{-# LANGUAGE CPP #-}
{-# LANGUAGE FlexibleContexts #-}
{-# LANGUAGE NoMonomorphismRestriction #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE TemplateHaskell #-}
{-# LANGUAGE TypeFamilies #-}
module Crypto.JOSE.JWK
(
genJWK
, KeyMaterialGenParam(..)
, Crv(..)
, OKPCrv(..)
, JWK
, AsPublicKey(..)
, jwkMaterial
, jwkUse
, KeyUse(..)
, jwkKeyOps
, KeyOp(..)
, jwkAlg
, JWKAlg(..)
, jwkKid
, jwkX5u
, jwkX5c
, setJWKX5c
, jwkX5t
, jwkX5tS256
, fromKeyMaterial
, fromRSA
, fromOctets
, fromX509Certificate
#if MIN_VERSION_aeson(0,10,0)
, thumbprint
, digest
, Types.base64url
, module Crypto.Hash
#endif
, JWKSet(..)
, bestJWSAlg
, module Crypto.JOSE.JWA.JWK
) where
import Control.Applicative
import Control.Monad ((>=>))
import Data.Function (on)
import Data.Maybe (catMaybes)
import Data.Monoid ((<>))
import Data.Word (Word8)
import Control.Lens hiding ((.=))
import Control.Lens.Cons.Extras (recons)
import Control.Monad.Except (MonadError)
import Control.Monad.Error.Lens (throwing, throwing_)
import Crypto.Hash
import qualified Crypto.PubKey.RSA as RSA
import Data.Aeson
import qualified Data.ByteArray as BA
import qualified Data.ByteString as B
import qualified Data.ByteString.Lazy as L
import qualified Data.ByteString.Builder as Builder
import Data.List.NonEmpty
import qualified Data.Text as T
import qualified Data.X509 as X509
import Test.QuickCheck
import Crypto.JOSE.Error
import qualified Crypto.JOSE.JWA.JWE.Alg as JWA.JWE
import Crypto.JOSE.JWA.JWK
import qualified Crypto.JOSE.JWA.JWS as JWA.JWS
import qualified Crypto.JOSE.TH
import qualified Crypto.JOSE.Types as Types
import qualified Crypto.JOSE.Types.Internal as Types
data JWKAlg = JWSAlg JWA.JWS.Alg | JWEAlg JWA.JWE.Alg
deriving (Eq, Show)
instance FromJSON JWKAlg where
parseJSON v = (JWSAlg <$> parseJSON v) <|> (JWEAlg <$> parseJSON v)
instance ToJSON JWKAlg where
toJSON (JWSAlg alg) = toJSON alg
toJSON (JWEAlg alg) = toJSON alg
$(Crypto.JOSE.TH.deriveJOSEType "KeyOp"
[ "sign", "verify", "encrypt", "decrypt"
, "wrapKey", "unwrapKey", "deriveKey", "deriveBits"
])
$(Crypto.JOSE.TH.deriveJOSEType "KeyUse" ["sig", "enc"])
data JWK = JWK
{
_jwkMaterial :: Crypto.JOSE.JWA.JWK.KeyMaterial
, _jwkUse :: Maybe KeyUse
, _jwkKeyOps :: Maybe [KeyOp]
, _jwkAlg :: Maybe JWKAlg
, _jwkKid :: Maybe T.Text
, _jwkX5u :: Maybe Types.URI
, _jwkX5cRaw :: Maybe (NonEmpty X509.SignedCertificate)
, _jwkX5t :: Maybe Types.Base64SHA1
, _jwkX5tS256 :: Maybe Types.Base64SHA256
}
deriving (Eq, Show)
makeLenses ''JWK
jwkX5c :: Getter JWK (Maybe (NonEmpty X509.SignedCertificate))
jwkX5c = jwkX5cRaw
setJWKX5c :: Maybe (NonEmpty X509.SignedCertificate) -> JWK -> Maybe JWK
setJWKX5c Nothing k = pure (set jwkX5cRaw Nothing k)
setJWKX5c certs@(Just (cert :| _)) key
| certMatchesKey key cert = pure (set jwkX5cRaw certs key)
| otherwise = Nothing
certMatchesKey :: JWK -> X509.SignedCertificate -> Bool
certMatchesKey key cert =
maybe False (((==) `on` preview (jwkMaterial . asPublicKey)) key)
(fromX509CertificateMaybe cert)
instance FromJSON JWK where
parseJSON = withObject "JWK" (\o -> JWK
<$> parseJSON (Object o)
<*> o .:? "use"
<*> o .:? "key_ops"
<*> o .:? "alg"
<*> o .:? "kid"
<*> o .:? "x5u"
<*> ((fmap . fmap) (\(Types.Base64X509 cert) -> cert) <$> o .:? "x5c")
<*> o .:? "x5t"
<*> o .:? "x5t#S256"
) >=> checkKey
where
checkKey k
| maybe False (not . certMatchesKey k . Data.List.NonEmpty.head) (view jwkX5c k)
= fail "X.509 cert in \"x5c\" param does not match key"
| otherwise = pure k
instance ToJSON JWK where
toJSON JWK{..} = object $ catMaybes
[ fmap ("alg" .=) _jwkAlg
, fmap ("use" .=) _jwkUse
, fmap ("key_ops" .=) _jwkKeyOps
, fmap ("kid" .=) _jwkKid
, fmap ("x5u" .=) _jwkX5u
, fmap (("x5c" .=) . fmap Types.Base64X509) _jwkX5cRaw
, fmap ("x5t" .=) _jwkX5t
, fmap ("x5t#S256" .=) _jwkX5tS256
]
++ Types.objectPairs (toJSON _jwkMaterial)
genJWK :: MonadRandom m => KeyMaterialGenParam -> m JWK
genJWK p = fromKeyMaterial <$> genKeyMaterial p
instance Arbitrary JWK where
arbitrary = JWK
<$> arbitrary
<*> pure Nothing
<*> pure Nothing
<*> pure Nothing
<*> arbitrary
<*> pure Nothing
<*> pure Nothing
<*> arbitrary
<*> arbitrary
fromKeyMaterial :: KeyMaterial -> JWK
fromKeyMaterial k = JWK k z z z z z z z z where z = Nothing
fromRSA :: RSA.PrivateKey -> JWK
fromRSA = fromKeyMaterial . RSAKeyMaterial . toRSAKeyParameters
fromRSAPublic :: RSA.PublicKey -> JWK
fromRSAPublic = fromKeyMaterial . RSAKeyMaterial . toRSAPublicKeyParameters
fromECPublic :: X509.PubKeyEC -> Maybe JWK
fromECPublic = fmap (fromKeyMaterial . ECKeyMaterial) . ecParametersFromX509
fromOctets :: Cons s s Word8 Word8 => s -> JWK
fromOctets =
fromKeyMaterial . OctKeyMaterial . OctKeyParameters . Types.Base64Octets
. view recons
fromX509Certificate
:: (AsError e, MonadError e m)
=> X509.SignedCertificate -> m JWK
fromX509Certificate =
maybe (throwing _KeyMismatch "X.509 key type not supported") pure
. fromX509CertificateMaybe
fromX509CertificateMaybe :: X509.SignedCertificate -> Maybe JWK
fromX509CertificateMaybe cert = do
k <- case (X509.certPubKey . X509.signedObject . X509.getSigned) cert of
X509.PubKeyRSA k -> pure (fromRSAPublic k)
X509.PubKeyEC k -> fromECPublic k
_ -> Nothing
pure $ k & set jwkX5cRaw (Just (pure cert))
instance AsPublicKey JWK where
asPublicKey = to (jwkMaterial (view asPublicKey))
newtype JWKSet = JWKSet [JWK] deriving (Eq, Show)
instance FromJSON JWKSet where
parseJSON = withObject "JWKSet" (\o -> JWKSet <$> o .: "keys")
instance ToJSON JWKSet where
toJSON (JWKSet ks) = object ["keys" .= toJSON ks]
bestJWSAlg
:: (MonadError e m, AsError e)
=> JWK
-> m JWA.JWS.Alg
bestJWSAlg jwk = case view jwkMaterial jwk of
ECKeyMaterial k -> pure $ case view ecCrv k of
P_256 -> JWA.JWS.ES256
P_384 -> JWA.JWS.ES384
P_521 -> JWA.JWS.ES512
RSAKeyMaterial k ->
let
Types.Base64Integer n = view rsaN k
in
if n >= 2 ^ (2040 :: Integer)
then pure JWA.JWS.PS512
else throwing_ _KeySizeTooSmall
OctKeyMaterial (OctKeyParameters (Types.Base64Octets k))
| B.length k >= 512 `div` 8 -> pure JWA.JWS.HS512
| B.length k >= 384 `div` 8 -> pure JWA.JWS.HS384
| B.length k >= 256 `div` 8 -> pure JWA.JWS.HS256
| otherwise -> throwing_ _KeySizeTooSmall
OKPKeyMaterial (Ed25519Key _ _) -> pure JWA.JWS.EdDSA
OKPKeyMaterial _ -> throwing _KeyMismatch "Cannot sign with OKP ECDH key"
#if MIN_VERSION_aeson(0,10,0)
thumbprint :: HashAlgorithm a => Getter JWK (Digest a)
thumbprint = to (hash . L.toStrict . thumbprintRepr)
digest :: HashAlgorithm a => Prism' B.ByteString (Digest a)
digest = prism' BA.convert digestFromByteString
thumbprintRepr :: JWK -> L.ByteString
thumbprintRepr k = Builder.toLazyByteString . fromEncoding . pairs $
case view jwkMaterial k of
ECKeyMaterial k' -> "crv" .=
view ecCrv k'
<> "kty" .= ("EC" :: T.Text)
<> "x" .= view ecX k'
<> "y" .= view ecY k'
RSAKeyMaterial k' ->
"e" .= view rsaE k' <> "kty" .= ("RSA" :: T.Text) <> "n" .= view rsaN k'
OctKeyMaterial (OctKeyParameters k') ->
"k" .= k' <> "kty" .= ("oct" :: T.Text)
OKPKeyMaterial (Ed25519Key pk _) -> okpSeries "Ed25519" pk
OKPKeyMaterial (X25519Key pk _) -> okpSeries "X25519" pk
where
b64 = Types.Base64Octets . BA.convert
okpSeries crv pk =
"crv" .= (crv :: T.Text) <> "kty" .= ("OKP" :: T.Text) <> "x" .= b64 pk
#endif