Decrypt returns the decrypted version of the given data if it's encrypted, it will return the raw data if it's not encrypted or the format is not valid.

GenerateJWK generates a JWK given the key type, curve, alg, use, kid and the size of the RSA or oct keys if necessary.

GenerateJWKFromPEM returns an incomplete JSONWebKey using the key from a PEM file.

Determine whether a JSONWebKey is asymmetric.

Determine whether a JSONWebKey is symmetric.

NewEncrypter creates an appropriate encrypter based on the key type.

NewNumericDate constructs NumericDate from time.Time value.

NewSigner creates an appropriate signer based on the key type.

ParseEncrypted parses an encrypted message in compact or full serialization format.

ParseJWS parses a signed message in compact or full serialization format.

ParseKey returns a JSONWebKey from the given JWK file or a PEM file.

ParseKeySet returns the JWK with the given key after parsing a JWKSet from a given file.

ParseSigned parses token from JWS form.

ReadJWKSet reads a JWK Set from a URL or filename.

Signed creates builder for signed tokens.

TrimPrefix removes the string "square/go-jose" from all errors.

ValidateJWK validates the given JWK.

WithAlg adds the alg claim to the context.

WithInsecure marks the context as insecure.

WithKid adds the kid property to the context.

WithNoDefaults avoids that the parser loads defaults values, specially the default algorithms.

WithPassword is a method that adds the given password to the context.

WithSubtle marks the context as subtle.

WithUse adds the use claim to the context.

AES-CBC + HMAC-SHA256 (128).

AES-GCM (128).

AES-GCM key wrap (128).

AES key wrap (128).

AES-CBC + HMAC-SHA384 (192).

AES-GCM (192).

AES-GCM key wrap (192).

AES key wrap (192).

AES-CBC + HMAC-SHA512 (256).

AES-GCM (256).

AES-GCM key wrap (256).

AES key wrap (256).

Key management algorithms.

Content encryption algorithm.

Default key management, signature, and content encryption algorithms to use if none is specified.

Default key management, signature, and content encryption algorithms to use if none is specified.

Default sizes.

Default key management, signature, and content encryption algorithms to use if none is specified.

Signature algorithms.

Default sizes.

Direct encryption.

ECDH-ES.

ECDH-ES + AES key wrap (128).

ECDH-ES + AES key wrap (192).

ECDH-ES + AES key wrap (256).

Ed25519 is the EdDSA signature scheme using SHA-512/256 and Curve25519.

Ed25591.

ECDSA using P-256 and SHA-256.

ECDSA using P-384 and SHA-384.

ECDSA using P-521 and SHA-512.

HMAC using SHA-256.

HMAC using SHA-384.

HMAC using SHA-512.

MaxDecryptTries is the maximum number of attempts to decrypt a file.

P-256 curve (FIPS 186-3).

P-384 curve (FIPS 186-3).

P-521 curve (FIPS 186-3).

PBES2 + HMAC-SHA256 + AES key wrap (128).

PBES2 + HMAC-SHA384 + AES key wrap (192).

PBES2 + HMAC-SHA512 + AES key wrap (256).

RSASSA-PSS using SHA256 and MGF1-SHA256.

RSASSA-PSS using SHA384 and MGF1-SHA384.

RSASSA-PSS using SHA512 and MGF1-SHA512.

RSASSA-PKCS-v1.5 using SHA-256.

RSASSA-PKCS-v1.5 using SHA-384.

RSASSA-PKCS-v1.5 using SHA-512.

RSA-OAEP-SHA1.

RSA-OAEP-SHA256.

RSA-PKCS1v1.5.

SupportsPBKDF2 constant to know if the underlaying library supports password based cryptography algorithms.

ErrCryptoFailure indicates an error in a cryptographic primitive.

ErrExpired indicates that token is used after expiry time indicated in exp claim.

ErrInvalidAudience indicated invalid aud claim.

ErrInvalidID indicates invalid jti claim.

ErrInvalidIssuer indicates invalid iss claim.

ErrInvalidSubject indicates invalid sub claim.

ErrNotValidYet indicates that token is used before time indicated in nbf claim.

Audience represents the recipients that the token is intended for.

Builder is a utility for making JSON Web Tokens.

Claims represents public claim values (as specified in RFC 7519).

ContentEncryption represents a content encryption algorithm.

ContentType represents type of the contained data.

Encrypter represents an encrypter which produces an encrypted JWE object.

EncrypterOptions represents options that can be set on new encrypters.

Expected defines values used for protected claims validation.

JSONWebEncryption represents an encrypted JWE object after parsing.

JSONWebKey represents a public or private key in JWK format.

JSONWebKeySet represents a JWK Set object.

JSONWebSignature represents a signed JWS object after parsing.

JSONWebToken represents a JSON Web Token (as specified in RFC7519).

KeyAlgorithm represents a key management algorithm.

NumericDate represents date and time as the number of seconds since the epoch, including leap seconds.

Option is the type used to add attributes to the context.

Recipient represents an algorithm/key to encrypt messages to.

SignatureAlgorithm represents a signature (or MAC) algorithm.

Signer represents a signer which takes a payload and produces a signed JWS object.

SignerOptions represents options that can be set when creating signers.

SigningKey represents an algorithm/key used to sign a message.