Safe Haskell	None
Language	Haskell98

Crypto.JOSE.JWS

Description

JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JavaScript Object Notation (JSON) based data structures.

Synopsis

Documentation

data Alg Source #

JWA §3.1. "alg" (Algorithm) Header Parameters for JWS

Constructors

HS256
HS384
HS512
RS256
RS384
RS512
ES256
ES384
ES512
PS256
PS384
PS512
None

Instances

Eq Alg Source #
Methods (==) :: Alg -> Alg -> Bool # (/=) :: Alg -> Alg -> Bool #
Ord Alg Source #
Methods compare :: Alg -> Alg -> Ordering # (<) :: Alg -> Alg -> Bool # (<=) :: Alg -> Alg -> Bool # (>) :: Alg -> Alg -> Bool # (>=) :: Alg -> Alg -> Bool # max :: Alg -> Alg -> Alg # min :: Alg -> Alg -> Alg #
Show Alg Source #
Methods showsPrec :: Int -> Alg -> ShowS # show :: Alg -> String # showList :: [Alg] -> ShowS #
ToJSON Alg Source #
Methods toJSON :: Alg -> Value # toEncoding :: Alg -> Encoding # toJSONList :: [Alg] -> Value # toEncodingList :: [Alg] -> Encoding #
FromJSON Alg Source #
Methods parseJSON :: Value -> Parser Alg # parseJSONList :: Value -> Parser [Alg] #

class HasJWSHeader c where Source #

Minimal complete definition

jWSHeader

Methods

jWSHeader :: Lens' c JWSHeader Source #

jwsHeaderAlg :: Lens' c (HeaderParam Alg) Source #

jwsHeaderCrit :: Lens' c (Maybe (NonEmpty Text)) Source #

jwsHeaderCty :: Lens' c (Maybe (HeaderParam String)) Source #

jwsHeaderJku :: Lens' c (Maybe (HeaderParam URI)) Source #

jwsHeaderJwk :: Lens' c (Maybe (HeaderParam JWK)) Source #

jwsHeaderKid :: Lens' c (Maybe (HeaderParam String)) Source #

jwsHeaderTyp :: Lens' c (Maybe (HeaderParam String)) Source #

jwsHeaderX5c :: Lens' c (Maybe (HeaderParam (NonEmpty Base64X509))) Source #

jwsHeaderX5t :: Lens' c (Maybe (HeaderParam Base64SHA1)) Source #

jwsHeaderX5tS256 :: Lens' c (Maybe (HeaderParam Base64SHA256)) Source #

jwsHeaderX5u :: Lens' c (Maybe (HeaderParam URI)) Source #

Instances

HasJWSHeader JWSHeader Source #

data JWSHeader Source #

JWS Header data type.

Constructors

JWSHeader

Fields

_jwsHeaderAlg :: HeaderParam Alg
_jwsHeaderJku :: Maybe (HeaderParam URI)
JWK Set URL
_jwsHeaderJwk :: Maybe (HeaderParam JWK)
_jwsHeaderKid :: Maybe (HeaderParam String)
interpretation unspecified
_jwsHeaderX5u :: Maybe (HeaderParam URI)
_jwsHeaderX5c :: Maybe (HeaderParam (NonEmpty Base64X509))
_jwsHeaderX5t :: Maybe (HeaderParam Base64SHA1)
_jwsHeaderX5tS256 :: Maybe (HeaderParam Base64SHA256)
_jwsHeaderTyp :: Maybe (HeaderParam String)
Content Type (of object)
_jwsHeaderCty :: Maybe (HeaderParam String)
Content Type (of payload)
_jwsHeaderCrit :: Maybe (NonEmpty Text)

Instances

Eq JWSHeader Source #
Methods (==) :: JWSHeader -> JWSHeader -> Bool # (/=) :: JWSHeader -> JWSHeader -> Bool #
Show JWSHeader Source #
Methods showsPrec :: Int -> JWSHeader -> ShowS # show :: JWSHeader -> String # showList :: [JWSHeader] -> ShowS #
HasParams JWSHeader Source #
Methods params :: JWSHeader -> [(Protection, Pair)] Source # extensions :: Proxy * JWSHeader -> [Text] Source # parseParamsFor :: HasParams b => Proxy * b -> Maybe Object -> Maybe Object -> Parser JWSHeader Source #
HasJWSHeader JWSHeader Source #
Methods jWSHeader :: Lens' JWSHeader JWSHeader Source # jwsHeaderAlg :: Lens' JWSHeader (HeaderParam Alg) Source # jwsHeaderCrit :: Lens' JWSHeader (Maybe (NonEmpty Text)) Source # jwsHeaderCty :: Lens' JWSHeader (Maybe (HeaderParam String)) Source # jwsHeaderJku :: Lens' JWSHeader (Maybe (HeaderParam URI)) Source # jwsHeaderJwk :: Lens' JWSHeader (Maybe (HeaderParam JWK)) Source # jwsHeaderKid :: Lens' JWSHeader (Maybe (HeaderParam String)) Source # jwsHeaderTyp :: Lens' JWSHeader (Maybe (HeaderParam String)) Source # jwsHeaderX5c :: Lens' JWSHeader (Maybe (HeaderParam (NonEmpty Base64X509))) Source # jwsHeaderX5t :: Lens' JWSHeader (Maybe (HeaderParam Base64SHA1)) Source # jwsHeaderX5tS256 :: Lens' JWSHeader (Maybe (HeaderParam Base64SHA256)) Source # jwsHeaderX5u :: Lens' JWSHeader (Maybe (HeaderParam URI)) Source #

newJWSHeader :: (Protection, Alg) -> JWSHeader Source #

Construct a minimal header with the given algorithm

data Signature a Source #

Instances

(Eq a, HasParams a) => Eq (Signature a) Source #
Methods (==) :: Signature a -> Signature a -> Bool # (/=) :: Signature a -> Signature a -> Bool #
Show a => Show (Signature a) Source #
Methods showsPrec :: Int -> Signature a -> ShowS # show :: Signature a -> String # showList :: [Signature a] -> ShowS #
HasParams a => ToJSON (Signature a) Source #
Methods toJSON :: Signature a -> Value # toEncoding :: Signature a -> Encoding # toJSONList :: [Signature a] -> Value # toEncodingList :: [Signature a] -> Encoding #
HasParams a => FromJSON (Signature a) Source #
Methods parseJSON :: Value -> Parser (Signature a) # parseJSONList :: Value -> Parser [Signature a] #

header :: forall a a. Lens (Signature a) (Signature a) a a Source #

data JWS a Source #

JSON Web Signature data type. Consists of a payload and a (possibly empty) list of signatures.

Parameterised by the header type.

Constructors

JWS Base64Octets [Signature a]

Instances

(HasParams a, Eq a) => Eq (JWS a) Source #
Methods (==) :: JWS a -> JWS a -> Bool # (/=) :: JWS a -> JWS a -> Bool #
Show a => Show (JWS a) Source #
Methods showsPrec :: Int -> JWS a -> ShowS # show :: JWS a -> String # showList :: [JWS a] -> ShowS #
HasParams a => ToJSON (JWS a) Source #
Methods toJSON :: JWS a -> Value # toEncoding :: JWS a -> Encoding # toJSONList :: [JWS a] -> Value # toEncodingList :: [JWS a] -> Encoding #
HasParams a => FromJSON (JWS a) Source #
Methods parseJSON :: Value -> Parser (JWS a) # parseJSONList :: Value -> Parser [JWS a] #
HasParams a => ToCompact (JWS a) Source #
Methods toCompact :: (AsError e, MonadError e m) => JWS a -> m [ByteString] Source #
HasParams a => FromCompact (JWS a) Source #
Methods fromCompact :: (AsError e, MonadError e m) => [ByteString] -> m (JWS a) Source #

newJWS :: ByteString -> JWS a Source #

Construct a new (unsigned) JWS

jwsPayload :: JWS a -> ByteString Source #

Payload of a JWS, as a lazy bytestring.

signJWS Source #

Arguments

:: (HasJWSHeader a, HasParams a, MonadRandom m, AsError e, MonadError e m)
=> JWS a	JWS to sign
-> a	Header for signature
-> JWK	Key with which to sign
-> m (JWS a)	JWS with new signature appended

Create a new signature on a JWS.

class HasValidationSettings c where Source #

Minimal complete definition

validationSettings

Methods

validationSettings :: Lens' c ValidationSettings Source #

validationSettingsAlgorithms :: Lens' c (Set Alg) Source #

validationSettingsValidationPolicy :: Lens' c ValidationPolicy Source #

class HasAlgorithms s where Source #

Minimal complete definition

algorithms

Methods

algorithms :: Lens' s (Set Alg) Source #

Instances

HasValidationSettings a => HasAlgorithms a Source #
Methods algorithms :: Lens' a (Set Alg) Source #

class HasValidationPolicy s where Source #

Minimal complete definition

validationPolicy

Methods

validationPolicy :: Lens' s ValidationPolicy Source #

Instances

HasValidationSettings a => HasValidationPolicy a Source #
Methods validationPolicy :: Lens' a ValidationPolicy Source #

data ValidationPolicy Source #

Validation policy.

Constructors

AnyValidated	One successfully validated signature is sufficient
AllValidated	All signatures in all configured algorithms must be validated. No signatures in configured algorithms is also an error.

Instances

Eq ValidationPolicy Source #
Methods (==) :: ValidationPolicy -> ValidationPolicy -> Bool # (/=) :: ValidationPolicy -> ValidationPolicy -> Bool #

defaultValidationSettings :: ValidationSettings Source #

verifyJWS :: (HasAlgorithms a, HasValidationPolicy a, AsError e, MonadError e m, HasJWSHeader h, HasParams h) => a -> JWK -> JWS h -> m () Source #

Verify a JWS.

Signatures made with an unsupported algorithms are ignored. If the validation policy is AnyValidated, a single successfully validated signature is sufficient. If the validation policy is AllValidated then all remaining signatures (there must be at least one) must be valid.

module Crypto.JOSE.Header

HasValidationSettings ValidationSettings Source #
Methods validationSettings :: Lens' ValidationSettings ValidationSettings Source # validationSettingsAlgorithms :: Lens' ValidationSettings (Set Alg) Source # validationSettingsValidationPolicy :: Lens' ValidationSettings ValidationPolicy Source #
HasValidationSettings JWTValidationSettings Source #
Methods validationSettings :: Lens' JWTValidationSettings ValidationSettings Source # validationSettingsAlgorithms :: Lens' JWTValidationSettings (Set Alg) Source # validationSettingsValidationPolicy :: Lens' JWTValidationSettings ValidationPolicy Source #