From 3d9574297fc6b9c1edebbe921149897e9be51074 Mon Sep 17 00:00:00 2001 From: "Pascal S. de Kloe" Date: Sun, 15 Mar 2020 17:55:24 +0100 Subject: [PATCH] Minor vanities. --- check.go | 8 ++++---- examples_test.go | 2 +- fuzz.go | 2 +- register.go | 2 +- sign.go | 18 +++++++++--------- 5 files changed, 16 insertions(+), 16 deletions(-) diff --git a/check.go b/check.go index 0ede0ed..323cb8f 100644 --- a/check.go +++ b/check.go @@ -30,7 +30,7 @@ func ParseWithoutCheck(token []byte) (*Claims, error) { // ECDSACheck parses a JWT if, and only if, the signature checks out. // The return is an AlgError when the algorithm is not in ECDSAAlgs. -// See Valid to complete the verification. +// Use Valid to complete the verification. func ECDSACheck(token []byte, key *ecdsa.PublicKey) (*Claims, error) { var c Claims firstDot, lastDot, sig, alg, err := c.scan(token) @@ -55,7 +55,7 @@ func ECDSACheck(token []byte, key *ecdsa.PublicKey) (*Claims, error) { } // EdDSACheck parses a JWT if, and only if, the signature checks out. -// See Valid to complete the verification. +// Use Valid to complete the verification. func EdDSACheck(token []byte, key ed25519.PublicKey) (*Claims, error) { var c Claims firstDot, lastDot, sig, alg, err := c.scan(token) @@ -76,7 +76,7 @@ func EdDSACheck(token []byte, key ed25519.PublicKey) (*Claims, error) { // HMACCheck parses a JWT if, and only if, the signature checks out. // The return is an AlgError when the algorithm is not in HMACAlgs. -// See Valid to complete the verification. +// Use Valid to complete the verification. func HMACCheck(token, secret []byte) (*Claims, error) { if len(secret) == 0 { return nil, errNoSecret @@ -104,7 +104,7 @@ func HMACCheck(token, secret []byte) (*Claims, error) { // RSACheck parses a JWT if, and only if, the signature checks out. // The return is an AlgError when the algorithm is not in RSAAlgs. -// See Valid to complete the verification. +// Use Valid to complete the verification. func RSACheck(token []byte, key *rsa.PublicKey) (*Claims, error) { var c Claims firstDot, lastDot, sig, alg, err := c.scan(token) diff --git a/examples_test.go b/examples_test.go index ea1dee9..29ed7db 100644 --- a/examples_test.go +++ b/examples_test.go @@ -47,7 +47,7 @@ func init() { } // Issue and validate a token with extra JOSE heading and non-standard claims. -// Note how the token is flawed due to absense of a purpose classification. The +// Note how the token is flawed due to absence of a purpose classification. The // bare minimum should include time constraints. func Example() { // Approval is a custom (a.k.a. private) claim element. diff --git a/fuzz.go b/fuzz.go index eba0400..1dd3108 100644 --- a/fuzz.go +++ b/fuzz.go @@ -25,7 +25,7 @@ func FuzzCheck(data []byte) int { } var keys KeyRegister - keys.Secrets = [][]byte{[]byte{'s', 'e', 'c', 'r', 'e', 't'}} + keys.Secrets = [][]byte{{'s', 'e', 'c', 'r', 'e', 't'}} _, err := keys.LoadPEM([]byte(`-----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEc5/E+krowgL6Q1Xv6g1Hrh74kccf QdmMuEk/xPJQZD22ITRYiaCRaKFWaoDBcIv21JfJo2F4whHnOCFX0Y/ALg== diff --git a/register.go b/register.go index b6b526f..2bb7127 100644 --- a/register.go +++ b/register.go @@ -31,7 +31,7 @@ type KeyRegister struct { } // Check parses a JWT if, and only if, the signature checks out. -// See Claims.Valid to complete the verification. +// Use Claims.Valid to complete the verification. func (keys *KeyRegister) Check(token []byte) (*Claims, error) { var c Claims firstDot, lastDot, sig, alg, err := c.scan(token) diff --git a/sign.go b/sign.go index b9f4f74..b3edc73 100644 --- a/sign.go +++ b/sign.go @@ -13,7 +13,7 @@ import ( "strconv" ) -// FormatWithoutSign updates the Raw field and returns a new JWT, with only the +// FormatWithoutSign updates the Raw fields and returns a new JWT, with only the // first two parts. // // tokenWithoutSignature :≡ header-base64 '.' payload-base64 @@ -25,7 +25,7 @@ func (c *Claims) FormatWithoutSign(alg string, extraHeaders ...json.RawMessage) return c.newToken(alg, 0, extraHeaders) } -// ECDSASign updates the Raw field and returns a new JWT. +// ECDSASign updates the Raw fields and returns a new JWT. // The return is an AlgError when alg is not in ECDSAAlgs. // The caller must use the correct key for the respective algorithm (P-256 for // ES256, P-384 for ES384 and P-521 for ES512) or risk malformed token production. @@ -78,7 +78,7 @@ func (c *Claims) ECDSASign(alg string, key *ecdsa.PrivateKey, extraHeaders ...js return token[:cap(token)], nil } -// EdDSASign updates the Raw field and returns a new JWT. +// EdDSASign updates the Raw fields and returns a new JWT. // // The JOSE header (content) can be extended with extraHeaders, in the form of // JSON objects. Redundant and/or duplicate keys are applied as provided. @@ -95,7 +95,7 @@ func (c *Claims) EdDSASign(key ed25519.PrivateKey, extraHeaders ...json.RawMessa return token[:cap(token)], nil } -// HMACSign updates the Raw field and returns a new JWT. +// HMACSign updates the Raw fields and returns a new JWT. // The return is an AlgError when alg is not in HMACAlgs. // // The JOSE header (content) can be extended with extraHeaders, in the form of @@ -124,7 +124,7 @@ func (c *Claims) HMACSign(alg string, secret []byte, extraHeaders ...json.RawMes return token[:cap(token)], nil } -// RSASign updates the Raw field and returns a new JWT. +// RSASign updates the Raw fields and returns a new JWT. // The return is an AlgError when alg is not in RSAAlgs. // // The JOSE header (content) can be extended with extraHeaders, in the form of @@ -160,10 +160,10 @@ func (c *Claims) RSASign(alg string, key *rsa.PrivateKey, extraHeaders ...json.R } var ( - headerEdDSA = []byte(`{"alg":"EdDSA"}`) headerES256 = []byte(`{"alg":"ES256"}`) headerES384 = []byte(`{"alg":"ES384"}`) headerES512 = []byte(`{"alg":"ES512"}`) + headerEdDSA = []byte(`{"alg":"EdDSA"}`) headerHS256 = []byte(`{"alg":"HS256"}`) headerHS384 = []byte(`{"alg":"HS384"}`) headerHS512 = []byte(`{"alg":"HS512"}`) @@ -221,9 +221,6 @@ func (c *Claims) newToken(alg string, encSigLen int, extraHeaders []json.RawMess if len(extraHeaders) == 0 && c.KeyID == "" { var fixed string switch alg { - case EdDSA: - fixed = "eyJhbGciOiJFZERTQSJ9." - c.RawHeader = headerEdDSA case ES256: fixed = "eyJhbGciOiJFUzI1NiJ9." c.RawHeader = headerES256 @@ -233,6 +230,9 @@ func (c *Claims) newToken(alg string, encSigLen int, extraHeaders []json.RawMess case ES512: fixed = "eyJhbGciOiJFUzUxMiJ9." c.RawHeader = headerES512 + case EdDSA: + fixed = "eyJhbGciOiJFZERTQSJ9." + c.RawHeader = headerEdDSA case HS256: fixed = "eyJhbGciOiJIUzI1NiJ9." c.RawHeader = headerHS256