Safe Haskell	None
Language	Haskell98

Crypto.JOSE.JWS

Description

JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JavaScript Object Notation (JSON) based data structures.

Synopsis

Documentation

data Alg Source

JWA §3.1. "alg" (Algorithm) Header Parameters for JWS

Constructors

HS256
HS384
HS512
RS256
RS384
RS512
ES256
ES384
ES512
PS256
PS384
PS512
None

Instances

Eq Alg Source
Show Alg Source
ToJSON Alg Source
FromJSON Alg Source

data JWSHeader Source

JWS Header data type.

Constructors

JWSHeader

Fields

headerAlg :: Maybe Alg
headerJku :: Maybe URI: JWK Set URL
headerJwk :: Maybe JWK
headerKid :: Maybe String: interpretation unspecified
headerX5u :: Maybe URI
headerX5c :: Maybe (NonEmpty Base64X509)
headerX5t :: Maybe Base64SHA1
headerX5tS256 :: Maybe Base64SHA256
headerTyp :: Maybe String: Content Type (of object)
headerCty :: Maybe String: Content Type (of payload)
headerCrit :: Maybe CritParameters

Instances

Eq JWSHeader Source
Show JWSHeader Source
ToJSON JWSHeader Source
FromJSON JWSHeader Source
Default JWSHeader Source

newJWSHeader :: Alg -> JWSHeader Source

Construct a minimal header with the given algorithm

data JWS Source

JSON Web Signature data type. Consists of a payload and a (possibly empty) list of signatures.

Constructors

JWS Base64Octets [Signature]

Instances

Eq JWS Source
Show JWS Source
ToJSON JWS Source
FromJSON JWS Source
ToCompact JWS Source
FromCompact JWS Source

newJWS :: ByteString -> JWS Source

Construct a new (unsigned) JWS

jwsPayload :: JWS -> ByteString Source

Payload of a JWS, as a lazy bytestring.

signJWS Source

Arguments

:: MonadRandom m
=> JWS	JWS to sign
-> JWSHeader	Header for signature
-> JWK	Key with which to sign
-> m (Either Error JWS)	JWS with new signature appended

Create a new signature on a JWS.

newtype ValidationAlgorithms Source

Algorithms for which validation will be attempted. The default value includes all algorithms except None.

Constructors

ValidationAlgorithms [Alg]

Instances

Default ValidationAlgorithms Source

data ValidationPolicy Source

Validation policy. The default policy is AllValidated.

Constructors

AnyValidated	One successfully validated signature is sufficient
AllValidated	All signatures for which validation is attempted must be validated

Instances

Default ValidationPolicy Source

verifyJWS :: ValidationAlgorithms -> ValidationPolicy -> JWK -> JWS -> Bool Source

Verify a JWS.

Verification succeeds if any signature on the JWS is successfully validated with the given Key.

If only specific signatures need to be validated, and the ValidationPolicy argument is not enough to express this, the caller is responsible for removing irrelevant signatures prior to calling verifyJWS.