webauthn-0.10.0.0: Relying party (server) implementation of the WebAuthn 2 specification
Stabilityinternal
Safe HaskellSafe-Inferred
LanguageHaskell2010

Crypto.WebAuthn.Cose.Internal.Verify

Description

public keys and signature algorithms are represented with three different types:

  • CoseSignAlg, which is the signature algorithm used, equivalent to a COSE Algorithm from the COSE registry
  • CosePublicKey, which is a combination of a CoseSignAlg along with a public key that can be used with it. This is what the COSE_Key CBOR structure decodes to
  • PublicKey, only the public key part of CosePublicKey

The following main operations are supported for these types:

Synopsis

Public Key

fromX509 :: PubKey -> Either Text PublicKey Source #

Turns a X.509 certificates PubKey into a PublicKey

Signature verification

newtype Message Source #

A wrapper for the bytes of a message that should be verified. This is used for both assertion and assertion.

Constructors

Message 

Fields

Instances

Instances details
ToJSON Message Source # 
Instance details

Defined in Crypto.WebAuthn.Cose.PublicKeyWithSignAlg

Methods

toJSON :: Message -> Value #

toEncoding :: Message -> Encoding #

toJSONList :: [Message] -> Value #

toEncodingList :: [Message] -> Encoding #

Show Message Source # 
Instance details

Defined in Crypto.WebAuthn.Cose.PublicKeyWithSignAlg

Methods

showsPrec :: Int -> Message -> ShowS #

show :: Message -> String #

showList :: [Message] -> ShowS #

Eq Message Source # 
Instance details

Defined in Crypto.WebAuthn.Cose.PublicKeyWithSignAlg

Methods

(==) :: Message -> Message -> Bool #

(/=) :: Message -> Message -> Bool #

newtype Signature Source #

(spec) A wrapper for the bytes of a signature that can be used to verify a Message. The encoding is specific to webauthn and depends on the CoseSignAlg used.

Constructors

Signature 

Fields

Instances

Instances details
ToJSON Signature Source # 
Instance details

Defined in Crypto.WebAuthn.Cose.PublicKeyWithSignAlg

Methods

toJSON :: Signature -> Value #

toEncoding :: Signature -> Encoding #

toJSONList :: [Signature] -> Value #

toEncodingList :: [Signature] -> Encoding #

Show Signature Source # 
Instance details

Defined in Crypto.WebAuthn.Cose.PublicKeyWithSignAlg

Methods

showsPrec :: Int -> Signature -> ShowS #

show :: Signature -> String #

showList :: [Signature] -> ShowS #

Eq Signature Source # 
Instance details

Defined in Crypto.WebAuthn.Cose.PublicKeyWithSignAlg

Methods

(==) :: Signature -> Signature -> Bool #

(/=) :: Signature -> Signature -> Bool #

verify :: PublicKeyWithSignAlg -> Message -> Signature -> Either Text () Source #

Verifies an asymmetric signature for a message using a PublicKeyWithSignAlg Returns an error if the signature algorithm doesn't match. Also returns an error if the signature wasn't valid or for other errors. FIXME: https://w3c.github.io/webauthn/#sctn-signature-attestation-types kind of documents this, but not for all formats. This is notably not really related to COSE, but rather webauthn's own definitions. The spec should be made less ambiguous, file upstream issues and refactor this code

Hash Conversions to crypton types

data SomeHashAlgorithm Source #

Some crypton HashAlgorithm type, used as a return value of toCryptHashECDSA

Constructors

forall a.HashAlgorithm a => SomeHashAlgorithm a 

toCryptHashECDSA :: CoseHashAlgECDSA -> SomeHashAlgorithm Source #

Returns the crypton SomeHashAlgorithm corresponding to this hash algorithm

data SomeHashAlgorithmASN1 Source #

Some crypton HashAlgorithmASN1 type, used as a return value of toCryptHashRSA

Constructors

forall a.HashAlgorithmASN1 a => SomeHashAlgorithmASN1 a 

toCryptHashRSA :: CoseHashAlgRSA -> SomeHashAlgorithmASN1 Source #

Returns the crypton SomeHashAlgorithmASN1 corresponding to this hash algorithm