-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Platform-Agnostic Security Tokens
--   
--   Haskell implementation of PASETO (Platform-Agnostic Security Tokens).
--   . The recommended entry point for this library is
--   <a>Crypto.Paseto</a>. . For more information about this library and a
--   rundown on how to use it, check out the <a>README on GitHub</a>.
@package paseto
@version 0.1.0.0


-- | P384 ECDSA cryptographic keys.
module Crypto.Paseto.Keys.V3

-- | Elliptic curve <a>SEC_p384r1</a>.
curveP384 :: Curve

-- | ECDSA private key for curve <a>SEC_p384r1</a>.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
data PrivateKeyP384
pattern PrivateKeyP384 :: PrivateKey -> PrivateKeyP384
unPrivateKeyP384 :: PrivateKeyP384 -> PrivateKey

-- | Construct a private key for curve <a>SEC_p384r1</a>.
mkPrivateKeyP384 :: PrivateKey -> Maybe PrivateKeyP384

-- | Generate a private key for curve <a>SEC_p384r1</a>.
generatePrivateKeyP384 :: IO PrivateKeyP384

-- | Encode a private key into its binary format as defined in <a>RFC
--   5915</a>, i.e. the <tt>privateKey</tt> field described in <a>section
--   3</a>.
encodePrivateKeyP384 :: PrivateKeyP384 -> ScrubbedBytes

-- | Error decoding a scalar value.
data ScalarDecodingError

-- | Invalid scalar length.
ScalarDecodingInvalidLengthError :: !Int -> !Int -> ScalarDecodingError

-- | Decoded scalar is invalid for the curve.
ScalarDecodingInvalidError :: ScalarDecodingError

-- | Render a <a>ScalarDecodingError</a> as <a>Text</a>.
renderScalarDecodingError :: ScalarDecodingError -> Text

-- | Decode a private key from its binary format as defined in <a>RFC
--   5915</a>, i.e. the <tt>privateKey</tt> field described in <a>section
--   3</a>.
decodePrivateKeyP384 :: ScrubbedBytes -> Either ScalarDecodingError PrivateKeyP384

-- | Generate a random scalar on the curve <a>SEC_p384r1</a>.
generateScalarP384 :: IO Integer

-- | Whether a scalar is valid on the curve <a>SEC_p384r1</a>.
isScalarValidP384 :: Integer -> Bool

-- | ECDSA public key for curve <a>SEC_p384r1</a>.
data PublicKeyP384
pattern PublicKeyP384 :: PublicKey -> PublicKeyP384
unPublicKeyP384 :: PublicKeyP384 -> PublicKey

-- | Construct a public key for curve <a>SEC_p384r1</a>.
mkPublicKeyP384 :: PublicKey -> Maybe PublicKeyP384

-- | Construct the <a>PublicKeyP384</a> which corresponds to a given
--   <a>PrivateKeyP384</a>.
fromPrivateKeyP384 :: PrivateKeyP384 -> PublicKeyP384

-- | Encode an elliptic curve point into its compressed binary format as
--   defined by <a>SEC 1</a> and <a>RFC 5480 section 2.2</a>.
encodePublicKeyP384 :: PublicKeyP384 -> ByteString

-- | Error decoding a compressed elliptic curve point.
data CompressedPointDecodingError

-- | Prefix is not either of the expected values (<tt>0x02</tt> or
--   <tt>0x03</tt>).
CompressedPointDecodingInvalidPrefixError :: !Word8 -> CompressedPointDecodingError

-- | Length of the provided compressed point is invalid.
CompressedPointDecodingInvalidLengthError :: !Int -> !Int -> CompressedPointDecodingError

-- | Failed to find the modular square root of a value.
CompressedPointDecodingModularSquareRootError :: CompressedPointDecodingError

-- | Point is invalid for the curve.
CompressedPointDecodingInvalidPointError :: !Point -> CompressedPointDecodingError

-- | Error decoding an uncompressed elliptic curve point.
data UncompressedPointDecodingError

-- | Prefix is not the expected value (<tt>0x04</tt>).
UncompressedPointDecodingInvalidPrefixError :: !Word8 -> UncompressedPointDecodingError

-- | Length of the provided point is invalid.
UncompressedPointDecodingInvalidLengthError :: !Int -> !Int -> UncompressedPointDecodingError

-- | Point is invalid for the curve.
UncompressedPointDecodingInvalidPointError :: !Point -> UncompressedPointDecodingError

-- | Error decoding a public key for curve <a>SEC_p384r1</a>.
data PublicKeyP384DecodingError

-- | Error decoding a compressed public key.
PublicKeyP384DecodingCompressedError :: !CompressedPointDecodingError -> PublicKeyP384DecodingError

-- | Error decoding an uncompressed public key.
PublicKeyP384DecodingUncompressedError :: !UncompressedPointDecodingError -> PublicKeyP384DecodingError

-- | Render a <a>PublicKeyP384DecodingError</a> as <a>Text</a>.
renderPublicKeyP384DecodingError :: PublicKeyP384DecodingError -> Text

-- | Decode a public key from either its compressed or uncompressed binary
--   format as defined by <a>SEC 1</a> and <a>RFC 5480 section 2.2</a>.
decodePublicKeyP384 :: ByteString -> Either PublicKeyP384DecodingError PublicKeyP384
instance GHC.Show.Show Crypto.Paseto.Keys.V3.PrivateKeyP384
instance GHC.Classes.Eq Crypto.Paseto.Keys.V3.PublicKeyP384
instance GHC.Show.Show Crypto.Paseto.Keys.V3.PublicKeyP384
instance GHC.Classes.Eq Crypto.Paseto.Keys.V3.PublicKeyP384DecodingError
instance GHC.Show.Show Crypto.Paseto.Keys.V3.PublicKeyP384DecodingError
instance GHC.Classes.Eq Crypto.Paseto.Keys.V3.PrivateKeyP384

module Crypto.Paseto.Mode

-- | PASETO protocol version.
data Version

-- | Version 3. Modern NIST cryptography.
V3 :: Version

-- | Version 4. Modern <a>Sodium (<tt>libsodium</tt>)</a> cryptography.
V4 :: Version

-- | PASETO token purpose.
data Purpose

-- | Shared-key authenticated encryption.
Local :: Purpose

-- | Public-key digital signatures (<b>not encrypted</b>).
Public :: Purpose
instance GHC.Classes.Eq Crypto.Paseto.Mode.Version
instance GHC.Show.Show Crypto.Paseto.Mode.Version
instance GHC.Classes.Eq Crypto.Paseto.Mode.Purpose
instance GHC.Show.Show Crypto.Paseto.Mode.Purpose


-- | PASETO <a>Pre-Authentication Encoding (PAE)</a>.
module Crypto.Paseto.PreAuthenticationEncoding

-- | Encode a multipart message using <a>Pre-Authentication Encoding
--   (PAE)</a> as defined in the PASETO spec.
encode :: [ByteString] -> ByteString

-- | Error decoding a PAE-encoded message.
newtype DecodingError
DecodingError :: (ByteString, ByteOffset, String) -> DecodingError

-- | Decode a multipart message which has been encoded using
--   <a>Pre-Authentication Encoding (PAE)</a> as defined in the PASETO
--   spec.
decode :: ByteString -> Either DecodingError [ByteString]
instance GHC.Classes.Eq Crypto.Paseto.PreAuthenticationEncoding.DecodingError
instance GHC.Show.Show Crypto.Paseto.PreAuthenticationEncoding.DecodingError

module Crypto.Paseto.ScrubbedBytes

-- | Simple wrapper around a 32-byte (256-bit) <a>ScrubbedBytes</a> value.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
data ScrubbedBytes32
pattern ScrubbedBytes32 :: ScrubbedBytes -> ScrubbedBytes32

-- | Construct a 32-byte (256-bit) <a>ScrubbedBytes</a> value from an array
--   of bytes.
mkScrubbedBytes32 :: ByteArrayAccess b => b -> Maybe ScrubbedBytes32

-- | Construct a <a>ScrubbedBytes32</a> value from a <a>SizedByteArray</a>
--   of <a>ScrubbedBytes</a>.
fromSizedBytes :: SizedByteArray 32 ScrubbedBytes -> ScrubbedBytes32

-- | Convert a <a>ScrubbedBytes32</a> value to <a>ScrubbedBytes</a>.
toBytes :: ScrubbedBytes32 -> ScrubbedBytes

-- | Convert a <a>ScrubbedBytes32</a> value to a <a>SizedByteArray</a> of
--   <a>ScrubbedBytes</a>.
toSizedBytes :: ScrubbedBytes32 -> SizedByteArray 32 ScrubbedBytes

-- | Randomly generate a <a>ScrubbedBytes32</a> value.
generateScrubbedBytes32 :: IO ScrubbedBytes32
instance Data.ByteArray.Types.ByteArrayAccess Crypto.Paseto.ScrubbedBytes.ScrubbedBytes32
instance Basement.NormalForm.NormalForm Crypto.Paseto.ScrubbedBytes.ScrubbedBytes32
instance GHC.Classes.Ord Crypto.Paseto.ScrubbedBytes.ScrubbedBytes32
instance GHC.Classes.Eq Crypto.Paseto.ScrubbedBytes.ScrubbedBytes32
instance GHC.Show.Show Crypto.Paseto.ScrubbedBytes.ScrubbedBytes32
instance Control.DeepSeq.NFData Crypto.Paseto.ScrubbedBytes.ScrubbedBytes32
instance Data.ByteArray.Sized.ByteArrayN 32 Crypto.Paseto.ScrubbedBytes.ScrubbedBytes32


-- | PASETO cryptographic keys.
module Crypto.Paseto.Keys

-- | Symmetric key.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
data SymmetricKey v

-- | Version 3 symmetric key.
[SymmetricKeyV3] :: !ScrubbedBytes32 -> SymmetricKey V3

-- | Version 4 symmetric key.
[SymmetricKeyV4] :: !ScrubbedBytes32 -> SymmetricKey V4

-- | Get the raw bytes associated with a symmetric key.
symmetricKeyToBytes :: SymmetricKey v -> ScrubbedBytes

-- | Construct a version 3 symmetric key from bytes.
--   
--   If the provided byte string does not have a length of <tt>32</tt>
--   (<tt>256</tt> bits), <a>Nothing</a> is returned.
bytesToSymmetricKeyV3 :: ScrubbedBytes -> Maybe (SymmetricKey V3)

-- | Construct a version 4 symmetric key from bytes.
--   
--   If the provided byte string does not have a length of <tt>32</tt>
--   (<tt>256</tt> bits), <a>Nothing</a> is returned.
bytesToSymmetricKeyV4 :: ScrubbedBytes -> Maybe (SymmetricKey V4)

-- | Randomly generate a version 3 symmetric key.
generateSymmetricKeyV3 :: IO (SymmetricKey V3)

-- | Randomly generate a version 4 symmetric key.
generateSymmetricKeyV4 :: IO (SymmetricKey V4)

-- | Signing key (also known as a private/secret key).
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
data SigningKey v

-- | Version 3 signing key.
[SigningKeyV3] :: !PrivateKeyP384 -> SigningKey V3

-- | Version 3 signing key.
[SigningKeyV4] :: !SecretKey -> SigningKey V4

-- | Get the raw bytes associated with a signing key.
signingKeyToBytes :: SigningKey v -> ScrubbedBytes

-- | Construct a version 3 signing key from bytes.
bytesToSigningKeyV3 :: ScrubbedBytes -> Either ScalarDecodingError (SigningKey V3)

-- | Construct a version 4 signing key from bytes.
bytesToSigningKeyV4 :: ScrubbedBytes -> Maybe (SigningKey V4)

-- | Randomly generate a version 3 signing key.
generateSigningKeyV3 :: IO (SigningKey V3)

-- | Randomly generate a version 4 signing key.
generateSigningKeyV4 :: IO (SigningKey V4)

-- | Verification key (also known as a public key).
data VerificationKey v

-- | Version 3 verification key.
[VerificationKeyV3] :: !PublicKeyP384 -> VerificationKey V3

-- | Version 4 verification key.
[VerificationKeyV4] :: !PublicKey -> VerificationKey V4

-- | Get the raw bytes associated with a verification key.
verificationKeyToBytes :: VerificationKey v -> ByteString

-- | Construct a version 3 verification key from bytes.
--   
--   The input <a>ByteString</a> is expected to be formatted as either a
--   compressed or uncompressed elliptic curve public key as defined by
--   <a>SEC 1</a> and <a>RFC 5480 section 2.2</a>.
bytesToVerificationKeyV3 :: ByteString -> Either PublicKeyP384DecodingError (VerificationKey V3)

-- | Construct a version 4 verification key from bytes.
bytesToVerificationKeyV4 :: ByteString -> Maybe (VerificationKey V4)

-- | Get the <a>VerificationKey</a> which corresponds to a given
--   <a>SigningKey</a>.
fromSigningKey :: SigningKey v -> VerificationKey v
instance GHC.Classes.Eq (Crypto.Paseto.Keys.VerificationKey v)
instance GHC.Classes.Eq (Crypto.Paseto.Keys.SigningKey v)
instance GHC.Classes.Eq (Crypto.Paseto.Keys.SymmetricKey v)

module Crypto.Paseto.Token

-- | Footer consisting of unencrypted free-form data.
--   
--   The footer's contents may be JSON or some other structured data, but
--   it doesn't have to be.
--   
--   When a PASETO token is constructed, the footer is authenticated, but
--   not encrypted (i.e. its integrity is protected, but it is not made
--   confidential). In authenticated encryption schemes, this is referred
--   to as "associated data".
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
newtype Footer
Footer :: ByteString -> Footer
[unFooter] :: Footer -> ByteString

-- | Unencrypted authenticated data which is not stored in the PASETO
--   token.
--   
--   When a PASETO token is constructed, the implicit assertion is
--   authenticated, but it is not stored in the token. This is useful if
--   one wants to associate some data that should remain confidential.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
newtype ImplicitAssertion
ImplicitAssertion :: ByteString -> ImplicitAssertion
[unImplicitAssertion] :: ImplicitAssertion -> ByteString

-- | Raw PASETO token payload.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
newtype Payload
Payload :: ByteString -> Payload
[unPayload] :: Payload -> ByteString

-- | PASETO token parameterized by its protocol <a>Version</a> and
--   <a>Purpose</a>.
data Token v p

-- | PASETO version 3 local token.
[TokenV3Local] :: !Payload -> !Maybe Footer -> Token V3 Local

-- | PASETO version 3 public token.
[TokenV3Public] :: !Payload -> !Maybe Footer -> Token V3 Public

-- | PASETO version 4 local token.
[TokenV4Local] :: !Payload -> !Maybe Footer -> Token V4 Local

-- | PASETO version 4 public token.
[TokenV4Public] :: !Payload -> !Maybe Footer -> Token V4 Public

-- | Some kind of PASETO token.
data SomeToken
SomeTokenV3Local :: !Token V3 Local -> SomeToken
SomeTokenV3Public :: !Token V3 Public -> SomeToken
SomeTokenV4Local :: !Token V4 Local -> SomeToken
SomeTokenV4Public :: !Token V4 Public -> SomeToken

-- | Convert a <a>Token</a> to a <a>SomeToken</a>.
toSomeToken :: Token v p -> SomeToken
instance GHC.Show.Show Crypto.Paseto.Token.Footer
instance GHC.Show.Show Crypto.Paseto.Token.ImplicitAssertion
instance GHC.Show.Show Crypto.Paseto.Token.Payload
instance GHC.Classes.Eq Crypto.Paseto.Token.SomeToken
instance GHC.Show.Show Crypto.Paseto.Token.SomeToken
instance GHC.Show.Show (Crypto.Paseto.Token.Token v p)
instance GHC.Classes.Eq (Crypto.Paseto.Token.Token v p)
instance GHC.Classes.Eq Crypto.Paseto.Token.Payload
instance GHC.Classes.Eq Crypto.Paseto.Token.ImplicitAssertion
instance GHC.Classes.Eq Crypto.Paseto.Token.Footer


-- | PASETO token claim.
module Crypto.Paseto.Token.Claim

-- | Issuer of a token.
newtype Issuer
Issuer :: Text -> Issuer
[unIssuer] :: Issuer -> Text

-- | Subject of a token.
newtype Subject
Subject :: Text -> Subject
[unSubject] :: Subject -> Text

-- | Recipient for which a token is intended.
newtype Audience
Audience :: Text -> Audience
[unAudience] :: Audience -> Text

-- | Time after which a token expires.
newtype Expiration
Expiration :: UTCTime -> Expiration
[unExpiration] :: Expiration -> UTCTime

-- | Render an <a>Expiration</a> as <a>Text</a>.
renderExpiration :: Expiration -> Text

-- | Time from which a token should be considered valid.
newtype NotBefore
NotBefore :: UTCTime -> NotBefore
[unNotBefore] :: NotBefore -> UTCTime

-- | Render a <a>NotBefore</a> as <a>Text</a>.
renderNotBefore :: NotBefore -> Text

-- | Time at which a token was issued.
newtype IssuedAt
IssuedAt :: UTCTime -> IssuedAt
[unIssuedAt] :: IssuedAt -> UTCTime

-- | Render an <a>IssuedAt</a> as <a>Text</a>.
renderIssuedAt :: IssuedAt -> Text

-- | Token identifier.
newtype TokenIdentifier
TokenIdentifier :: Text -> TokenIdentifier
[unTokenIdentifier] :: TokenIdentifier -> Text

-- | Token claim key.
data ClaimKey
pattern IssuerClaimKey :: ClaimKey
pattern SubjectClaimKey :: ClaimKey
pattern AudienceClaimKey :: ClaimKey
pattern ExpirationClaimKey :: ClaimKey
pattern NotBeforeClaimKey :: ClaimKey
pattern IssuedAtClaimKey :: ClaimKey
pattern TokenIdentifierClaimKey :: ClaimKey
pattern CustomClaimKey :: UnregisteredClaimKey -> ClaimKey

-- | Render a <a>ClaimKey</a> as <a>Text</a>.
renderClaimKey :: ClaimKey -> Text

-- | Parse a <a>ClaimKey</a> from <a>Text</a>.
parseClaimKey :: Text -> ClaimKey

-- | Registered claims as defined by the <a>PASETO specification</a>.
registeredClaimKeys :: Set ClaimKey

-- | Unregistered claim key.
data UnregisteredClaimKey

-- | Construct an unregistered claim key.
--   
--   If the provided <tt>Text</tt> key matches that of a registered claim
--   (<a>registeredClaimKeys</a>), this function will return
--   <a>Nothing</a>.
mkUnregisteredClaimKey :: Text -> Maybe UnregisteredClaimKey

-- | Render an <a>UnregisteredClaimKey</a> as <a>Text</a>.
renderUnregisteredClaimKey :: UnregisteredClaimKey -> Text

-- | Token claim.
data Claim
IssuerClaim :: !Issuer -> Claim
SubjectClaim :: !Subject -> Claim
AudienceClaim :: !Audience -> Claim
ExpirationClaim :: !Expiration -> Claim
NotBeforeClaim :: !NotBefore -> Claim
IssuedAtClaim :: !IssuedAt -> Claim
TokenIdentifierClaim :: !TokenIdentifier -> Claim
CustomClaim :: !UnregisteredClaimKey -> !Value -> Claim

-- | Get the JSON object key which corresponds to a <a>Claim</a>.
claimKey :: Claim -> ClaimKey
claimToPair :: Claim -> Pair
claimFromJson :: Key -> Value -> Parser Claim
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claim.Issuer
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claim.Issuer
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.Issuer
instance GHC.Show.Show Crypto.Paseto.Token.Claim.Issuer
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claim.Subject
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claim.Subject
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.Subject
instance GHC.Show.Show Crypto.Paseto.Token.Claim.Subject
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claim.Audience
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claim.Audience
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.Audience
instance GHC.Show.Show Crypto.Paseto.Token.Claim.Audience
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claim.Expiration
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claim.Expiration
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.Expiration
instance GHC.Show.Show Crypto.Paseto.Token.Claim.Expiration
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claim.NotBefore
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claim.NotBefore
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.NotBefore
instance GHC.Show.Show Crypto.Paseto.Token.Claim.NotBefore
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claim.IssuedAt
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claim.IssuedAt
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.IssuedAt
instance GHC.Show.Show Crypto.Paseto.Token.Claim.IssuedAt
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claim.TokenIdentifier
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claim.TokenIdentifier
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.TokenIdentifier
instance GHC.Show.Show Crypto.Paseto.Token.Claim.TokenIdentifier
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.ClaimKey
instance GHC.Show.Show Crypto.Paseto.Token.Claim.ClaimKey
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.UnregisteredClaimKey
instance GHC.Show.Show Crypto.Paseto.Token.Claim.UnregisteredClaimKey
instance GHC.Classes.Eq Crypto.Paseto.Token.Claim.Claim
instance GHC.Show.Show Crypto.Paseto.Token.Claim.Claim
instance GHC.Classes.Ord Crypto.Paseto.Token.Claim.ClaimKey


-- | Collection of PASETO token claims.
--   
--   It is recommended to import this module qualified since it contains
--   functions which may conflict with those in <a>Prelude</a> and other
--   container implementations such as <a>Data.Map</a>.
--   
--   For example:
--   
--   <pre>
--   import Crypto.Paseto.Token.Claims (Claims)
--   import qualified Crypto.Paseto.Token.Claims as Claims
--   </pre>
module Crypto.Paseto.Token.Claims

-- | Collection of <a>Claim</a>s.
data Claims

-- | Empty collection of claims.
empty :: Claims

-- | Construct a collection of claims with a single element.
singleton :: Claim -> Claims

-- | Insert a <a>Claim</a> into a collection of <a>Claims</a>.
--   
--   Note that if a claim with the same key is already present, it is
--   replaced with the provided claim.
insert :: Claim -> Claims -> Claims

-- | Delete a claim from the collection.
delete :: ClaimKey -> Claims -> Claims

-- | Lookup the issuer claim.
lookupIssuer :: Claims -> Maybe Issuer

-- | Lookup the subject claim.
lookupSubject :: Claims -> Maybe Subject

-- | Lookup the audience claim.
lookupAudience :: Claims -> Maybe Audience

-- | Lookup the expiration claim.
lookupExpiration :: Claims -> Maybe Expiration

-- | Lookup the "not before" claim.
lookupNotBefore :: Claims -> Maybe NotBefore

-- | Lookup the "issued at" claim.
lookupIssuedAt :: Claims -> Maybe IssuedAt

-- | Lookup the token identifier claim.
lookupTokenIdentifier :: Claims -> Maybe TokenIdentifier

-- | Lookup a custom unregistered claim.
lookupCustom :: UnregisteredClaimKey -> Claims -> Maybe Value

-- | Whether a collection of claims is empty.
null :: Claims -> Bool

-- | Size of a collection of claims.
size :: Claims -> Int

-- | Convert a collection of <a>Claims</a> to a list of <a>Claim</a>s.
toList :: Claims -> [Claim]

-- | Convert a list of <a>Claim</a>s to a collection of <a>Claims</a>.
--   
--   Note that if the provided list contains more than one value for the
--   same claim, the last value for that claim is retained.
fromList :: [Claim] -> Claims
instance GHC.Base.Monoid Crypto.Paseto.Token.Claims.Claims
instance GHC.Base.Semigroup Crypto.Paseto.Token.Claims.Claims
instance GHC.Classes.Eq Crypto.Paseto.Token.Claims.Claims
instance GHC.Show.Show Crypto.Paseto.Token.Claims.Claims
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.Paseto.Token.Claims.Claims
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.Paseto.Token.Claims.Claims


-- | Implementation of <a>PASETO version 4</a> (modern <a>Sodium</a>
--   cryptography).
--   
--   Note that we're not actually using <tt>libsodium</tt> itself in this
--   module but, instead, the equivalent algorithm implementations that are
--   available in <tt>crypton</tt>.
module Crypto.Paseto.Protocol.V4
v4LocalTokenHeader :: ByteString

-- | <a>PASETO version 4 encryption</a>.
--   
--   This is an authenticated encryption with associated data (AEAD)
--   algorithm which combines the <tt>XChaCha20</tt> stream cipher with the
--   <tt>Blake2b</tt> message authentication code.
--   
--   Note that this function essentially just calls <a>encryptPure</a> with
--   a random 32-byte nonce generated from the operating system's CSPRNG.
encrypt :: SymmetricKey V4 -> Claims -> Maybe Footer -> Maybe ImplicitAssertion -> IO (Token V4 Local)

-- | Pure variant of <a>encrypt</a>.
--   
--   For typical usage, please use <a>encrypt</a>.
encryptPure :: ByteString -> SymmetricKey V4 -> Claims -> Maybe Footer -> Maybe ImplicitAssertion -> Token V4 Local

-- | PASETO version 4 decryption error.
data DecryptionError

-- | Invalid token footer.
DecryptionInvalidFooterError :: !Maybe Footer -> !Maybe Footer -> DecryptionError

-- | Invalid nonce size.
DecryptionInvalidNonceSizeError :: !Int -> DecryptionError

-- | Invalid <tt>Blake2b</tt> message authentication code size.
DecryptionInvalidMacSizeError :: !Int -> DecryptionError

-- | Invalid <tt>Blake2b</tt> message authenticartion code.
DecryptionInvalidMacError :: !ByteString -> !ByteString -> DecryptionError

-- | Error deserializing a decrypted collection of claims as JSON.
DecryptionClaimsDeserializationError :: !String -> DecryptionError

-- | Render a <a>DecryptionError</a> as <a>Text</a>.
renderDecryptionError :: DecryptionError -> Text

-- | <a>PASETO version 4 decryption</a>.
decrypt :: SymmetricKey V4 -> Token V4 Local -> Maybe Footer -> Maybe ImplicitAssertion -> Either DecryptionError Claims
v4PublicTokenHeader :: ByteString

-- | <a>PASETO version 4 cryptographic signing</a>.
--   
--   This implementation produces a token which is signed using
--   <tt>Ed25519</tt>.
sign :: SigningKey V4 -> Claims -> Maybe Footer -> Maybe ImplicitAssertion -> Token V4 Public

-- | PASETO version 4 signature verification error.
data VerificationError

-- | Invalid token footer.
VerificationInvalidFooterError :: !Maybe Footer -> !Maybe Footer -> VerificationError

-- | <a>CryptoError</a> that occurred during verification.
VerificationCryptoError :: !CryptoError -> VerificationError

-- | Signature verification failed.
VerificationInvalidSignatureError :: VerificationError

-- | Error deserializing a verified collection of claims as JSON.
VerificationClaimsDeserializationError :: !String -> VerificationError

-- | Render a <a>VerificationError</a> as <a>Text</a>.
renderVerificationError :: VerificationError -> Text

-- | <a>PASETO version 4 cryptographic signature verification</a>.
verify :: VerificationKey V4 -> Token V4 Public -> Maybe Footer -> Maybe ImplicitAssertion -> Either VerificationError Claims
instance GHC.Classes.Eq Crypto.Paseto.Protocol.V4.DecryptionError
instance GHC.Show.Show Crypto.Paseto.Protocol.V4.DecryptionError
instance GHC.Classes.Eq Crypto.Paseto.Protocol.V4.VerificationError
instance GHC.Show.Show Crypto.Paseto.Protocol.V4.VerificationError


-- | Parsers for PASETO tokens according to the <a>message format</a>
--   defined in the specification.
--   
--   Note that the parsers exported from this module <i>do not</i> perform
--   any kind of token validation, cryptographic or otherwise. These
--   parsers simply ensure that the input <i>looks like</i> a well-formed
--   token.
module Crypto.Paseto.Token.Parser

-- | Parse a version 3 local PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV3Local :: Text -> Either ParseError (Token V3 Local)

-- | Parse a version 3 public PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV3Public :: Text -> Either ParseError (Token V3 Public)

-- | Parse a version 4 local PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV4Local :: Text -> Either ParseError (Token V4 Local)

-- | Parse a version 4 public PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV4Public :: Text -> Either ParseError (Token V4 Public)

-- | Parse some kind of PASETO token from human-readable text according to
--   the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseSomeToken :: Text -> Either ParseError SomeToken

-- | Parse a <a>Version</a> from its string representation.
pVersion :: Parser Version

-- | Parse the <a>Version</a> string <tt>v3</tt>.
pVersionV3 :: Parser Version

-- | Parse the <a>Version</a> string <tt>v4</tt>.
pVersionV4 :: Parser Version

-- | Parse a <a>Purpose</a> from its string representation.
pPurpose :: Parser Purpose

-- | Parse the <a>Purpose</a> string <tt>local</tt>.
pPurposeLocal :: Parser Purpose

-- | Parse the <a>Purpose</a> string <tt>public</tt>.
pPurposePublic :: Parser Purpose

-- | Parse a <a>Payload</a> from its string representation.
pPayload :: Parser Payload

-- | Parse a <a>Footer</a> from its string representation.
pFooter :: Parser Footer

-- | Parse a <a>Payload</a> along with an optional <a>Footer</a>.
pPayloadAndFooter :: Parser (Payload, Maybe Footer)

-- | Parse the parts of a PASETO token: version, purpose, payload, and an
--   optional footer.
pTokenParts :: Parser Version -> Parser Purpose -> Parser (Version, Purpose, Payload, Maybe Footer)

-- | Parse a version 3 local PASETO token from its string representation.
--   
--   Accepted token format:
--   
--   <ul>
--   <li>Without the optional footer: <tt>v3.local.${payload}</tt></li>
--   <li>With the optional footer:
--   <tt>v3.local.${payload}.${footer}</tt></li>
--   </ul>
--   
--   Both the <tt>payload</tt> and optional <tt>footer</tt> are
--   <tt>base64url</tt>-encoded values (unpadded).
pTokenV3Local :: Parser (Token V3 Local)

-- | Parse a version 3 public PASETO token from its string representation.
--   
--   Accepted token format:
--   
--   <ul>
--   <li>Without the optional footer: <tt>v3.public.${payload}</tt></li>
--   <li>With the optional footer:
--   <tt>v3.public.${payload}.${footer}</tt></li>
--   </ul>
--   
--   Both the <tt>payload</tt> and optional <tt>footer</tt> are
--   <tt>base64url</tt>-encoded values (unpadded).
pTokenV3Public :: Parser (Token V3 Public)

-- | Parse a version 4 local PASETO token from its string representation.
--   
--   Accepted token format:
--   
--   <ul>
--   <li>Without the optional footer: <tt>v4.local.${payload}</tt></li>
--   <li>With the optional footer:
--   <tt>v4.local.${payload}.${footer}</tt></li>
--   </ul>
--   
--   Both the <tt>payload</tt> and optional <tt>footer</tt> are
--   <tt>base64url</tt>-encoded values (unpadded).
pTokenV4Local :: Parser (Token V4 Local)

-- | Parse a version 4 public PASETO token from its string representation.
--   
--   Accepted token format:
--   
--   <ul>
--   <li>Without the optional footer: <tt>v4.public.${payload}</tt></li>
--   <li>With the optional footer:
--   <tt>v4.public.${payload}.${footer}</tt></li>
--   </ul>
--   
--   Both the <tt>payload</tt> and optional <tt>footer</tt> are
--   <tt>base64url</tt>-encoded values (unpadded).
pTokenV4Public :: Parser (Token V4 Public)

-- | Parse some kind of PASETO token from its string representation.
--   
--   PASETO token format:
--   
--   <ul>
--   <li>Without the optional footer: <tt>version.purpose.payload</tt></li>
--   <li>With the optional footer:
--   <tt>version.purpose.payload.footer</tt></li>
--   </ul>
--   
--   Acceptable values for <tt>version</tt> are <tt>v3</tt> and
--   <tt>v4</tt>. <tt>v1</tt> and <tt>v2</tt> are deprecated, so they're
--   not supported.
--   
--   Acceptable values for <tt>purpose</tt> are <tt>local</tt> and
--   <tt>public</tt>.
--   
--   Both the <tt>payload</tt> and optional <tt>footer</tt> are
--   <tt>base64url</tt>-encoded values (unpadded).
pSomeToken :: Parser SomeToken


-- | PASETO token claim validation.
module Crypto.Paseto.Token.Validation

-- | Validation error.
data ValidationError

-- | Expected claim does not exist.
ValidationClaimNotFoundError :: !ClaimKey -> ValidationError

-- | Token claim is invalid.
ValidationInvalidClaimError :: !ClaimKey -> !Text -> !Text -> ValidationError

-- | Token is expired.
ValidationExpirationError :: !Expiration -> ValidationError

-- | Token's <a>IssuedAt</a> time is in the future.
ValidationIssuedAtError :: !IssuedAt -> ValidationError

-- | Token is not yet valid as its <a>NotBefore</a> time is in the future.
ValidationNotBeforeError :: !NotBefore -> ValidationError

-- | Custom validation error.
ValidationCustomError :: !Text -> ValidationError

-- | Render a <a>ValidationError</a> as <a>Text</a>.
renderValidationError :: ValidationError -> Text

-- | Render a non-empty list of <a>ValidationError</a>s as <a>Text</a>.
renderValidationErrors :: NonEmpty ValidationError -> Text

-- | Token claim validation rule.
newtype ValidationRule
ValidationRule :: (Claims -> Either ValidationError ()) -> ValidationRule
[unValidationRule] :: ValidationRule -> Claims -> Either ValidationError ()

-- | Whether a claim must exist.
newtype ClaimMustExist
ClaimMustExist :: Bool -> ClaimMustExist

-- | Validate that a token is intended for a given audience.
forAudience :: Audience -> ValidationRule

-- | Validate a token's identifier.
identifiedBy :: TokenIdentifier -> ValidationRule

-- | Validate a token's issuer.
issuedBy :: Issuer -> ValidationRule

-- | Validate that a token is not expired at the given time.
--   
--   That is, if the <a>ExpirationClaim</a> is present, check that it isn't
--   in the past (relative to the given time).
notExpired :: UTCTime -> ValidationRule

-- | Validate the subject of a token.
subject :: Subject -> ValidationRule

-- | Validate that a token is valid at the given time.
--   
--   This involves the following checks (relative to the given time):
--   
--   <ul>
--   <li>If the <a>ExpirationClaim</a> is present, check that it isn't in
--   the past.</li>
--   <li>If the <a>IssuedAtClaim</a> is present, check that it isn't in the
--   future.</li>
--   <li>If the <a>NotBeforeClaim</a> is present, check that it isn't in
--   the future.</li>
--   </ul>
validAt :: UTCTime -> ValidationRule

-- | Validate that a custom claim is equal to the given value.
customClaimEq :: ClaimMustExist -> UnregisteredClaimKey -> Value -> ValidationRule

-- | Get a list of <a>recommended default validation rules</a>.
--   
--   At the moment, the only default rule is checking <a>validAt</a> for
--   the current system time (<a>getCurrentTime</a>).
getDefaultValidationRules :: IO [ValidationRule]

-- | Validate a list of rules against a collection of claims.
--   
--   This function will run through all of the provided validation rules
--   and collect all of the errors encountered, if any. If there are no
--   validation errors, <tt>Right ()</tt> is returned.
validate :: [ValidationRule] -> Claims -> Either (NonEmpty ValidationError) ()

-- | Validate a collection of claims against the default validation rules
--   (<a>getDefaultValidationRules</a>).
validateDefault :: Claims -> IO (Either (NonEmpty ValidationError) ())
instance GHC.Classes.Eq Crypto.Paseto.Token.Validation.ValidationError
instance GHC.Show.Show Crypto.Paseto.Token.Validation.ValidationError


-- | Implementation of <a>PASETO version 3</a> (modern NIST cryptography).
module Crypto.Paseto.Protocol.V3
v3LocalTokenHeader :: ByteString

-- | PASETO version 3 encryption error.
data EncryptionError

-- | <a>CryptoError</a> that occurred during encryption.
EncryptionCryptoError :: !CryptoError -> EncryptionError

-- | Initialization vector is of an invalid size.
EncryptionInvalidInitializationVectorSizeError :: !Int -> !Int -> EncryptionError

-- | Render an <a>EncryptionError</a> as <a>Text</a>.
renderEncryptionError :: EncryptionError -> Text

-- | <a>PASETO version 3 encryption</a>.
--   
--   This is an authenticated encryption with associated data (AEAD)
--   algorithm which combines the <tt>AES-256-CTR</tt> block cipher with
--   the <tt>HMAC-SHA384</tt> message authentication code.
--   
--   Note that this function essentially just calls <a>encryptPure</a> with
--   a random 32-byte nonce generated from the operating system's CSPRNG.
encrypt :: SymmetricKey V3 -> Claims -> Maybe Footer -> Maybe ImplicitAssertion -> ExceptT EncryptionError IO (Token V3 Local)

-- | Pure variant of <a>encrypt</a>.
--   
--   For typical usage, please use <a>encrypt</a>.
encryptPure :: ByteString -> SymmetricKey V3 -> Claims -> Maybe Footer -> Maybe ImplicitAssertion -> Either EncryptionError (Token V3 Local)

-- | PASETO version 3 decryption error.
data DecryptionError

-- | Invalid token footer.
DecryptionInvalidFooterError :: !Maybe Footer -> !Maybe Footer -> DecryptionError

-- | Invalid <tt>HKDF-HMAC-SHA384</tt> nonce size.
DecryptionInvalidHkdfNonceSizeError :: !Int -> DecryptionError

-- | Invalid <tt>HMAC-SHA384</tt> message authentication code size.
DecryptionInvalidHmacSizeError :: !Int -> DecryptionError

-- | Invalid <tt>HMAC-SHA384</tt> message authentication code.
DecryptionInvalidHmacError :: !ByteString -> !ByteString -> DecryptionError

-- | <a>CryptoError</a> that occurred during decryption.
DecryptionCryptoError :: !CryptoError -> DecryptionError

-- | Initialization vector is of an invalid size.
DecryptionInvalidInitializationVectorSizeError :: !Int -> !Int -> DecryptionError

-- | Error deserializing a decrypted collection of claims as JSON.
DecryptionClaimsDeserializationError :: !String -> DecryptionError

-- | Render a <a>DecryptionError</a> as <a>Text</a>.
renderDecryptionError :: DecryptionError -> Text

-- | <a>PASETO version 3 decryption</a>.
decrypt :: SymmetricKey V3 -> Token V3 Local -> Maybe Footer -> Maybe ImplicitAssertion -> Either DecryptionError Claims
v3PublicTokenHeader :: ByteString

-- | PASETO version 3 cryptographic signing error.
data SigningError

-- | Random number, <tt>k</tt>, is zero.
SigningKIsZeroError :: SigningError

-- | Render a <a>SigningError</a> as <a>Text</a>.
renderSigningError :: SigningError -> Text

-- | <a>PASETO version 3 cryptographic signing</a>.
--   
--   This implementation produces a token which is signed using
--   <tt>ECDSA</tt> over <tt>P-384</tt> and <tt>SHA-384</tt>.
--   
--   Note that this function essentially just calls <a>signPure</a> with a
--   randomly-generated scalar multiple, <tt>k</tt>.
sign :: SigningKey V3 -> Claims -> Maybe Footer -> Maybe ImplicitAssertion -> ExceptT SigningError IO (Token V3 Public)

-- | Pure variant of <a>sign</a>.
--   
--   For typical usage, please use <a>sign</a>.
signPure :: Integer -> SigningKey V3 -> Claims -> Maybe Footer -> Maybe ImplicitAssertion -> Either SigningError (Token V3 Public)

-- | PASETO version 3 signature verification error.
data VerificationError

-- | Invalid token footer.
VerificationInvalidFooterError :: !Maybe Footer -> !Maybe Footer -> VerificationError

-- | Signature size is invalid.
VerificationInvalidSignatureSizeError :: VerificationError

-- | Signature verification failed.
VerificationInvalidSignatureError :: VerificationError

-- | Error deserializing a verified collection of claims as JSON.
VerificationClaimsDeserializationError :: !String -> VerificationError

-- | Render a <a>VerificationError</a> as <a>Text</a>.
renderVerificationError :: VerificationError -> Text

-- | <a>PASETO version 3 cryptographic signature verification</a>.
verify :: VerificationKey V3 -> Token V3 Public -> Maybe Footer -> Maybe ImplicitAssertion -> Either VerificationError Claims
instance GHC.Classes.Eq Crypto.Paseto.Protocol.V3.EncryptionError
instance GHC.Show.Show Crypto.Paseto.Protocol.V3.EncryptionError
instance GHC.Classes.Eq Crypto.Paseto.Protocol.V3.DecryptionError
instance GHC.Show.Show Crypto.Paseto.Protocol.V3.DecryptionError
instance GHC.Classes.Eq Crypto.Paseto.Protocol.V3.SigningError
instance GHC.Show.Show Crypto.Paseto.Protocol.V3.SigningError
instance GHC.Classes.Eq Crypto.Paseto.Protocol.V3.VerificationError
instance GHC.Show.Show Crypto.Paseto.Protocol.V3.VerificationError


-- | PASETO token encoding and decoding in accordance with the <a>message
--   format</a> defined in the specification.
module Crypto.Paseto.Token.Encoding

-- | Encode a PASETO token as human-readable text according to the
--   <a>message format</a> defined in the specification.
encode :: Token v p -> Text

-- | Encode a PASETO token as human-readable text according to the
--   <a>message format</a> defined in the specification.
encodeSomeToken :: SomeToken -> Text

-- | Common error decoding a PASETO token.
data CommonDecodingError

-- | Error parsing the token.
CommonDecodingParseError :: !ParseError -> CommonDecodingError

-- | Token claims validation error.
CommonDecodingClaimsValidationError :: !NonEmpty ValidationError -> CommonDecodingError

-- | Render a <a>CommonDecodingError</a> as <a>Text</a>.
renderCommonDecodingError :: CommonDecodingError -> Text

-- | Error decoding a version 3 local PASETO token.
data V3LocalDecodingError

-- | Common decoding error.
V3LocalDecodingCommonError :: !CommonDecodingError -> V3LocalDecodingError

-- | Decryption error.
V3LocalDecodingDecryptionError :: !DecryptionError -> V3LocalDecodingError

-- | Render a <a>V3LocalDecodingError</a> as <a>Text</a>.
renderV3LocalDecodingError :: V3LocalDecodingError -> Text

-- | Parse, <a>decrypt</a>, and <a>validate</a> a version 3 local PASETO
--   token.
decodeTokenV3Local :: SymmetricKey V3 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V3LocalDecodingError (ValidatedToken V3 Local)

-- | Error decoding a version 3 public PASETO token.
data V3PublicDecodingError

-- | Common decoding error.
V3PublicDecodingCommonError :: !CommonDecodingError -> V3PublicDecodingError

-- | Cryptographic signature verification error.
V3PublicDecodingVerificationError :: !VerificationError -> V3PublicDecodingError

-- | Render a <a>V3PublicDecodingError</a> as <a>Text</a>.
renderV3PublicDecodingError :: V3PublicDecodingError -> Text

-- | Parse, <a>verify</a>, and <a>validate</a> a version 3 public PASETO
--   token.
decodeTokenV3Public :: VerificationKey V3 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V3PublicDecodingError (ValidatedToken V3 Public)

-- | Error decoding a version 4 local PASETO token.
data V4LocalDecodingError

-- | Common decoding error.
V4LocalDecodingCommonError :: !CommonDecodingError -> V4LocalDecodingError

-- | Decryption error.
V4LocalDecodingDecryptionError :: !DecryptionError -> V4LocalDecodingError

-- | Render a <a>V4LocalDecodingError</a> as <a>Text</a>.
renderV4LocalDecodingError :: V4LocalDecodingError -> Text

-- | Parse, <a>decrypt</a>, and <a>validate</a> a version 4 local PASETO
--   token.
decodeTokenV4Local :: SymmetricKey V4 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V4LocalDecodingError (ValidatedToken V4 Local)

-- | Error decoding a version 4 public PASETO token.
data V4PublicDecodingError

-- | Common decoding error.
V4PublicDecodingCommonError :: !CommonDecodingError -> V4PublicDecodingError

-- | Cryptographic signature verification error.
V4PublicDecodingVerificationError :: !VerificationError -> V4PublicDecodingError

-- | Render a <a>V4PublicDecodingError</a> as <a>Text</a>.
renderV4PublicDecodingError :: V4PublicDecodingError -> Text

-- | Parse, <a>verify</a>, and <a>validate</a> a version 4 public PASETO
--   token.
decodeTokenV4Public :: VerificationKey V4 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V4PublicDecodingError (ValidatedToken V4 Public)

-- | PASETO token which has been decoded and validated.
data ValidatedToken v p
ValidatedToken :: !Token v p -> !Claims -> ValidatedToken v p

-- | Validated token.
[vtToken] :: ValidatedToken v p -> !Token v p

-- | Validated token's claims.
[vtClaims] :: ValidatedToken v p -> !Claims
instance GHC.Classes.Eq (Crypto.Paseto.Token.Encoding.ValidatedToken v p)
instance GHC.Show.Show (Crypto.Paseto.Token.Encoding.ValidatedToken v p)
instance GHC.Classes.Eq Crypto.Paseto.Token.Encoding.CommonDecodingError
instance GHC.Show.Show Crypto.Paseto.Token.Encoding.CommonDecodingError
instance GHC.Classes.Eq Crypto.Paseto.Token.Encoding.V3LocalDecodingError
instance GHC.Show.Show Crypto.Paseto.Token.Encoding.V3LocalDecodingError
instance GHC.Classes.Eq Crypto.Paseto.Token.Encoding.V3PublicDecodingError
instance GHC.Show.Show Crypto.Paseto.Token.Encoding.V3PublicDecodingError
instance GHC.Classes.Eq Crypto.Paseto.Token.Encoding.V4LocalDecodingError
instance GHC.Show.Show Crypto.Paseto.Token.Encoding.V4LocalDecodingError
instance GHC.Classes.Eq Crypto.Paseto.Token.Encoding.V4PublicDecodingError
instance GHC.Show.Show Crypto.Paseto.Token.Encoding.V4PublicDecodingError

module Crypto.Paseto.Token.Build

-- | Parameters for building a PASETO token.
data BuildTokenParams
BuildTokenParams :: !Claims -> !Maybe Footer -> !Maybe ImplicitAssertion -> BuildTokenParams
[btpClaims] :: BuildTokenParams -> !Claims
[btpFooter] :: BuildTokenParams -> !Maybe Footer
[btpImplicitAssertion] :: BuildTokenParams -> !Maybe ImplicitAssertion

-- | Get parameters for building a PASETO token which includes the
--   <a>recommended default claims</a>.
--   
--   This includes the following default claims:
--   
--   <ul>
--   <li>An <a>ExpirationClaim</a> of 1 hour from the current system
--   time.</li>
--   <li>An <a>IssuedAtClaim</a> of the current system time.</li>
--   <li>A <a>NotBeforeClaim</a> of the current system time.</li>
--   </ul>
--   
--   The default <a>Footer</a> and <a>ImplicitAssertion</a> is
--   <a>Nothing</a>.
getDefaultBuildTokenParams :: IO BuildTokenParams

-- | Error building a version 3 local PASETO token.
newtype V3LocalBuildError

-- | Encryption error.
V3LocalBuildEncryptionError :: EncryptionError -> V3LocalBuildError

-- | Render a <a>V3LocalBuildError</a> as <a>Text</a>.
renderV3LocalBuildError :: V3LocalBuildError -> Text

-- | Build a version 3 local token.
buildTokenV3Local :: BuildTokenParams -> SymmetricKey V3 -> ExceptT V3LocalBuildError IO (Token V3 Local)

-- | Error building a version 3 public PASETO token.
newtype V3PublicBuildError

-- | Cryptographic signing error.
V3PublicBuildSigningError :: SigningError -> V3PublicBuildError

-- | Render a <a>V3PublicBuildError</a> as <a>Text</a>.
renderV3PublicBuildError :: V3PublicBuildError -> Text

-- | Build a version 3 public token.
buildTokenV3Public :: BuildTokenParams -> SigningKey V3 -> ExceptT V3PublicBuildError IO (Token V3 Public)

-- | Build a version 4 local token.
buildTokenV4Local :: BuildTokenParams -> SymmetricKey V4 -> IO (Token V4 Local)

-- | Build a version 4 public token.
buildTokenV4Public :: BuildTokenParams -> SigningKey V4 -> Token V4 Public
instance GHC.Classes.Eq Crypto.Paseto.Token.Build.BuildTokenParams
instance GHC.Show.Show Crypto.Paseto.Token.Build.BuildTokenParams
instance GHC.Classes.Eq Crypto.Paseto.Token.Build.V3LocalBuildError
instance GHC.Show.Show Crypto.Paseto.Token.Build.V3LocalBuildError
instance GHC.Classes.Eq Crypto.Paseto.Token.Build.V3PublicBuildError
instance GHC.Show.Show Crypto.Paseto.Token.Build.V3PublicBuildError


-- | This module is the recommended entry point for this library.
module Crypto.Paseto

-- | PASETO protocol version.
data Version

-- | Version 3. Modern NIST cryptography.
V3 :: Version

-- | Version 4. Modern <a>Sodium (<tt>libsodium</tt>)</a> cryptography.
V4 :: Version

-- | PASETO token purpose.
data Purpose

-- | Shared-key authenticated encryption.
Local :: Purpose

-- | Public-key digital signatures (<b>not encrypted</b>).
Public :: Purpose

-- | Symmetric key.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
data SymmetricKey v

-- | Version 3 symmetric key.
[SymmetricKeyV3] :: !ScrubbedBytes32 -> SymmetricKey V3

-- | Version 4 symmetric key.
[SymmetricKeyV4] :: !ScrubbedBytes32 -> SymmetricKey V4

-- | Get the raw bytes associated with a symmetric key.
symmetricKeyToBytes :: SymmetricKey v -> ScrubbedBytes

-- | Construct a version 3 symmetric key from bytes.
--   
--   If the provided byte string does not have a length of <tt>32</tt>
--   (<tt>256</tt> bits), <a>Nothing</a> is returned.
bytesToSymmetricKeyV3 :: ScrubbedBytes -> Maybe (SymmetricKey V3)

-- | Construct a version 4 symmetric key from bytes.
--   
--   If the provided byte string does not have a length of <tt>32</tt>
--   (<tt>256</tt> bits), <a>Nothing</a> is returned.
bytesToSymmetricKeyV4 :: ScrubbedBytes -> Maybe (SymmetricKey V4)

-- | Randomly generate a version 3 symmetric key.
generateSymmetricKeyV3 :: IO (SymmetricKey V3)

-- | Randomly generate a version 4 symmetric key.
generateSymmetricKeyV4 :: IO (SymmetricKey V4)

-- | Signing key (also known as a private/secret key).
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
data SigningKey v

-- | Version 3 signing key.
[SigningKeyV3] :: !PrivateKeyP384 -> SigningKey V3

-- | Version 3 signing key.
[SigningKeyV4] :: !SecretKey -> SigningKey V4

-- | Get the raw bytes associated with a signing key.
signingKeyToBytes :: SigningKey v -> ScrubbedBytes

-- | Construct a version 3 signing key from bytes.
bytesToSigningKeyV3 :: ScrubbedBytes -> Either ScalarDecodingError (SigningKey V3)

-- | Construct a version 4 signing key from bytes.
bytesToSigningKeyV4 :: ScrubbedBytes -> Maybe (SigningKey V4)

-- | Randomly generate a version 3 signing key.
generateSigningKeyV3 :: IO (SigningKey V3)

-- | Randomly generate a version 4 signing key.
generateSigningKeyV4 :: IO (SigningKey V4)

-- | Error decoding a scalar value.
data ScalarDecodingError

-- | Invalid scalar length.
ScalarDecodingInvalidLengthError :: !Int -> !Int -> ScalarDecodingError

-- | Decoded scalar is invalid for the curve.
ScalarDecodingInvalidError :: ScalarDecodingError

-- | Render a <a>ScalarDecodingError</a> as <a>Text</a>.
renderScalarDecodingError :: ScalarDecodingError -> Text

-- | Verification key (also known as a public key).
data VerificationKey v

-- | Version 3 verification key.
[VerificationKeyV3] :: !PublicKeyP384 -> VerificationKey V3

-- | Version 4 verification key.
[VerificationKeyV4] :: !PublicKey -> VerificationKey V4

-- | Get the raw bytes associated with a verification key.
verificationKeyToBytes :: VerificationKey v -> ByteString

-- | Construct a version 3 verification key from bytes.
--   
--   The input <a>ByteString</a> is expected to be formatted as either a
--   compressed or uncompressed elliptic curve public key as defined by
--   <a>SEC 1</a> and <a>RFC 5480 section 2.2</a>.
bytesToVerificationKeyV3 :: ByteString -> Either PublicKeyP384DecodingError (VerificationKey V3)

-- | Construct a version 4 verification key from bytes.
bytesToVerificationKeyV4 :: ByteString -> Maybe (VerificationKey V4)

-- | Get the <a>VerificationKey</a> which corresponds to a given
--   <a>SigningKey</a>.
fromSigningKey :: SigningKey v -> VerificationKey v

-- | Error decoding a public key for curve <a>SEC_p384r1</a>.
data PublicKeyP384DecodingError

-- | Error decoding a compressed public key.
PublicKeyP384DecodingCompressedError :: !CompressedPointDecodingError -> PublicKeyP384DecodingError

-- | Error decoding an uncompressed public key.
PublicKeyP384DecodingUncompressedError :: !UncompressedPointDecodingError -> PublicKeyP384DecodingError

-- | Render a <a>PublicKeyP384DecodingError</a> as <a>Text</a>.
renderPublicKeyP384DecodingError :: PublicKeyP384DecodingError -> Text

-- | PASETO token parameterized by its protocol <a>Version</a> and
--   <a>Purpose</a>.
data Token v p

-- | PASETO version 3 local token.
[TokenV3Local] :: !Payload -> !Maybe Footer -> Token V3 Local

-- | PASETO version 3 public token.
[TokenV3Public] :: !Payload -> !Maybe Footer -> Token V3 Public

-- | PASETO version 4 local token.
[TokenV4Local] :: !Payload -> !Maybe Footer -> Token V4 Local

-- | PASETO version 4 public token.
[TokenV4Public] :: !Payload -> !Maybe Footer -> Token V4 Public

-- | Raw PASETO token payload.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
newtype Payload
Payload :: ByteString -> Payload
[unPayload] :: Payload -> ByteString

-- | Footer consisting of unencrypted free-form data.
--   
--   The footer's contents may be JSON or some other structured data, but
--   it doesn't have to be.
--   
--   When a PASETO token is constructed, the footer is authenticated, but
--   not encrypted (i.e. its integrity is protected, but it is not made
--   confidential). In authenticated encryption schemes, this is referred
--   to as "associated data".
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
newtype Footer
Footer :: ByteString -> Footer
[unFooter] :: Footer -> ByteString

-- | Unencrypted authenticated data which is not stored in the PASETO
--   token.
--   
--   When a PASETO token is constructed, the implicit assertion is
--   authenticated, but it is not stored in the token. This is useful if
--   one wants to associate some data that should remain confidential.
--   
--   Note that this type's <a>Eq</a> instance performs a constant-time
--   equality check.
newtype ImplicitAssertion
ImplicitAssertion :: ByteString -> ImplicitAssertion
[unImplicitAssertion] :: ImplicitAssertion -> ByteString

-- | Parameters for building a PASETO token.
data BuildTokenParams
BuildTokenParams :: !Claims -> !Maybe Footer -> !Maybe ImplicitAssertion -> BuildTokenParams
[btpClaims] :: BuildTokenParams -> !Claims
[btpFooter] :: BuildTokenParams -> !Maybe Footer
[btpImplicitAssertion] :: BuildTokenParams -> !Maybe ImplicitAssertion

-- | Get parameters for building a PASETO token which includes the
--   <a>recommended default claims</a>.
--   
--   This includes the following default claims:
--   
--   <ul>
--   <li>An <a>ExpirationClaim</a> of 1 hour from the current system
--   time.</li>
--   <li>An <a>IssuedAtClaim</a> of the current system time.</li>
--   <li>A <a>NotBeforeClaim</a> of the current system time.</li>
--   </ul>
--   
--   The default <a>Footer</a> and <a>ImplicitAssertion</a> is
--   <a>Nothing</a>.
getDefaultBuildTokenParams :: IO BuildTokenParams

-- | Build a version 3 local token.
buildTokenV3Local :: BuildTokenParams -> SymmetricKey V3 -> ExceptT V3LocalBuildError IO (Token V3 Local)

-- | Build a version 3 public token.
buildTokenV3Public :: BuildTokenParams -> SigningKey V3 -> ExceptT V3PublicBuildError IO (Token V3 Public)

-- | Build a version 4 local token.
buildTokenV4Local :: BuildTokenParams -> SymmetricKey V4 -> IO (Token V4 Local)

-- | Build a version 4 public token.
buildTokenV4Public :: BuildTokenParams -> SigningKey V4 -> Token V4 Public

-- | Error building a version 3 local PASETO token.
newtype V3LocalBuildError

-- | Encryption error.
V3LocalBuildEncryptionError :: EncryptionError -> V3LocalBuildError

-- | Render a <a>V3LocalBuildError</a> as <a>Text</a>.
renderV3LocalBuildError :: V3LocalBuildError -> Text

-- | Error building a version 3 public PASETO token.
newtype V3PublicBuildError

-- | Cryptographic signing error.
V3PublicBuildSigningError :: SigningError -> V3PublicBuildError

-- | Render a <a>V3PublicBuildError</a> as <a>Text</a>.
renderV3PublicBuildError :: V3PublicBuildError -> Text

-- | Encode a PASETO token as human-readable text according to the
--   <a>message format</a> defined in the specification.
encode :: Token v p -> Text

-- | PASETO token which has been decoded and validated.
data ValidatedToken v p
ValidatedToken :: !Token v p -> !Claims -> ValidatedToken v p

-- | Validated token.
[vtToken] :: ValidatedToken v p -> !Token v p

-- | Validated token's claims.
[vtClaims] :: ValidatedToken v p -> !Claims

-- | Parse, <a>decrypt</a>, and <a>validate</a> a version 3 local PASETO
--   token.
decodeTokenV3Local :: SymmetricKey V3 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V3LocalDecodingError (ValidatedToken V3 Local)

-- | Parse, <a>verify</a>, and <a>validate</a> a version 3 public PASETO
--   token.
decodeTokenV3Public :: VerificationKey V3 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V3PublicDecodingError (ValidatedToken V3 Public)

-- | Parse, <a>decrypt</a>, and <a>validate</a> a version 4 local PASETO
--   token.
decodeTokenV4Local :: SymmetricKey V4 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V4LocalDecodingError (ValidatedToken V4 Local)

-- | Parse, <a>verify</a>, and <a>validate</a> a version 4 public PASETO
--   token.
decodeTokenV4Public :: VerificationKey V4 -> [ValidationRule] -> Maybe Footer -> Maybe ImplicitAssertion -> Text -> Either V4PublicDecodingError (ValidatedToken V4 Public)

-- | Common error decoding a PASETO token.
data CommonDecodingError

-- | Error parsing the token.
CommonDecodingParseError :: !ParseError -> CommonDecodingError

-- | Token claims validation error.
CommonDecodingClaimsValidationError :: !NonEmpty ValidationError -> CommonDecodingError

-- | Render a <a>CommonDecodingError</a> as <a>Text</a>.
renderCommonDecodingError :: CommonDecodingError -> Text

-- | Error decoding a version 3 local PASETO token.
data V3LocalDecodingError

-- | Common decoding error.
V3LocalDecodingCommonError :: !CommonDecodingError -> V3LocalDecodingError

-- | Decryption error.
V3LocalDecodingDecryptionError :: !DecryptionError -> V3LocalDecodingError

-- | Render a <a>V3LocalDecodingError</a> as <a>Text</a>.
renderV3LocalDecodingError :: V3LocalDecodingError -> Text

-- | Error decoding a version 3 public PASETO token.
data V3PublicDecodingError

-- | Common decoding error.
V3PublicDecodingCommonError :: !CommonDecodingError -> V3PublicDecodingError

-- | Cryptographic signature verification error.
V3PublicDecodingVerificationError :: !VerificationError -> V3PublicDecodingError

-- | Render a <a>V3PublicDecodingError</a> as <a>Text</a>.
renderV3PublicDecodingError :: V3PublicDecodingError -> Text

-- | Error decoding a version 4 local PASETO token.
data V4LocalDecodingError

-- | Common decoding error.
V4LocalDecodingCommonError :: !CommonDecodingError -> V4LocalDecodingError

-- | Decryption error.
V4LocalDecodingDecryptionError :: !DecryptionError -> V4LocalDecodingError

-- | Render a <a>V4LocalDecodingError</a> as <a>Text</a>.
renderV4LocalDecodingError :: V4LocalDecodingError -> Text

-- | Error decoding a version 4 public PASETO token.
data V4PublicDecodingError

-- | Common decoding error.
V4PublicDecodingCommonError :: !CommonDecodingError -> V4PublicDecodingError

-- | Cryptographic signature verification error.
V4PublicDecodingVerificationError :: !VerificationError -> V4PublicDecodingError

-- | Render a <a>V4PublicDecodingError</a> as <a>Text</a>.
renderV4PublicDecodingError :: V4PublicDecodingError -> Text

-- | Collection of <a>Claim</a>s.
data Claims

-- | Token claim.
data Claim
IssuerClaim :: !Issuer -> Claim
SubjectClaim :: !Subject -> Claim
AudienceClaim :: !Audience -> Claim
ExpirationClaim :: !Expiration -> Claim
NotBeforeClaim :: !NotBefore -> Claim
IssuedAtClaim :: !IssuedAt -> Claim
TokenIdentifierClaim :: !TokenIdentifier -> Claim
CustomClaim :: !UnregisteredClaimKey -> !Value -> Claim

-- | Issuer of a token.
newtype Issuer
Issuer :: Text -> Issuer
[unIssuer] :: Issuer -> Text

-- | Subject of a token.
newtype Subject
Subject :: Text -> Subject
[unSubject] :: Subject -> Text

-- | Recipient for which a token is intended.
newtype Audience
Audience :: Text -> Audience
[unAudience] :: Audience -> Text

-- | Time after which a token expires.
newtype Expiration
Expiration :: UTCTime -> Expiration
[unExpiration] :: Expiration -> UTCTime

-- | Render an <a>Expiration</a> as <a>Text</a>.
renderExpiration :: Expiration -> Text

-- | Time from which a token should be considered valid.
newtype NotBefore
NotBefore :: UTCTime -> NotBefore
[unNotBefore] :: NotBefore -> UTCTime

-- | Render a <a>NotBefore</a> as <a>Text</a>.
renderNotBefore :: NotBefore -> Text

-- | Time at which a token was issued.
newtype IssuedAt
IssuedAt :: UTCTime -> IssuedAt
[unIssuedAt] :: IssuedAt -> UTCTime

-- | Render an <a>IssuedAt</a> as <a>Text</a>.
renderIssuedAt :: IssuedAt -> Text

-- | Token identifier.
newtype TokenIdentifier
TokenIdentifier :: Text -> TokenIdentifier
[unTokenIdentifier] :: TokenIdentifier -> Text

-- | Unregistered claim key.
data UnregisteredClaimKey

-- | Construct an unregistered claim key.
--   
--   If the provided <tt>Text</tt> key matches that of a registered claim
--   (<a>registeredClaimKeys</a>), this function will return
--   <a>Nothing</a>.
mkUnregisteredClaimKey :: Text -> Maybe UnregisteredClaimKey

-- | Render an <a>UnregisteredClaimKey</a> as <a>Text</a>.
renderUnregisteredClaimKey :: UnregisteredClaimKey -> Text

-- | Token claim validation rule.
newtype ValidationRule
ValidationRule :: (Claims -> Either ValidationError ()) -> ValidationRule
[unValidationRule] :: ValidationRule -> Claims -> Either ValidationError ()

-- | Whether a claim must exist.
newtype ClaimMustExist
ClaimMustExist :: Bool -> ClaimMustExist

-- | Get a list of <a>recommended default validation rules</a>.
--   
--   At the moment, the only default rule is checking <a>validAt</a> for
--   the current system time (<a>getCurrentTime</a>).
getDefaultValidationRules :: IO [ValidationRule]

-- | Validate that a token is intended for a given audience.
forAudience :: Audience -> ValidationRule

-- | Validate a token's identifier.
identifiedBy :: TokenIdentifier -> ValidationRule

-- | Validate a token's issuer.
issuedBy :: Issuer -> ValidationRule

-- | Validate that a token is not expired at the given time.
--   
--   That is, if the <a>ExpirationClaim</a> is present, check that it isn't
--   in the past (relative to the given time).
notExpired :: UTCTime -> ValidationRule

-- | Validate the subject of a token.
subject :: Subject -> ValidationRule

-- | Validate that a token is valid at the given time.
--   
--   This involves the following checks (relative to the given time):
--   
--   <ul>
--   <li>If the <a>ExpirationClaim</a> is present, check that it isn't in
--   the past.</li>
--   <li>If the <a>IssuedAtClaim</a> is present, check that it isn't in the
--   future.</li>
--   <li>If the <a>NotBeforeClaim</a> is present, check that it isn't in
--   the future.</li>
--   </ul>
validAt :: UTCTime -> ValidationRule

-- | Validate that a custom claim is equal to the given value.
customClaimEq :: ClaimMustExist -> UnregisteredClaimKey -> Value -> ValidationRule

-- | Validation error.
data ValidationError

-- | Expected claim does not exist.
ValidationClaimNotFoundError :: !ClaimKey -> ValidationError

-- | Token claim is invalid.
ValidationInvalidClaimError :: !ClaimKey -> !Text -> !Text -> ValidationError

-- | Token is expired.
ValidationExpirationError :: !Expiration -> ValidationError

-- | Token's <a>IssuedAt</a> time is in the future.
ValidationIssuedAtError :: !IssuedAt -> ValidationError

-- | Token is not yet valid as its <a>NotBefore</a> time is in the future.
ValidationNotBeforeError :: !NotBefore -> ValidationError

-- | Custom validation error.
ValidationCustomError :: !Text -> ValidationError

-- | Render a <a>ValidationError</a> as <a>Text</a>.
renderValidationError :: ValidationError -> Text

-- | Render a non-empty list of <a>ValidationError</a>s as <a>Text</a>.
renderValidationErrors :: NonEmpty ValidationError -> Text

-- | Parse a version 3 local PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV3Local :: Text -> Either ParseError (Token V3 Local)

-- | Parse a version 3 public PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV3Public :: Text -> Either ParseError (Token V3 Public)

-- | Parse a version 4 local PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV4Local :: Text -> Either ParseError (Token V4 Local)

-- | Parse a version 4 public PASETO token from human-readable text
--   according to the <a>message format</a> defined in the specification.
--   
--   Note that this function does not perform any kind of token validation,
--   cryptographic or otherwise. It simply parses the token and ensures
--   that it is well-formed.
parseTokenV4Public :: Text -> Either ParseError (Token V4 Public)