Safe Haskell	None
Language	Haskell98

Crypto.JOSE.JWK

Contents

Type classes
"kty" (Key Type) Parameter Values
Parameters for Elliptic Curve Keys
Parameters for RSA Keys
Parameters for Symmetric Keys
Key generation
Signing and verification

Description

A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data structure that represents a cryptographic key. This module also defines a JSON Web Key Set (JWK Set) JSON data structure for representing a set of JWKs.

Synopsis

Documentation

data JWK Source #

JWK §3. JSON Web Key (JWK) Format

Constructors

JWK KeyMaterial (Maybe KeyUse) (Maybe [KeyOp]) (Maybe JWKAlg) (Maybe String) (Maybe URI) (Maybe (NonEmpty Base64X509)) (Maybe Base64SHA1) (Maybe Base64SHA256)

Instances

Eq JWK Source #
Methods (==) :: JWK -> JWK -> Bool # (/=) :: JWK -> JWK -> Bool #
Show JWK Source #
Methods showsPrec :: Int -> JWK -> ShowS # show :: JWK -> String # showList :: [JWK] -> ShowS #
Arbitrary JWK Source #
Methods arbitrary :: Gen JWK # shrink :: JWK -> [JWK] #
ToJSON JWK Source #
Methods toJSON :: JWK -> Value # toEncoding :: JWK -> Encoding # toJSONList :: [JWK] -> Value # toEncodingList :: [JWK] -> Encoding #
FromJSON JWK Source #
Methods parseJSON :: Value -> Parser JWK # parseJSONList :: Value -> Parser [JWK] #
AsPublicKey JWK Source #
Methods asPublicKey :: Prism' JWK JWK Source #

jwkMaterial :: Lens' JWK KeyMaterial Source #

jwkUse :: Lens' JWK (Maybe KeyUse) Source #

data KeyUse Source #

JWK §3.2. "use" (Public Key Use) Parameter

Constructors

Sig
Enc

Instances

Eq KeyUse Source #
Methods (==) :: KeyUse -> KeyUse -> Bool # (/=) :: KeyUse -> KeyUse -> Bool #
Ord KeyUse Source #
Methods compare :: KeyUse -> KeyUse -> Ordering # (<) :: KeyUse -> KeyUse -> Bool # (<=) :: KeyUse -> KeyUse -> Bool # (>) :: KeyUse -> KeyUse -> Bool # (>=) :: KeyUse -> KeyUse -> Bool # max :: KeyUse -> KeyUse -> KeyUse # min :: KeyUse -> KeyUse -> KeyUse #
Show KeyUse Source #
Methods showsPrec :: Int -> KeyUse -> ShowS # show :: KeyUse -> String # showList :: [KeyUse] -> ShowS #
ToJSON KeyUse Source #
Methods toJSON :: KeyUse -> Value # toEncoding :: KeyUse -> Encoding # toJSONList :: [KeyUse] -> Value # toEncodingList :: [KeyUse] -> Encoding #
FromJSON KeyUse Source #
Methods parseJSON :: Value -> Parser KeyUse # parseJSONList :: Value -> Parser [KeyUse] #

jwkKeyOps :: Lens' JWK (Maybe [KeyOp]) Source #

jwkAlg :: Lens' JWK (Maybe JWKAlg) Source #

jwkKid :: Lens' JWK (Maybe String) Source #

jwkX5u :: Lens' JWK (Maybe URI) Source #

jwkX5c :: Lens' JWK (Maybe (NonEmpty Base64X509)) Source #

jwkX5t :: Lens' JWK (Maybe Base64SHA1) Source #

jwkX5tS256 :: Lens' JWK (Maybe Base64SHA256) Source #

fromKeyMaterial :: KeyMaterial -> JWK Source #

genJWK :: MonadRandom m => KeyMaterialGenParam -> m JWK Source #

fromRSA :: PrivateKey -> JWK Source #

Convert RSA private key into a JWK

data JWKAlg Source #

RFC 7517 §4.4. "alg" (Algorithm) Parameter

See also RFC 7518 §6.4. which states that for "oct" keys, an "alg" member SHOULD be present to identify the algorithm intended to be used with the key, unless the application uses another means or convention to determine the algorithm used.

Constructors

JWSAlg Alg
JWEAlg Alg

Instances

Eq JWKAlg Source #
Methods (==) :: JWKAlg -> JWKAlg -> Bool # (/=) :: JWKAlg -> JWKAlg -> Bool #
Show JWKAlg Source #
Methods showsPrec :: Int -> JWKAlg -> ShowS # show :: JWKAlg -> String # showList :: [JWKAlg] -> ShowS #
ToJSON JWKAlg Source #
Methods toJSON :: JWKAlg -> Value # toEncoding :: JWKAlg -> Encoding # toJSONList :: [JWKAlg] -> Value # toEncodingList :: [JWKAlg] -> Encoding #
FromJSON JWKAlg Source #
Methods parseJSON :: Value -> Parser JWKAlg # parseJSONList :: Value -> Parser [JWKAlg] #

newtype JWKSet Source #

JWK §4. JSON Web Key Set (JWK Set) Format

Constructors

JWKSet [JWK]

Instances

Eq JWKSet Source #
Methods (==) :: JWKSet -> JWKSet -> Bool # (/=) :: JWKSet -> JWKSet -> Bool #
Show JWKSet Source #
Methods showsPrec :: Int -> JWKSet -> ShowS # show :: JWKSet -> String # showList :: [JWKSet] -> ShowS #
FromJSON JWKSet Source #
Methods parseJSON :: Value -> Parser JWKSet # parseJSONList :: Value -> Parser [JWKSet] #

bestJWSAlg :: (MonadError e m, AsError e) => JWK -> m Alg Source #

Choose the cryptographically strongest JWS algorithm for a given key. The JWK "alg" algorithm parameter is ignored.

Type classes

class AsPublicKey k where Source #

Minimal complete definition

asPublicKey

Methods

asPublicKey :: Prism' k k Source #

Instances

AsPublicKey RSAKeyParameters Source #
Methods asPublicKey :: Prism' RSAKeyParameters RSAKeyParameters Source #
AsPublicKey ECKeyParameters Source #
Methods asPublicKey :: Prism' ECKeyParameters ECKeyParameters Source #
AsPublicKey KeyMaterial Source #
Methods asPublicKey :: Prism' KeyMaterial KeyMaterial Source #
AsPublicKey OctKeyParameters Source #
Methods asPublicKey :: Prism' OctKeyParameters OctKeyParameters Source #
AsPublicKey JWK Source #
Methods asPublicKey :: Prism' JWK JWK Source #
AsPublicKey JWK' Source #
Methods asPublicKey :: Prism' JWK' JWK' Source #

"kty" (Key Type) Parameter Values

data EC Source #

Elliptic Curve key type (Recommeded+)

Constructors

EC

Instances

Eq EC Source #
Methods (==) :: EC -> EC -> Bool # (/=) :: EC -> EC -> Bool #
Ord EC Source #
Methods compare :: EC -> EC -> Ordering # (<) :: EC -> EC -> Bool # (<=) :: EC -> EC -> Bool # (>) :: EC -> EC -> Bool # (>=) :: EC -> EC -> Bool # max :: EC -> EC -> EC # min :: EC -> EC -> EC #
Show EC Source #
Methods showsPrec :: Int -> EC -> ShowS # show :: EC -> String # showList :: [EC] -> ShowS #
ToJSON EC Source #
Methods toJSON :: EC -> Value # toEncoding :: EC -> Encoding # toJSONList :: [EC] -> Value # toEncodingList :: [EC] -> Encoding #
FromJSON EC Source #
Methods parseJSON :: Value -> Parser EC # parseJSONList :: Value -> Parser [EC] #

data RSA Source #

RSA key type (Required)

Constructors

RSA

Instances

Eq RSA Source #
Methods (==) :: RSA -> RSA -> Bool # (/=) :: RSA -> RSA -> Bool #
Ord RSA Source #
Methods compare :: RSA -> RSA -> Ordering # (<) :: RSA -> RSA -> Bool # (<=) :: RSA -> RSA -> Bool # (>) :: RSA -> RSA -> Bool # (>=) :: RSA -> RSA -> Bool # max :: RSA -> RSA -> RSA # min :: RSA -> RSA -> RSA #
Show RSA Source #
Methods showsPrec :: Int -> RSA -> ShowS # show :: RSA -> String # showList :: [RSA] -> ShowS #
ToJSON RSA Source #
Methods toJSON :: RSA -> Value # toEncoding :: RSA -> Encoding # toJSONList :: [RSA] -> Value # toEncodingList :: [RSA] -> Encoding #
FromJSON RSA Source #
Methods parseJSON :: Value -> Parser RSA # parseJSONList :: Value -> Parser [RSA] #

data Oct Source #

Octet sequence (symmetric key) key type (Required)

Constructors

Oct

Instances

Eq Oct Source #
Methods (==) :: Oct -> Oct -> Bool # (/=) :: Oct -> Oct -> Bool #
Ord Oct Source #
Methods compare :: Oct -> Oct -> Ordering # (<) :: Oct -> Oct -> Bool # (<=) :: Oct -> Oct -> Bool # (>) :: Oct -> Oct -> Bool # (>=) :: Oct -> Oct -> Bool # max :: Oct -> Oct -> Oct # min :: Oct -> Oct -> Oct #
Show Oct Source #
Methods showsPrec :: Int -> Oct -> ShowS # show :: Oct -> String # showList :: [Oct] -> ShowS #
ToJSON Oct Source #
Methods toJSON :: Oct -> Value # toEncoding :: Oct -> Encoding # toJSONList :: [Oct] -> Value # toEncodingList :: [Oct] -> Encoding #
FromJSON Oct Source #
Methods parseJSON :: Value -> Parser Oct # parseJSONList :: Value -> Parser [Oct] #

Parameters for Elliptic Curve Keys

data Crv Source #

"crv" (Curve) Parameter

Constructors

P_256
P_384
P_521

Instances

Eq Crv Source #
Methods (==) :: Crv -> Crv -> Bool # (/=) :: Crv -> Crv -> Bool #
Ord Crv Source #
Methods compare :: Crv -> Crv -> Ordering # (<) :: Crv -> Crv -> Bool # (<=) :: Crv -> Crv -> Bool # (>) :: Crv -> Crv -> Bool # (>=) :: Crv -> Crv -> Bool # max :: Crv -> Crv -> Crv # min :: Crv -> Crv -> Crv #
Show Crv Source #
Methods showsPrec :: Int -> Crv -> ShowS # show :: Crv -> String # showList :: [Crv] -> ShowS #
Arbitrary Crv Source #
Methods arbitrary :: Gen Crv # shrink :: Crv -> [Crv] #
ToJSON Crv Source #
Methods toJSON :: Crv -> Value # toEncoding :: Crv -> Encoding # toJSONList :: [Crv] -> Value # toEncodingList :: [Crv] -> Encoding #
FromJSON Crv Source #
Methods parseJSON :: Value -> Parser Crv # parseJSONList :: Value -> Parser [Crv] #

data ECKeyParameters Source #

Parameters for Elliptic Curve Keys

Constructors

ECKeyParameters
Fields ecKty :: EC ecCrv :: Crv ecX :: SizedBase64Integer ecY :: SizedBase64Integer ecD :: Maybe SizedBase64Integer

Instances

Eq ECKeyParameters Source #
Methods (==) :: ECKeyParameters -> ECKeyParameters -> Bool # (/=) :: ECKeyParameters -> ECKeyParameters -> Bool #
Show ECKeyParameters Source #
Methods showsPrec :: Int -> ECKeyParameters -> ShowS # show :: ECKeyParameters -> String # showList :: [ECKeyParameters] -> ShowS #
Arbitrary ECKeyParameters Source #
Methods arbitrary :: Gen ECKeyParameters # shrink :: ECKeyParameters -> [ECKeyParameters] #
ToJSON ECKeyParameters Source #
Methods toJSON :: ECKeyParameters -> Value # toEncoding :: ECKeyParameters -> Encoding # toJSONList :: [ECKeyParameters] -> Value # toEncodingList :: [ECKeyParameters] -> Encoding #
FromJSON ECKeyParameters Source #
Methods parseJSON :: Value -> Parser ECKeyParameters # parseJSONList :: Value -> Parser [ECKeyParameters] #
AsPublicKey ECKeyParameters Source #
Methods asPublicKey :: Prism' ECKeyParameters ECKeyParameters Source #

Parameters for RSA Keys

data RSAPrivateKeyOthElem Source #

"oth" (Other Primes Info) Parameter

Constructors

RSAPrivateKeyOthElem
Fields rOth :: Base64Integer dOth :: Base64Integer tOth :: Base64Integer

Instances

Eq RSAPrivateKeyOthElem Source #
Methods (==) :: RSAPrivateKeyOthElem -> RSAPrivateKeyOthElem -> Bool # (/=) :: RSAPrivateKeyOthElem -> RSAPrivateKeyOthElem -> Bool #
Show RSAPrivateKeyOthElem Source #
Methods showsPrec :: Int -> RSAPrivateKeyOthElem -> ShowS # show :: RSAPrivateKeyOthElem -> String # showList :: [RSAPrivateKeyOthElem] -> ShowS #
Arbitrary RSAPrivateKeyOthElem Source #
Methods arbitrary :: Gen RSAPrivateKeyOthElem # shrink :: RSAPrivateKeyOthElem -> [RSAPrivateKeyOthElem] #
ToJSON RSAPrivateKeyOthElem Source #
Methods toJSON :: RSAPrivateKeyOthElem -> Value # toEncoding :: RSAPrivateKeyOthElem -> Encoding # toJSONList :: [RSAPrivateKeyOthElem] -> Value # toEncodingList :: [RSAPrivateKeyOthElem] -> Encoding #
FromJSON RSAPrivateKeyOthElem Source #
Methods parseJSON :: Value -> Parser RSAPrivateKeyOthElem # parseJSONList :: Value -> Parser [RSAPrivateKeyOthElem] #

data RSAPrivateKeyOptionalParameters Source #

Optional parameters for RSA private keys

Constructors

RSAPrivateKeyOptionalParameters
Fields rsaP :: Base64Integer rsaQ :: Base64Integer rsaDp :: Base64Integer rsaDq :: Base64Integer rsaQi :: Base64Integer rsaOth :: Maybe (NonEmpty RSAPrivateKeyOthElem)

Instances

Eq RSAPrivateKeyOptionalParameters Source #
Methods (==) :: RSAPrivateKeyOptionalParameters -> RSAPrivateKeyOptionalParameters -> Bool # (/=) :: RSAPrivateKeyOptionalParameters -> RSAPrivateKeyOptionalParameters -> Bool #
Show RSAPrivateKeyOptionalParameters Source #
Methods showsPrec :: Int -> RSAPrivateKeyOptionalParameters -> ShowS # show :: RSAPrivateKeyOptionalParameters -> String # showList :: [RSAPrivateKeyOptionalParameters] -> ShowS #
Arbitrary RSAPrivateKeyOptionalParameters Source #
Methods arbitrary :: Gen RSAPrivateKeyOptionalParameters # shrink :: RSAPrivateKeyOptionalParameters -> [RSAPrivateKeyOptionalParameters] #
ToJSON RSAPrivateKeyOptionalParameters Source #
Methods toJSON :: RSAPrivateKeyOptionalParameters -> Value # toEncoding :: RSAPrivateKeyOptionalParameters -> Encoding # toJSONList :: [RSAPrivateKeyOptionalParameters] -> Value # toEncodingList :: [RSAPrivateKeyOptionalParameters] -> Encoding #
FromJSON RSAPrivateKeyOptionalParameters Source #
Methods parseJSON :: Value -> Parser RSAPrivateKeyOptionalParameters # parseJSONList :: Value -> Parser [RSAPrivateKeyOptionalParameters] #

data RSAPrivateKeyParameters Source #

RSA private key parameters

Constructors

RSAPrivateKeyParameters
Fields rsaD :: Base64Integer rsaOptionalParameters :: Maybe RSAPrivateKeyOptionalParameters

Instances

Eq RSAPrivateKeyParameters Source #
Methods (==) :: RSAPrivateKeyParameters -> RSAPrivateKeyParameters -> Bool # (/=) :: RSAPrivateKeyParameters -> RSAPrivateKeyParameters -> Bool #
Show RSAPrivateKeyParameters Source #
Methods showsPrec :: Int -> RSAPrivateKeyParameters -> ShowS # show :: RSAPrivateKeyParameters -> String # showList :: [RSAPrivateKeyParameters] -> ShowS #
Arbitrary RSAPrivateKeyParameters Source #
Methods arbitrary :: Gen RSAPrivateKeyParameters # shrink :: RSAPrivateKeyParameters -> [RSAPrivateKeyParameters] #
ToJSON RSAPrivateKeyParameters Source #
Methods toJSON :: RSAPrivateKeyParameters -> Value # toEncoding :: RSAPrivateKeyParameters -> Encoding # toJSONList :: [RSAPrivateKeyParameters] -> Value # toEncodingList :: [RSAPrivateKeyParameters] -> Encoding #
FromJSON RSAPrivateKeyParameters Source #
Methods parseJSON :: Value -> Parser RSAPrivateKeyParameters # parseJSONList :: Value -> Parser [RSAPrivateKeyParameters] #

data RSAKeyParameters Source #

Parameters for RSA Keys

Constructors

RSAKeyParameters RSA SizedBase64Integer Base64Integer (Maybe RSAPrivateKeyParameters)

Instances

Eq RSAKeyParameters Source #
Methods (==) :: RSAKeyParameters -> RSAKeyParameters -> Bool # (/=) :: RSAKeyParameters -> RSAKeyParameters -> Bool #
Show RSAKeyParameters Source #
Methods showsPrec :: Int -> RSAKeyParameters -> ShowS # show :: RSAKeyParameters -> String # showList :: [RSAKeyParameters] -> ShowS #
Arbitrary RSAKeyParameters Source #
Methods arbitrary :: Gen RSAKeyParameters # shrink :: RSAKeyParameters -> [RSAKeyParameters] #
ToJSON RSAKeyParameters Source #
Methods toJSON :: RSAKeyParameters -> Value # toEncoding :: RSAKeyParameters -> Encoding # toJSONList :: [RSAKeyParameters] -> Value # toEncodingList :: [RSAKeyParameters] -> Encoding #
FromJSON RSAKeyParameters Source #
Methods parseJSON :: Value -> Parser RSAKeyParameters # parseJSONList :: Value -> Parser [RSAKeyParameters] #
AsPublicKey RSAKeyParameters Source #
Methods asPublicKey :: Prism' RSAKeyParameters RSAKeyParameters Source #

toRSAKeyParameters :: PrivateKey -> RSAKeyParameters Source #

rsaE :: Lens' RSAKeyParameters Base64Integer Source #

rsaKty :: Lens' RSAKeyParameters RSA Source #

rsaN :: Lens' RSAKeyParameters SizedBase64Integer Source #

rsaPrivateKeyParameters :: Lens' RSAKeyParameters (Maybe RSAPrivateKeyParameters) Source #

rsaPublicKey :: RSAKeyParameters -> PublicKey Source #

genRSA :: MonadRandom m => Int -> m RSAKeyParameters Source #

Parameters for Symmetric Keys

data OctKeyParameters Source #

Symmetric key parameters data.

Constructors

OctKeyParameters
Fields octKty :: Oct octK :: Base64Octets

Instances

Eq OctKeyParameters Source #
Methods (==) :: OctKeyParameters -> OctKeyParameters -> Bool # (/=) :: OctKeyParameters -> OctKeyParameters -> Bool #
Show OctKeyParameters Source #
Methods showsPrec :: Int -> OctKeyParameters -> ShowS # show :: OctKeyParameters -> String # showList :: [OctKeyParameters] -> ShowS #
Arbitrary OctKeyParameters Source #
Methods arbitrary :: Gen OctKeyParameters # shrink :: OctKeyParameters -> [OctKeyParameters] #
ToJSON OctKeyParameters Source #
Methods toJSON :: OctKeyParameters -> Value # toEncoding :: OctKeyParameters -> Encoding # toJSONList :: [OctKeyParameters] -> Value # toEncodingList :: [OctKeyParameters] -> Encoding #
FromJSON OctKeyParameters Source #
Methods parseJSON :: Value -> Parser OctKeyParameters # parseJSONList :: Value -> Parser [OctKeyParameters] #
AsPublicKey OctKeyParameters Source #
Methods asPublicKey :: Prism' OctKeyParameters OctKeyParameters Source #

Key generation

data KeyMaterialGenParam Source #

Keygen parameters.

Constructors

ECGenParam Crv	Generate an EC key with specified curve.
RSAGenParam Int	Generate an RSA key with specified size in bytes.
OctGenParam Int	Generate a symmetric key with specified size in bytes.

Instances

Eq KeyMaterialGenParam Source #
Methods (==) :: KeyMaterialGenParam -> KeyMaterialGenParam -> Bool # (/=) :: KeyMaterialGenParam -> KeyMaterialGenParam -> Bool #
Show KeyMaterialGenParam Source #
Methods showsPrec :: Int -> KeyMaterialGenParam -> ShowS # show :: KeyMaterialGenParam -> String # showList :: [KeyMaterialGenParam] -> ShowS #
Arbitrary KeyMaterialGenParam Source #
Methods arbitrary :: Gen KeyMaterialGenParam # shrink :: KeyMaterialGenParam -> [KeyMaterialGenParam] #

data KeyMaterial Source #

Key material sum type.

Constructors

ECKeyMaterial ECKeyParameters
RSAKeyMaterial RSAKeyParameters
OctKeyMaterial OctKeyParameters

Instances

Eq KeyMaterial Source #
Methods (==) :: KeyMaterial -> KeyMaterial -> Bool # (/=) :: KeyMaterial -> KeyMaterial -> Bool #
Show KeyMaterial Source #
Methods showsPrec :: Int -> KeyMaterial -> ShowS # show :: KeyMaterial -> String # showList :: [KeyMaterial] -> ShowS #
Arbitrary KeyMaterial Source #
Methods arbitrary :: Gen KeyMaterial # shrink :: KeyMaterial -> [KeyMaterial] #
ToJSON KeyMaterial Source #
Methods toJSON :: KeyMaterial -> Value # toEncoding :: KeyMaterial -> Encoding # toJSONList :: [KeyMaterial] -> Value # toEncodingList :: [KeyMaterial] -> Encoding #
FromJSON KeyMaterial Source #
Methods parseJSON :: Value -> Parser KeyMaterial # parseJSONList :: Value -> Parser [KeyMaterial] #
AsPublicKey KeyMaterial Source #
Methods asPublicKey :: Prism' KeyMaterial KeyMaterial Source #

genKeyMaterial :: MonadRandom m => KeyMaterialGenParam -> m KeyMaterial Source #

Signing and verification

sign :: (MonadRandom m, MonadError e m, AsError e) => Alg -> KeyMaterial -> ByteString -> m ByteString Source #

verify :: Alg -> KeyMaterial -> ByteString -> ByteString -> Either Error Bool Source #

module Crypto.Random