0

Go JOSE

在 Go 中实施 JOSE 标准(JWE、JWS、JWT)。「An implementation of JOSE standards (JWE, JWS, JWT) in Go」

Github repo
Main metrics

Github stars Tracking Chart

Go JOSE

包 jose 旨在提供 Javascript 对象签名和加密标准的实现。这包括对 JSON Web Encryption、JSON Web Signature 和 JSON Web Token 标准的支持。

免责声明:本库包含的加密软件受美国出口管理条例的约束。您不得违反任何美国法律、指令或法规,出口、再出口、转让或下载本代码或其任何部分。特别是本软件不得以任何形式或通过任何媒体出口或再出口到伊朗、北苏丹、叙利亚、古巴或北朝鲜,或出口到美国维护的任何封锁名单中提到的被拒绝的个人或实体。

概述

实现遵循 JSON Web Encryption(RFC 7516)、JSON Web Signature(RFC 7515)和 JSON Web Token(RFC 7519)规范。支持的算法表如下所示。该库支持紧凑的和 JWS/JWE JSON 序列化格式,并可选择支持多个接收者。它还附带了一个小型的命令行工具(jose-util),用于在 shell 中处理 JOSE 消息。

注意:我们使用了来自 Go 标准库的 encoding/json 包的分叉版本,它对成员名使用大小写敏感匹配(而不是大小写不敏感匹配)。这是为了避免 go-jose 和其他语言的库之间在解释消息方面的差异。

版本

第 2 版分支doc)是目前的稳定版本: 

import "gopkg.in/square/go-jose.v2"

版本3分支doc)是开发中/不稳定的版本(尚未发布): 

import "github.com/go-jose/go-jose/v3"

所有新功能的开发都在主分支上进行,我们准备在3版本准备好后将其发布。第2版将继续接受关键的错误和安全修复。请注意,从第3版开始,我们将使用 Go 模块来进行版本管理,而不是像以前那样使用 gopkg.in。

版本 1 (在 v1 分支上) 已被冻结,不再支持。

支持的算法

请看下面的支持算法表。算法标识符尽可能与JSON Web算法标准中的名称相匹配。Godoc参考文献中有一个常量列表。

Key encryption Algorithm identifier(s)
RSA-PKCS#1v1.5 RSA1_5
RSA-OAEP RSA-OAEP, RSA-OAEP-256
AES key wrap A128KW, A192KW, A256KW
AES-GCM key wrap A128GCMKW, A192GCMKW, A256GCMKW
ECDH-ES + AES key wrap ECDH-ES+A128KW, ECDH-ES+A192KW, ECDH-ES+A256KW
ECDH-ES (direct) ECDH-ES1
Direct encryption dir1

1在多收件人模式下不支持

Content encryption Algorithm identifier(s)
AES-CBC+HMAC A128CBC-HS256, A192CBC-HS384, A256CBC-HS512
AES-GCM A128GCM, A192GCM, A256GCM

支持的密钥类型

请看下面的支持的密钥类型表。这些都被库所理解,并可以传递给相应的函数,如NewEncrypter或NewSigner。如果需要的话,这些密钥中的每一个都可以被包装在JWK中,这样就可以附加一个密钥ID。

算法 对应的类型

Algorithm(s) Corresponding types
RSA *rsa.PublicKey, *rsa.PrivateKey
ECDH, ECDSA *ecdsa.PublicKey, *ecdsa.PrivateKey
EdDSA1 ed25519.PublicKey, ed25519.PrivateKey
AES, HMAC []byte

示例

在 Godoc 参考资料中可以找到这个软件包的例子。jose-util 子目录中还包含了一个小型的命令行实用程序,它可能也是一个有用的例子。


(The first version translated by vz on 2020.10.13)

Main metrics

Overview
Name With Ownersquare/go-jose
Primary Language
Program languageGo (Language Count: 0)
PlatformLinux, Mac, Windows
License:
所有者活动
Created At2014-11-14 18:27:31
Pushed At2023-01-10 17:50:06
Last Commit At2023-01-10 12:50:06
Release Count31
Last Release Namev2.6.0 (Posted on 2021-06-05 13:58:19)
First Release Namev1.0.0 (Posted on 2016-03-25 23:33:02)
用户参与
Stargazers Count2k
Watchers Count54
Fork Count275
Commits Count562
Has Issues Enabled
Issues Count152
Issue Open Count0
Pull Requests Count173
Pull Requests Open Count0
Pull Requests Close Count48
项目设置
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private

Go JOSE

godoc
godoc
license
build
coverage

Package jose aims to provide an implementation of the Javascript Object Signing
and Encryption set of standards. This includes support for JSON Web Encryption,
JSON Web Signature, and JSON Web Token standards.

Disclaimer: This library contains encryption software that is subject to
the U.S. Export Administration Regulations. You may not export, re-export,
transfer or download this code or any part of it in violation of any United
States law, directive or regulation. In particular this software may not be
exported or re-exported in any form or on any media to Iran, North Sudan,
Syria, Cuba, or North Korea, or to denied persons or entities mentioned on any
US maintained blocked list.

Overview

The implementation follows the
JSON Web Encryption (RFC 7516),
JSON Web Signature (RFC 7515), and
JSON Web Token (RFC 7519) specifications.
Tables of supported algorithms are shown below. The library supports both
the compact and JWS/JWE JSON Serialization formats, and has optional support for
multiple recipients. It also comes with a small command-line utility
(jose-util)
for dealing with JOSE messages in a shell.

Note: We use a forked version of the encoding/json package from the Go
standard library which uses case-sensitive matching for member names (instead
of case-insensitive matching).
This is to avoid differences in interpretation of messages between go-jose and
libraries in other languages.

Versions

Version 2
(branch,
doc) is the current stable version:

import "gopkg.in/square/go-jose.v2"

Version 3
(branch,
doc) is the under development/unstable version (not released yet):

import "github.com/square/go-jose/v3"

All new feature development takes place on the master branch, which we are
preparing to release as version 3 soon. Version 2 will continue to receive
critical bug and security fixes. Note that starting with version 3 we are
using Go modules for versioning instead of gopkg.in as before.

Version 1 (on the v1 branch) is frozen and not supported anymore.

Supported algorithms

See below for a table of supported algorithms. Algorithm identifiers match
the names in the JSON Web Algorithms
standard where possible. The Godoc reference has a list of constants.

Key encryption