Stability	experimental
Safe Haskell	Safe-Inferred
Language	Haskell2010

Crypto.WebAuthn.Cose.PublicKey

Contents

Public key
COSE Elliptic Curves

Description

This module contains a partial implementation of the COSE_Key format, limited to what is needed for Webauthn, and in a structured way.

Synopsis

data UncheckedPublicKey
- = PublicKeyEdDSA {
  - eddsaCurve :: CoseCurveEdDSA
  - eddsaX :: ByteString
  }
- | PublicKeyECDSA {
  - ecdsaCurve :: CoseCurveECDSA
  - ecdsaX :: Integer
  - ecdsaY :: Integer
  }
- | PublicKeyRSA {
  - rsaN :: Integer
  - rsaE :: Integer
  }
checkPublicKey :: UncheckedPublicKey -> Either Text PublicKey
data PublicKey where
- pattern PublicKey :: UncheckedPublicKey -> PublicKey
data CoseCurveEdDSA = CoseCurveEd25519
coordinateSizeEdDSA :: CoseCurveEdDSA -> Int
data CoseCurveECDSA
- = CoseCurveP256
- | CoseCurveP384
- | CoseCurveP521
toCryptCurveECDSA :: CoseCurveECDSA -> CurveName
fromCryptCurveECDSA :: CurveName -> Either Text CoseCurveECDSA
coordinateSizeECDSA :: CoseCurveECDSA -> Int

Public key

data UncheckedPublicKey Source #

(spec) A structured representation of a COSE_Key limited to what is know to be necessary for Webauthn public keys for the credentialPublicKey field, and without any signing algorithm parameters like hashes. Due to the raw nature of parameters, this type is labeled as unchecked. Parameters are checked by using the checkPublicKey function, returning a PublicKey type.

Constructors

PublicKeyEdDSA	(spec) EdDSA Signature Algorithm RFC8032 describes the elliptic curve signature scheme Edwards-curve Digital Signature Algorithm (EdDSA). In that document, the signature algorithm is instantiated using parameters for edwards25519 and edwards448 curves. The document additionally describes two variants of the EdDSA algorithm: Pure EdDSA, where no hash function is applied to the content before signing, and HashEdDSA, where a hash function is applied to the content before signing and the result of that hash function is signed. For EdDSA, the content to be signed (either the message or the pre-hash value) is processed twice inside of the signature algorithm. For use with COSE, only the pure EdDSA version is used. Security considerations are here
Fields eddsaCurve :: CoseCurveEdDSA (spec) The elliptic curve to use eddsaX :: ByteString (spec) This contains the public key bytes.
PublicKeyECDSA	(spec) ECDSA Signature Algorithm This document defines ECDSA to work only with the curves P-256, P-384, and P-521. Future documents may define it to work with other curves and points in the future. In order to promote interoperability, it is suggested that SHA-256 be used only with curve P-256, SHA-384 be used only with curve P-384, and SHA-512 be used with curve P-521. This is aligned with the recommendation in Section 4 of RFC5480. Security considerations are here
Fields ecdsaCurve :: CoseCurveECDSA (spec) The elliptic curve to use ecdsaX :: Integer (spec) This contains the x-coordinate for the EC point. The integer is converted to a byte string as defined in [SEC1]. Leading zero octets MUST be preserved. ecdsaY :: Integer (spec) This contains the value of the y-coordinate for the EC point. When encoding the value y, the integer is converted to an byte string (as defined in SEC1) and encoded as a CBOR bstr. Leading zero octets MUST be preserved.
PublicKeyRSA	(spec) RSASSA-PKCS1-v1_5 Signature Algorithm A key of size 2048 bits or larger MUST be used with these algorithms. Security considerations are here
Fields rsaN :: Integer (spec) The RSA modulus n is a product of u distinct odd primes r_i, i = 1, 2, ..., u, where u >= 2 rsaE :: Integer (spec) The RSA public exponent e is an integer between 3 and n - 1 satisfying GCD(e,\lambda(n)) = 1, where \lambda(n) = LCM(r_1 - 1, ..., r_u - 1)

Instances

Instances details

ToJSON UncheckedPublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods toJSON :: UncheckedPublicKey -> Value # toEncoding :: UncheckedPublicKey -> Encoding # toJSONList :: [UncheckedPublicKey] -> Value # toEncodingList :: [UncheckedPublicKey] -> Encoding #
Generic UncheckedPublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Associated Types type Rep UncheckedPublicKey :: Type -> Type # Methods from :: UncheckedPublicKey -> Rep UncheckedPublicKey x # to :: Rep UncheckedPublicKey x -> UncheckedPublicKey #
Show UncheckedPublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods showsPrec :: Int -> UncheckedPublicKey -> ShowS # show :: UncheckedPublicKey -> String # showList :: [UncheckedPublicKey] -> ShowS #
Eq UncheckedPublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods (==) :: UncheckedPublicKey -> UncheckedPublicKey -> Bool # (/=) :: UncheckedPublicKey -> UncheckedPublicKey -> Bool #
type Rep UncheckedPublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey type Rep UncheckedPublicKey = D1 ('MetaData "UncheckedPublicKey" "Crypto.WebAuthn.Cose.PublicKey" "webauthn-0.5.0.1-inplace" 'False) (C1 ('MetaCons "PublicKeyEdDSA" 'PrefixI 'True) (S1 ('MetaSel ('Just "eddsaCurve") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 CoseCurveEdDSA) :: S1 ('MetaSel ('Just "eddsaX") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 ByteString)) :+: (C1 ('MetaCons "PublicKeyECDSA" 'PrefixI 'True) (S1 ('MetaSel ('Just "ecdsaCurve") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 CoseCurveECDSA) :: (S1 ('MetaSel ('Just "ecdsaX") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 Integer) :: S1 ('MetaSel ('Just "ecdsaY") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 Integer))) :+: C1 ('MetaCons "PublicKeyRSA" 'PrefixI 'True) (S1 ('MetaSel ('Just "rsaN") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 Integer) :: S1 ('MetaSel ('Just "rsaE") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 Integer))))

checkPublicKey :: UncheckedPublicKey -> Either Text PublicKey Source #

Checks whether an UncheckedPublicKey is valid. This is the only way to construct a PublicKey

data PublicKey where Source #

Same as UncheckedPublicKey, but checked to be valid using checkPublicKey.

Bundled Patterns

pattern PublicKey :: UncheckedPublicKey -> PublicKey

Returns the UncheckedPublicKey for a PublicKey

Instances

Instances details

ToJSON PublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods toJSON :: PublicKey -> Value # toEncoding :: PublicKey -> Encoding # toJSONList :: [PublicKey] -> Value # toEncodingList :: [PublicKey] -> Encoding #
Show PublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods showsPrec :: Int -> PublicKey -> ShowS # show :: PublicKey -> String # showList :: [PublicKey] -> ShowS #
Eq PublicKey Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods (==) :: PublicKey -> PublicKey -> Bool # (/=) :: PublicKey -> PublicKey -> Bool #

COSE Elliptic Curves

data CoseCurveEdDSA Source #

COSE elliptic curves that can be used with EdDSA

Constructors

CoseCurveEd25519

(spec) Ed25519 for use w/ EdDSA only

Instances

Instances details

ToJSON CoseCurveEdDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods toJSON :: CoseCurveEdDSA -> Value # toEncoding :: CoseCurveEdDSA -> Encoding # toJSONList :: [CoseCurveEdDSA] -> Value # toEncodingList :: [CoseCurveEdDSA] -> Encoding #
Bounded CoseCurveEdDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods minBound :: CoseCurveEdDSA # maxBound :: CoseCurveEdDSA #
Enum CoseCurveEdDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods succ :: CoseCurveEdDSA -> CoseCurveEdDSA # pred :: CoseCurveEdDSA -> CoseCurveEdDSA # toEnum :: Int -> CoseCurveEdDSA # fromEnum :: CoseCurveEdDSA -> Int # enumFrom :: CoseCurveEdDSA -> [CoseCurveEdDSA] # enumFromThen :: CoseCurveEdDSA -> CoseCurveEdDSA -> [CoseCurveEdDSA] # enumFromTo :: CoseCurveEdDSA -> CoseCurveEdDSA -> [CoseCurveEdDSA] # enumFromThenTo :: CoseCurveEdDSA -> CoseCurveEdDSA -> CoseCurveEdDSA -> [CoseCurveEdDSA] #
Generic CoseCurveEdDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Associated Types type Rep CoseCurveEdDSA :: Type -> Type # Methods from :: CoseCurveEdDSA -> Rep CoseCurveEdDSA x # to :: Rep CoseCurveEdDSA x -> CoseCurveEdDSA #
Show CoseCurveEdDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods showsPrec :: Int -> CoseCurveEdDSA -> ShowS # show :: CoseCurveEdDSA -> String # showList :: [CoseCurveEdDSA] -> ShowS #
Eq CoseCurveEdDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods (==) :: CoseCurveEdDSA -> CoseCurveEdDSA -> Bool # (/=) :: CoseCurveEdDSA -> CoseCurveEdDSA -> Bool #
type Rep CoseCurveEdDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey type Rep CoseCurveEdDSA = D1 ('MetaData "CoseCurveEdDSA" "Crypto.WebAuthn.Cose.PublicKey" "webauthn-0.5.0.1-inplace" 'False) (C1 ('MetaCons "CoseCurveEd25519" 'PrefixI 'False) (U1 :: Type -> Type))

coordinateSizeEdDSA :: CoseCurveEdDSA -> Int Source #

Returns the size of a coordinate point for a specific EdDSA curve in bytes.

data CoseCurveECDSA Source #

COSE elliptic curves that can be used with ECDSA

Constructors

CoseCurveP256	(spec) NIST P-256 also known as secp256r1
CoseCurveP384	(spec) NIST P-384 also known as secp384r1
CoseCurveP521	(spec) NIST P-521 also known as secp521r1

Instances

Instances details

ToJSON CoseCurveECDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods toJSON :: CoseCurveECDSA -> Value # toEncoding :: CoseCurveECDSA -> Encoding # toJSONList :: [CoseCurveECDSA] -> Value # toEncodingList :: [CoseCurveECDSA] -> Encoding #
Bounded CoseCurveECDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods minBound :: CoseCurveECDSA # maxBound :: CoseCurveECDSA #
Enum CoseCurveECDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods succ :: CoseCurveECDSA -> CoseCurveECDSA # pred :: CoseCurveECDSA -> CoseCurveECDSA # toEnum :: Int -> CoseCurveECDSA # fromEnum :: CoseCurveECDSA -> Int # enumFrom :: CoseCurveECDSA -> [CoseCurveECDSA] # enumFromThen :: CoseCurveECDSA -> CoseCurveECDSA -> [CoseCurveECDSA] # enumFromTo :: CoseCurveECDSA -> CoseCurveECDSA -> [CoseCurveECDSA] # enumFromThenTo :: CoseCurveECDSA -> CoseCurveECDSA -> CoseCurveECDSA -> [CoseCurveECDSA] #
Generic CoseCurveECDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Associated Types type Rep CoseCurveECDSA :: Type -> Type # Methods from :: CoseCurveECDSA -> Rep CoseCurveECDSA x # to :: Rep CoseCurveECDSA x -> CoseCurveECDSA #
Show CoseCurveECDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods showsPrec :: Int -> CoseCurveECDSA -> ShowS # show :: CoseCurveECDSA -> String # showList :: [CoseCurveECDSA] -> ShowS #
Eq CoseCurveECDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey Methods (==) :: CoseCurveECDSA -> CoseCurveECDSA -> Bool # (/=) :: CoseCurveECDSA -> CoseCurveECDSA -> Bool #
type Rep CoseCurveECDSA Source #
Instance details Defined in Crypto.WebAuthn.Cose.PublicKey type Rep CoseCurveECDSA = D1 ('MetaData "CoseCurveECDSA" "Crypto.WebAuthn.Cose.PublicKey" "webauthn-0.5.0.1-inplace" 'False) (C1 ('MetaCons "CoseCurveP256" 'PrefixI 'False) (U1 :: Type -> Type) :+: (C1 ('MetaCons "CoseCurveP384" 'PrefixI 'False) (U1 :: Type -> Type) :+: C1 ('MetaCons "CoseCurveP521" 'PrefixI 'False) (U1 :: Type -> Type)))

toCryptCurveECDSA :: CoseCurveECDSA -> CurveName Source #

Converts a CoseCurveECDSA to an CurveName. The inverse function is fromCryptCurveECDSA

fromCryptCurveECDSA :: CurveName -> Either Text CoseCurveECDSA Source #

Tries to converts a CurveName to an CoseCurveECDSA. The inverse function is toCryptCurveECDSA

coordinateSizeECDSA :: CoseCurveECDSA -> Int Source #

Returns the size of a coordinate point for a specific ECDSA curve in bytes.