diff options
| author |  dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> | 2025-01-27 11:08:13 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2025-01-27 11:08:13 +0000 |
| commit | a7737687182dbf8803800f575e2083cecfd481f7 (patch) | |
| tree | 05a7aa5535bc5eb0ee6c8b4b529aa959ab9fdbbe /vendor/github.com/golang-jwt/jwt/v5/ed25519.go | |
| parent | [chore]: Bump github.com/miekg/dns from 1.1.62 to 1.1.63 (#3695) (diff) | |
| download | gotosocial-a7737687182dbf8803800f575e2083cecfd481f7.tar.xz | |
[chore]: Bump github.com/SherClockHolmes/webpush-go from 1.3.0 to 1.4.0 (#3694)
Bumps [github.com/SherClockHolmes/webpush-go](https://github.com/SherClockHolmes/webpush-go) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/SherClockHolmes/webpush-go/releases)
- [Commits](https://github.com/SherClockHolmes/webpush-go/compare/v1.3.0...v1.4.0)
---
updated-dependencies:
- dependency-name: github.com/SherClockHolmes/webpush-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Diffstat (limited to 'vendor/github.com/golang-jwt/jwt/v5/ed25519.go')
| -rw-r--r-- | vendor/github.com/golang-jwt/jwt/v5/ed25519.go | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/vendor/github.com/golang-jwt/jwt/v5/ed25519.go b/vendor/github.com/golang-jwt/jwt/v5/ed25519.go new file mode 100644 index 000000000..c2138119e --- /dev/null +++ b/vendor/github.com/golang-jwt/jwt/v5/ed25519.go @@ -0,0 +1,79 @@ +package jwt + +import ( + "crypto" + "crypto/ed25519" + "crypto/rand" + "errors" +) + +var ( + ErrEd25519Verification = errors.New("ed25519: verification error") +) + +// SigningMethodEd25519 implements the EdDSA family. +// Expects ed25519.PrivateKey for signing and ed25519.PublicKey for verification +type SigningMethodEd25519 struct{} + +// Specific instance for EdDSA +var ( + SigningMethodEdDSA *SigningMethodEd25519 +) + +func init() { + SigningMethodEdDSA = &SigningMethodEd25519{} + RegisterSigningMethod(SigningMethodEdDSA.Alg(), func() SigningMethod { + return SigningMethodEdDSA + }) +} + +func (m *SigningMethodEd25519) Alg() string { + return "EdDSA" +} + +// Verify implements token verification for the SigningMethod. +// For this verify method, key must be an ed25519.PublicKey +func (m *SigningMethodEd25519) Verify(signingString string, sig []byte, key interface{}) error { + var ed25519Key ed25519.PublicKey + var ok bool + + if ed25519Key, ok = key.(ed25519.PublicKey); !ok { + return newError("Ed25519 verify expects ed25519.PublicKey", ErrInvalidKeyType) + } + + if len(ed25519Key) != ed25519.PublicKeySize { + return ErrInvalidKey + } + + // Verify the signature + if !ed25519.Verify(ed25519Key, []byte(signingString), sig) { + return ErrEd25519Verification + } + + return nil +} + +// Sign implements token signing for the SigningMethod. +// For this signing method, key must be an ed25519.PrivateKey +func (m *SigningMethodEd25519) Sign(signingString string, key interface{}) ([]byte, error) { + var ed25519Key crypto.Signer + var ok bool + + if ed25519Key, ok = key.(crypto.Signer); !ok { + return nil, newError("Ed25519 sign expects crypto.Signer", ErrInvalidKeyType) + } + + if _, ok := ed25519Key.Public().(ed25519.PublicKey); !ok { + return nil, ErrInvalidKey + } + + // Sign the string and return the result. ed25519 performs a two-pass hash + // as part of its algorithm. Therefore, we need to pass a non-prehashed + // message into the Sign function, as indicated by crypto.Hash(0) + sig, err := ed25519Key.Sign(rand.Reader, []byte(signingString), crypto.Hash(0)) + if err != nil { + return nil, err + } + + return sig, nil +} |