module Data.QRCodes.Signature where
import Control.Monad
import Crypto.PubKey.RSA
import qualified Data.ByteString.Char8 as BS
import Data.QRCodes.Utils
import Jose.Jwa (JwsAlg (RS256))
import Jose.Jws
import Jose.Jwt (JwtError, unJwt)
import System.Directory
checkSigFile :: BS.ByteString -> FilePath -> IO (Either JwtError BS.ByteString)
checkSigFile tok filepath = do
key <- read <$> readFile filepath :: IO (PublicKey, PrivateKey)
checkSig tok key
checkSig :: BS.ByteString -> (PublicKey, PrivateKey) -> IO (Either JwtError BS.ByteString)
checkSig tok key = do
let jws = rsaDecode (fst key) tok
pure $ fmap snd jws
mkSigFile :: BS.ByteString -> FilePath -> IO BS.ByteString
mkSigFile string filepath = do
switch <- doesFileExist filepath
unless switch $ do
putStrLn "generating key..."
key <- generate 256 0x10001
writeFile filepath (show key)
key' <- read <$> readFile filepath :: IO (PublicKey, PrivateKey)
mkSig string key'
mkSig :: BS.ByteString -> (PublicKey, PrivateKey) -> IO BS.ByteString
mkSig string key = do
signedToken <- rsaEncode RS256 (snd key) string
let signed = fmap unJwt signedToken
liftEither id (return <$> signed)