Safe Haskell	None
Language	Haskell98

Crypto.JOSE.JWS

Description

JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JavaScript Object Notation (JSON) based data structures.

Synopsis

Documentation

data Alg Source #

JWA §3.1. "alg" (Algorithm) Header Parameters for JWS

Constructors

HS256
HS384
HS512
RS256
RS384
RS512
ES256
ES384
ES512
PS256
PS384
PS512
None

Instances

Eq Alg Source #
Methods (==) :: Alg -> Alg -> Bool # (/=) :: Alg -> Alg -> Bool #
Ord Alg Source #
Methods compare :: Alg -> Alg -> Ordering # (<) :: Alg -> Alg -> Bool # (<=) :: Alg -> Alg -> Bool # (>) :: Alg -> Alg -> Bool # (>=) :: Alg -> Alg -> Bool # max :: Alg -> Alg -> Alg # min :: Alg -> Alg -> Alg #
Show Alg Source #
Methods showsPrec :: Int -> Alg -> ShowS # show :: Alg -> String # showList :: [Alg] -> ShowS #
FromJSON Alg Source #
Methods parseJSON :: Value -> Parser Alg # parseJSONList :: Value -> Parser [Alg] #
ToJSON Alg Source #
Methods toJSON :: Alg -> Value # toEncoding :: Alg -> Encoding # toJSONList :: [Alg] -> Value # toEncodingList :: [Alg] -> Encoding #

class HasJWSHeader c where Source #

Minimal complete definition

jWSHeader

Methods

jWSHeader :: Lens' c JWSHeader Source #

jwsHeaderAlg :: Lens' c (HeaderParam Alg) Source #

jwsHeaderCrit :: Lens' c (Maybe (NonEmpty Text)) Source #

jwsHeaderCty :: Lens' c (Maybe (HeaderParam String)) Source #

jwsHeaderJku :: Lens' c (Maybe (HeaderParam URI)) Source #

jwsHeaderJwk :: Lens' c (Maybe (HeaderParam JWK)) Source #

jwsHeaderKid :: Lens' c (Maybe (HeaderParam String)) Source #

jwsHeaderTyp :: Lens' c (Maybe (HeaderParam String)) Source #

jwsHeaderX5c :: Lens' c (Maybe (HeaderParam (NonEmpty Base64X509))) Source #

jwsHeaderX5t :: Lens' c (Maybe (HeaderParam Base64SHA1)) Source #

jwsHeaderX5tS256 :: Lens' c (Maybe (HeaderParam Base64SHA256)) Source #

jwsHeaderX5u :: Lens' c (Maybe (HeaderParam URI)) Source #

Instances

HasJWSHeader JWSHeader Source #

data JWSHeader Source #

JWS Header data type.

Constructors

JWSHeader

Fields

_jwsHeaderAlg :: HeaderParam Alg
_jwsHeaderJku :: Maybe (HeaderParam URI)
JWK Set URL
_jwsHeaderJwk :: Maybe (HeaderParam JWK)
_jwsHeaderKid :: Maybe (HeaderParam String)
interpretation unspecified
_jwsHeaderX5u :: Maybe (HeaderParam URI)
_jwsHeaderX5c :: Maybe (HeaderParam (NonEmpty Base64X509))
_jwsHeaderX5t :: Maybe (HeaderParam Base64SHA1)
_jwsHeaderX5tS256 :: Maybe (HeaderParam Base64SHA256)
_jwsHeaderTyp :: Maybe (HeaderParam String)
Content Type (of object)
_jwsHeaderCty :: Maybe (HeaderParam String)
Content Type (of payload)
_jwsHeaderCrit :: Maybe (NonEmpty Text)

Instances

Eq JWSHeader Source #
Methods (==) :: JWSHeader -> JWSHeader -> Bool # (/=) :: JWSHeader -> JWSHeader -> Bool #
Show JWSHeader Source #
Methods showsPrec :: Int -> JWSHeader -> ShowS # show :: JWSHeader -> String # showList :: [JWSHeader] -> ShowS #
HasParams JWSHeader Source #
Methods params :: JWSHeader -> [(Protection, Pair)] Source # extensions :: Proxy * JWSHeader -> [Text] Source # parseParamsFor :: HasParams b => Proxy * b -> Maybe Object -> Maybe Object -> Parser JWSHeader Source #
HasJWSHeader JWSHeader Source #
Methods jWSHeader :: Lens' JWSHeader JWSHeader Source # jwsHeaderAlg :: Lens' JWSHeader (HeaderParam Alg) Source # jwsHeaderCrit :: Lens' JWSHeader (Maybe (NonEmpty Text)) Source # jwsHeaderCty :: Lens' JWSHeader (Maybe (HeaderParam String)) Source # jwsHeaderJku :: Lens' JWSHeader (Maybe (HeaderParam URI)) Source # jwsHeaderJwk :: Lens' JWSHeader (Maybe (HeaderParam JWK)) Source # jwsHeaderKid :: Lens' JWSHeader (Maybe (HeaderParam String)) Source # jwsHeaderTyp :: Lens' JWSHeader (Maybe (HeaderParam String)) Source # jwsHeaderX5c :: Lens' JWSHeader (Maybe (HeaderParam (NonEmpty Base64X509))) Source # jwsHeaderX5t :: Lens' JWSHeader (Maybe (HeaderParam Base64SHA1)) Source # jwsHeaderX5tS256 :: Lens' JWSHeader (Maybe (HeaderParam Base64SHA256)) Source # jwsHeaderX5u :: Lens' JWSHeader (Maybe (HeaderParam URI)) Source #

newJWSHeader :: (Protection, Alg) -> JWSHeader Source #

Construct a minimal header with the given algorithm

data Signature a Source #

Instances

(Eq a, HasParams a) => Eq (Signature a) Source #
Methods (==) :: Signature a -> Signature a -> Bool # (/=) :: Signature a -> Signature a -> Bool #
Show a => Show (Signature a) Source #
Methods showsPrec :: Int -> Signature a -> ShowS # show :: Signature a -> String # showList :: [Signature a] -> ShowS #
HasParams a => FromJSON (Signature a) Source #
Methods parseJSON :: Value -> Parser (Signature a) # parseJSONList :: Value -> Parser [Signature a] #
HasParams a => ToJSON (Signature a) Source #
Methods toJSON :: Signature a -> Value # toEncoding :: Signature a -> Encoding # toJSONList :: [Signature a] -> Value # toEncodingList :: [Signature a] -> Encoding #

header :: forall a a. Lens (Signature a) (Signature a) a a Source #

data JWS a Source #

JSON Web Signature data type. Consists of a payload and a (possibly empty) list of signatures.

Parameterised by the header type.

Constructors

JWS Base64Octets [Signature a]

Instances

(Eq a, HasParams a) => Eq (JWS a) Source #
Methods (==) :: JWS a -> JWS a -> Bool # (/=) :: JWS a -> JWS a -> Bool #
Show a => Show (JWS a) Source #
Methods showsPrec :: Int -> JWS a -> ShowS # show :: JWS a -> String # showList :: [JWS a] -> ShowS #
HasParams a => FromJSON (JWS a) Source #
Methods parseJSON :: Value -> Parser (JWS a) # parseJSONList :: Value -> Parser [JWS a] #
HasParams a => ToJSON (JWS a) Source #
Methods toJSON :: JWS a -> Value # toEncoding :: JWS a -> Encoding # toJSONList :: [JWS a] -> Value # toEncodingList :: [JWS a] -> Encoding #
HasParams a => ToCompact (JWS a) Source #
Methods toCompact :: (AsError e, MonadError e m) => JWS a -> m [ByteString] Source #
HasParams a => FromCompact (JWS a) Source #
Methods fromCompact :: (AsError e, MonadError e m) => [ByteString] -> m (JWS a) Source #

newJWS :: ByteString -> JWS a Source #

Construct a new (unsigned) JWS

jwsPayload :: JWS a -> ByteString Source #

Payload of a JWS, as a lazy bytestring.

signJWS Source #

Arguments

:: (HasJWSHeader a, HasParams a, MonadRandom m, AsError e, MonadError e m)
=> JWS a	JWS to sign
-> a	Header for signature
-> JWK	Key with which to sign
-> m (JWS a)	JWS with new signature appended

Create a new signature on a JWS.

class HasValidationSettings c where Source #

Minimal complete definition

validationSettings

Methods

validationSettings :: Lens' c ValidationSettings Source #

validationSettingsAlgorithms :: Lens' c (Set Alg) Source #

validationSettingsValidationPolicy :: Lens' c ValidationPolicy Source #

class HasAlgorithms s where Source #

Minimal complete definition

algorithms

Methods

algorithms :: Lens' s (Set Alg) Source #

Instances

HasValidationSettings a => HasAlgorithms a Source #
Methods algorithms :: Lens' a (Set Alg) Source #

class HasValidationPolicy s where Source #

Minimal complete definition

validationPolicy

Methods

validationPolicy :: Lens' s ValidationPolicy Source #

Instances

HasValidationSettings a => HasValidationPolicy a Source #
Methods validationPolicy :: Lens' a ValidationPolicy Source #

data ValidationPolicy Source #

Validation policy.

Constructors

AnyValidated	One successfully validated signature is sufficient
AllValidated	All signatures in all configured algorithms must be validated. No signatures in configured algorithms is also an error.

Instances

Eq ValidationPolicy Source #
Methods (==) :: ValidationPolicy -> ValidationPolicy -> Bool # (/=) :: ValidationPolicy -> ValidationPolicy -> Bool #

defaultValidationSettings :: ValidationSettings Source #

verifyJWS :: (HasAlgorithms a, HasValidationPolicy a, AsError e, MonadError e m, HasJWSHeader h, HasParams h) => a -> JWK -> JWS h -> m () Source #

Verify a JWS.

Verification succeeds if any signature on the JWS is successfully validated with the given Key.

If only specific signatures need to be validated, and the ValidationPolicy argument is not enough to express this, the caller is responsible for removing irrelevant signatures prior to calling verifyJWS.

module Crypto.JOSE.Header

HasValidationSettings ValidationSettings Source #
Methods validationSettings :: Lens' ValidationSettings ValidationSettings Source # validationSettingsAlgorithms :: Lens' ValidationSettings (Set Alg) Source # validationSettingsValidationPolicy :: Lens' ValidationSettings ValidationPolicy Source #
HasValidationSettings JWTValidationSettings Source #
Methods validationSettings :: Lens' JWTValidationSettings ValidationSettings Source # validationSettingsAlgorithms :: Lens' JWTValidationSettings (Set Alg) Source # validationSettingsValidationPolicy :: Lens' JWTValidationSettings ValidationPolicy Source #