.Iterator
    88  
    89  // PostParser is used in conjunction with jwe.WithPostParser().
    90  // This hook is called right after the JWE message has been parsed
    91  // but before the actual decryption takes place during `jwe.Decrypt()`.
    92  type PostParser interface {
    93  	PostParse(DecryptCtx) error
    94  }
    95  
    96  // PostParseFunc is a PostParser that is represented by a single function
    97  type PostParseFunc func(DecryptCtx) error
    98  
    99  func (fn PostParseFunc) PostParse(ctx DecryptCtx) error {
   100  	return fn(ctx)
   101  }
   102
View as plain text