Package storage provides secret storage for the Crypto module.

DefaultCryptoConfig returns a Config with default settings for Vault and Azure keyVault.

EciesDecrypt decrypts the `cipherText` using the Elliptic Curve Integrated Encryption Scheme.

EciesEncrypt encrypts the `plainText` using the Elliptic Curve Integrated Encryption Scheme.

GenerateJWK a new in-memory key pair and returns it as JWK.

GenerateNonce creates a 256 bit secure random.

JWTKidAlg parses a JWT, does not validate it and returns the 'kid' and 'alg' headers.

NewCryptoInstance creates a new instance of the crypto engine.

NewDatabaseCryptoInstance returns a new Crypto instance to be used for tests, storing keys in-memory and the given DB.

NewMemoryCryptoInstance returns a new Crypto instance to be used for tests, storing keys in-memory and creating a new SQL DB.

NewMockDecrypter creates a new mock instance.

NewMockJsonWebEncryptor creates a new mock instance.

NewMockJWTSigner creates a new mock instance.

NewMockKeyCreator creates a new mock instance.

NewMockKeyResolver creates a new mock instance.

NewMockKeyStore creates a new mock instance.

NewTestCryptoInstance returns a new Crypto instance to be used for tests, allowing to use of preconfigured backend.

NewTestKey creates a new TestKey with a given kid.

ParseJWS parses a JWS byte array object, validates and verifies it.

ParseJWT parses a token, validates and verifies it.

SignatureAlgorithm determines the jwa.SigningAlgorithm for ec/rsa/ed25519 keys.

SignJWT signs claims with the signer and returns the compacted token.

Thumbprint generates a Nuts compatible thumbprint: Base58(SHA256(rfc7638-json)).

ModuleName contains the name of this module.

ErrPrivateKeyNotFound is returned when the private key doesn't exist.

Config holds the values for the crypto engine.

Crypto holds references to storage and needed config.

MemoryJWTSigner is a JWTSigner implementation that performs cryptographic operations on an in-memory JWK.

MockDecrypter is a mock of Decrypter interface.

MockDecrypterMockRecorder is the mock recorder for MockDecrypter.

MockJsonWebEncryptor is a mock of JsonWebEncryptor interface.

MockJsonWebEncryptorMockRecorder is the mock recorder for MockJsonWebEncryptor.

MockJWTSigner is a mock of JWTSigner interface.

MockJWTSignerMockRecorder is the mock recorder for MockJWTSigner.

MockKeyCreator is a mock of KeyCreator interface.

MockKeyCreatorMockRecorder is the mock recorder for MockKeyCreator.

MockKeyResolver is a mock of KeyResolver interface.

MockKeyResolverMockRecorder is the mock recorder for MockKeyResolver.

MockKeyStore is a mock of KeyStore interface.

MockKeyStoreMockRecorder is the mock recorder for MockKeyStore.

TestKey is a Key impl for testing purposes.

Decrypter is the interface to support decryption.

JsonWebEncryptor is the interface used to encrypt and decrypt JWE messages.

JWTSigner is the interface used to sign authorization tokens.

KeyCreator is the interface for creating key pairs.

KeyResolver is the interface for resolving keys.

KeyStore defines the functions for working with private keys.

KIDNamingFunc is a function passed to New() which generates the kid for the pub/priv key.

PublicKeyFunc defines a function that resolves a public key based on a kid.