Goby3 3.5.1
2026.06.04
Loading...
Searching...
No Matches
Classes | Functions
jwt::helper Namespace Reference

A collection for working with certificates. More...

Classes

class  evp_pkey_handle
 Handle class for EVP_PKEY structures. More...
 

Functions

std::unique_ptr< BIO, decltype(&BIO_free_all)> make_mem_buf_bio ()
 
std::unique_ptr< BIO, decltype(&BIO_free_all)> make_mem_buf_bio (const std::string &data)
 
template<typename error_category = error::rsa_error>
std::string write_bio_to_string (std::unique_ptr< BIO, decltype(&BIO_free_all)> &bio_out, std::error_code &ec)
 
std::unique_ptr< EVP_MD_CTX, void(*)(EVP_MD_CTX *)> make_evp_md_ctx ()
 
template<typename error_category = error::rsa_error>
std::string extract_pubkey_from_cert (const std::string &certstr, const std::string &pw, std::error_code &ec)
 Extract the public key of a pem certificate.
 
template<typename error_category = error::rsa_error>
std::string extract_pubkey_from_cert (const std::string &certstr, const std::string &pw="")
 Extract the public key of a pem certificate.
 
std::string convert_der_to_pem (const std::string &cert_der_str, std::error_code &ec)
 Convert the certificate provided as DER to PEM.
 
template<typename Decode >
std::string convert_base64_der_to_pem (const std::string &cert_base64_der_str, Decode decode, std::error_code &ec)
 Convert the certificate provided as base64 DER to PEM.
 
template<typename Decode >
std::string convert_base64_der_to_pem (const std::string &cert_base64_der_str, Decode decode)
 Convert the certificate provided as base64 DER to PEM.
 
std::string convert_der_to_pem (const std::string &cert_der_str)
 Convert the certificate provided as DER to PEM.
 
std::string convert_base64_der_to_pem (const std::string &cert_base64_der_str, std::error_code &ec)
 Convert the certificate provided as base64 DER to PEM.
 
std::string convert_base64_der_to_pem (const std::string &cert_base64_der_str)
 Convert the certificate provided as base64 DER to PEM.
 
template<typename error_category = error::rsa_error>
evp_pkey_handle load_public_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
 Load a public key from a string.
 
template<typename error_category = error::rsa_error>
evp_pkey_handle load_public_key_from_string (const std::string &key, const std::string &password="")
 Load a public key from a string.
 
template<typename error_category = error::rsa_error>
evp_pkey_handle load_private_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
 Load a private key from a string.
 
template<typename error_category = error::rsa_error>
evp_pkey_handle load_private_key_from_string (const std::string &key, const std::string &password="")
 Load a private key from a string.
 
evp_pkey_handle load_public_ec_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
 Load a public key from a string.
 
std::string bn2raw (const BIGNUM *bn)
 
std::unique_ptr< BIGNUM, decltype(&BN_free)> raw2bn (const std::string &raw, std::error_code &ec)
 
std::unique_ptr< BIGNUM, decltype(&BN_free)> raw2bn (const std::string &raw)
 
evp_pkey_handle load_public_ec_key_from_string (const std::string &key, const std::string &password="")
 Load a public key from a string.
 
evp_pkey_handle load_private_ec_key_from_string (const std::string &key, const std::string &password, std::error_code &ec)
 Load a private key from a string.
 
template<typename Decode >
std::string create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent, Decode decode, std::error_code &ec)
 create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.
 
template<typename Decode >
std::string create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent, Decode decode)
 
std::string create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent, std::error_code &ec)
 
std::string create_public_key_from_rsa_components (const std::string &modulus, const std::string &exponent)
 
evp_pkey_handle load_private_ec_key_from_string (const std::string &key, const std::string &password="")
 Load a private key from a string.
 
int curve2nid (const std::string curve, std::error_code &ec)
 Convert a curve name to an ID.
 
template<typename Decode >
std::string create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y, Decode decode, std::error_code &ec)
 
template<typename Decode >
std::string create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y, Decode decode)
 
std::string create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y, std::error_code &ec)
 
std::string create_public_key_from_ec_components (const std::string &curve, const std::string &x, const std::string &y)
 

Detailed Description

A collection for working with certificates.

These helpers are usefully when working with certificates OpenSSL APIs. For example, when dealing with JWKS (JSON Web Key Set)[https://tools.ietf.org/html/rfc7517] you maybe need to extract the modulus and exponent of an RSA Public Key.

Function Documentation

◆ bn2raw()

std::string jwt::helper::bn2raw ( const BIGNUM *  bn)
inline

Convert a OpenSSL BIGNUM to a std::string

Parameters
bnBIGNUM to convert
Returns
bignum as string

Definition at line 844 of file jwt.h.

◆ convert_base64_der_to_pem() [1/4]

std::string jwt::helper::convert_base64_der_to_pem ( const std::string &  cert_base64_der_str)
inline

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here

Parameters
cert_base64_der_strString containing the certificate encoded as base64 DER
Exceptions
rsa_exceptionif an error occurred

Definition at line 696 of file jwt.h.

◆ convert_base64_der_to_pem() [2/4]

template<typename Decode >
std::string jwt::helper::convert_base64_der_to_pem ( const std::string &  cert_base64_der_str,
Decode  decode 
)

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here

Template Parameters
Decodeis callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64 decode and return the results.
Parameters
cert_base64_der_strString containing the certificate encoded as base64 DER
decodeThe function to decode the cert
Exceptions
rsa_exceptionif an error occurred

Definition at line 650 of file jwt.h.

◆ convert_base64_der_to_pem() [3/4]

template<typename Decode >
std::string jwt::helper::convert_base64_der_to_pem ( const std::string &  cert_base64_der_str,
Decode  decode,
std::error_code &  ec 
)

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here.

Template Parameters
Decodeis callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64 decode and return the results.
Parameters
cert_base64_der_strString containing the certificate encoded as base64 DER
decodeThe function to decode the cert
ecerror_code for error_detection (gets cleared if no error occurs)

Definition at line 628 of file jwt.h.

◆ convert_base64_der_to_pem() [4/4]

std::string jwt::helper::convert_base64_der_to_pem ( const std::string &  cert_base64_der_str,
std::error_code &  ec 
)
inline

Convert the certificate provided as base64 DER to PEM.

This is useful when using with JWKs as x5c claim is encoded as base64 DER. More info here

Parameters
cert_base64_der_strString containing the certificate encoded as base64 DER
ecerror_code for error_detection (gets cleared if no error occurs)

Definition at line 680 of file jwt.h.

◆ convert_der_to_pem() [1/2]

std::string jwt::helper::convert_der_to_pem ( const std::string &  cert_der_str)
inline

Convert the certificate provided as DER to PEM.

Parameters
cert_der_strString containing the DER certificate
Exceptions
rsa_exceptionif an error occurred

Definition at line 663 of file jwt.h.

◆ convert_der_to_pem() [2/2]

std::string jwt::helper::convert_der_to_pem ( const std::string &  cert_der_str,
std::error_code &  ec 
)
inline

Convert the certificate provided as DER to PEM.

Parameters
cert_der_strString containing the certificate encoded as base64 DER
ecerror_code for error_detection (gets cleared if no error occurs)

Definition at line 592 of file jwt.h.

◆ create_public_key_from_ec_components() [1/4]

std::string jwt::helper::create_public_key_from_ec_components ( const std::string &  curve,
const std::string &  x,
const std::string &  y 
)
inline

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Parameters
curvestring containing curve name
xstring containing base64url encoded x coordinate
ystring containing base64url encoded y coordinate
Returns
public key in PEM format

Definition at line 1330 of file jwt.h.

◆ create_public_key_from_ec_components() [2/4]

template<typename Decode >
std::string jwt::helper::create_public_key_from_ec_components ( const std::string &  curve,
const std::string &  x,
const std::string &  y,
Decode  decode 
)

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Template Parameters
Decodeis callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.
Parameters
curvestring containing curve name
xstring containing base64url encoded x coordinate
ystring containing base64url encoded y coordinate
decodeThe function to decode the RSA parameters
Returns
public key in PEM format

Definition at line 1293 of file jwt.h.

◆ create_public_key_from_ec_components() [3/4]

template<typename Decode >
std::string jwt::helper::create_public_key_from_ec_components ( const std::string &  curve,
const std::string &  x,
const std::string &  y,
Decode  decode,
std::error_code &  ec 
)

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Template Parameters
Decodeis callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.
Parameters
curvestring containing curve name
xstring containing base64url encoded x coordinate
ystring containing base64url encoded y coordinate
decodeThe function to decode the RSA parameters
ecerror_code for error_detection (gets cleared if no error occur
Returns
public key in PEM format

Definition at line 1165 of file jwt.h.

◆ create_public_key_from_ec_components() [4/4]

std::string jwt::helper::create_public_key_from_ec_components ( const std::string &  curve,
const std::string &  x,
const std::string &  y,
std::error_code &  ec 
)
inline

Create public key from curve name and coordinates. This is defined in RFC 7518 Section 6.2 Using the required "crv" (Curve), "x" (X Coordinate) and "y" (Y Coordinate) Parameters.

Parameters
curvestring containing curve name
xstring containing base64url encoded x coordinate
ystring containing base64url encoded y coordinate
ecerror_code for error_detection (gets cleared if no error occur
Returns
public key in PEM format

Definition at line 1313 of file jwt.h.

◆ create_public_key_from_rsa_components() [1/4]

std::string jwt::helper::create_public_key_from_rsa_components ( const std::string &  modulus,
const std::string &  exponent 
)
inline

Create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Parameters
modulusstring containing base64url encoded modulus
exponentstring containing base64url encoded exponent
Returns
public key in PEM format

Definition at line 1078 of file jwt.h.

◆ create_public_key_from_rsa_components() [2/4]

template<typename Decode >
std::string jwt::helper::create_public_key_from_rsa_components ( const std::string &  modulus,
const std::string &  exponent,
Decode  decode 
)

Create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Template Parameters
Decodeis callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.
Parameters
modulusstring containing base64url encoded modulus
exponentstring containing base64url encoded exponent
decodeThe function to decode the RSA parameters
Returns
public key in PEM format

Definition at line 1043 of file jwt.h.

◆ create_public_key_from_rsa_components() [3/4]

template<typename Decode >
std::string jwt::helper::create_public_key_from_rsa_components ( const std::string &  modulus,
const std::string &  exponent,
Decode  decode,
std::error_code &  ec 
)

create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Template Parameters
Decodeis callable, taking a string_type and returns a string_type. It should ensure the padding of the input and then base64url decode and return the results.
Parameters
modulusstring containing base64url encoded modulus
exponentstring containing base64url encoded exponent
decodeThe function to decode the RSA parameters
ecerror_code for error_detection (gets cleared if no error occur
Returns
public key in PEM format

Definition at line 927 of file jwt.h.

◆ create_public_key_from_rsa_components() [4/4]

std::string jwt::helper::create_public_key_from_rsa_components ( const std::string &  modulus,
const std::string &  exponent,
std::error_code &  ec 
)
inline

Create public key from modulus and exponent. This is defined in RFC 7518 Section 6.3 Using the required "n" (Modulus) Parameter and "e" (Exponent) Parameter.

Parameters
modulusstring containing base64 encoded modulus
exponentstring containing base64 encoded exponent
ecerror_code for error_detection (gets cleared if no error occur
Returns
public key in PEM format

Definition at line 1062 of file jwt.h.

◆ curve2nid()

int jwt::helper::curve2nid ( const std::string  curve,
std::error_code &  ec 
)
inline

Convert a curve name to an ID.

Parameters
curvestring containing curve name
ecerror_code for error_detection
Returns
ID

Definition at line 1134 of file jwt.h.

◆ extract_pubkey_from_cert() [1/2]

template<typename error_category = error::rsa_error>
std::string jwt::helper::extract_pubkey_from_cert ( const std::string &  certstr,
const std::string &  pw,
std::error_code &  ec 
)

Extract the public key of a pem certificate.

Template Parameters
error_categoryjwt::error enum category to match with the keys being used
Parameters
certstrString containing the certificate encoded as pem
pwPassword used to decrypt certificate (leave empty if not encrypted)
ecerror_code for error_detection (gets cleared if no error occurred)

Definition at line 542 of file jwt.h.

◆ extract_pubkey_from_cert() [2/2]

template<typename error_category = error::rsa_error>
std::string jwt::helper::extract_pubkey_from_cert ( const std::string &  certstr,
const std::string &  pw = "" 
)

Extract the public key of a pem certificate.

Template Parameters
error_categoryjwt::error enum category to match with the keys being used
Parameters
certstrString containing the certificate encoded as pem
pwPassword used to decrypt certificate (leave empty if not encrypted)
Exceptions
templatederror_category's type exception if an error occurred

Definition at line 579 of file jwt.h.

◆ load_private_ec_key_from_string() [1/2]

evp_pkey_handle jwt::helper::load_private_ec_key_from_string ( const std::string &  key,
const std::string &  password,
std::error_code &  ec 
)
inline

Load a private key from a string.

Deprecated:
Use the templated version helper::load_private_key_from_string with error::ecdsa_error
Parameters
keyString containing a private key as pem
passwordPassword used to decrypt key (leave empty if not encrypted)
ecerror_code for error_detection (gets cleared if no error occurs)

Definition at line 907 of file jwt.h.

◆ load_private_ec_key_from_string() [2/2]

evp_pkey_handle jwt::helper::load_private_ec_key_from_string ( const std::string &  key,
const std::string &  password = "" 
)
inline

Load a private key from a string.

Deprecated:
Use the templated version helper::load_private_key_from_string with error::ecdsa_error
Parameters
keyString containing a private key as pem
passwordPassword used to decrypt key (leave empty if not encrypted)
Exceptions
ecdsa_exceptionif an error occurred

Definition at line 1095 of file jwt.h.

◆ load_private_key_from_string() [1/2]

template<typename error_category = error::rsa_error>
evp_pkey_handle jwt::helper::load_private_key_from_string ( const std::string &  key,
const std::string &  password,
std::error_code &  ec 
)
inline

Load a private key from a string.

Template Parameters
error_categoryjwt::error enum category to match with the keys being used
Parameters
keyString containing a private key as pem
passwordPassword used to decrypt key (leave empty if not encrypted)
ecerror_code for error_detection (gets cleared if no error occurs)

Definition at line 782 of file jwt.h.

◆ load_private_key_from_string() [2/2]

template<typename error_category = error::rsa_error>
evp_pkey_handle jwt::helper::load_private_key_from_string ( const std::string &  key,
const std::string &  password = "" 
)
inline

Load a private key from a string.

Template Parameters
error_categoryjwt::error enum category to match with the keys being used
Parameters
keyString containing a private key as pem
passwordPassword used to decrypt key (leave empty if not encrypted)
Exceptions
Templatederror_category's type exception if an error occurred

Definition at line 810 of file jwt.h.

◆ load_public_ec_key_from_string() [1/2]

evp_pkey_handle jwt::helper::load_public_ec_key_from_string ( const std::string &  key,
const std::string &  password,
std::error_code &  ec 
)
inline

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Deprecated:
Use the templated version helper::load_private_key_from_string with error::ecdsa_error
Parameters
keyString containing the certificate encoded as pem
passwordPassword used to decrypt certificate (leave empty if not encrypted)
ecerror_code for error_detection (gets cleared if no error occurs)

Definition at line 828 of file jwt.h.

◆ load_public_ec_key_from_string() [2/2]

evp_pkey_handle jwt::helper::load_public_ec_key_from_string ( const std::string &  key,
const std::string &  password = "" 
)
inline

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Deprecated:
Use the templated version helper::load_private_key_from_string with error::ecdsa_error
Parameters
keyString containing the certificate or key encoded as pem
passwordPassword used to decrypt certificate or key (leave empty if not encrypted)
Exceptions
ecdsa_exceptionif an error occurred

Definition at line 890 of file jwt.h.

◆ load_public_key_from_string() [1/2]

template<typename error_category = error::rsa_error>
evp_pkey_handle jwt::helper::load_public_key_from_string ( const std::string &  key,
const std::string &  password,
std::error_code &  ec 
)

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Template Parameters
error_categoryjwt::error enum category to match with the keys being used
Parameters
keyString containing the certificate encoded as pem
passwordPassword used to decrypt certificate (leave empty if not encrypted)
ecerror_code for error_detection (gets cleared if no error occurs)

Definition at line 714 of file jwt.h.

◆ load_public_key_from_string() [2/2]

template<typename error_category = error::rsa_error>
evp_pkey_handle jwt::helper::load_public_key_from_string ( const std::string &  key,
const std::string &  password = "" 
)
inline

Load a public key from a string.

The string should contain a pem encoded certificate or public key

Template Parameters
error_categoryjwt::error enum category to match with the keys being used
Parameters
keyString containing the certificate encoded as pem
passwordPassword used to decrypt certificate (leave empty if not encrypted)
Exceptions
Templatederror_category's type exception if an error occurred

Definition at line 766 of file jwt.h.

◆ make_evp_md_ctx()

std::unique_ptr< EVP_MD_CTX, void(*)(EVP_MD_CTX *)> jwt::helper::make_evp_md_ctx ( )
inline

Definition at line 524 of file jwt.h.

◆ make_mem_buf_bio() [1/2]

std::unique_ptr< BIO, decltype(&BIO_free_all)> jwt::helper::make_mem_buf_bio ( )
inline

Definition at line 499 of file jwt.h.

◆ make_mem_buf_bio() [2/2]

std::unique_ptr< BIO, decltype(&BIO_free_all)> jwt::helper::make_mem_buf_bio ( const std::string &  data)
inline

Definition at line 503 of file jwt.h.

◆ raw2bn() [1/2]

std::unique_ptr< BIGNUM, decltype(&BN_free)> jwt::helper::raw2bn ( const std::string &  raw)
inline

Convert an std::string to a OpenSSL BIGNUM

Parameters
rawString to convert
Returns
BIGNUM representation

Definition at line 872 of file jwt.h.

◆ raw2bn() [2/2]

std::unique_ptr< BIGNUM, decltype(&BN_free)> jwt::helper::raw2bn ( const std::string &  raw,
std::error_code &  ec 
)
inline

Convert an std::string to a OpenSSL BIGNUM

Parameters
rawString to convert
ecerror_code for error_detection (gets cleared if no error occurs)
Returns
BIGNUM representation

Definition at line 857 of file jwt.h.

◆ write_bio_to_string()

template<typename error_category = error::rsa_error>
std::string jwt::helper::write_bio_to_string ( std::unique_ptr< BIO, decltype(&BIO_free_all)> &  bio_out,
std::error_code &  ec 
)

Definition at line 514 of file jwt.h.