-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/


-- | Javascript Object Signing and Encryption and JSON Web Token library
--   
--   An implementation of the Javascript Object Signing and Encryption
--   (JOSE) and JSON Web Token (JWT; RFC 7519) formats.
--   
--   The JSON Web Signature (JWS; RFC 7515) implementation is complete.
--   
--   EdDSA signatures (RFC 8037) are supported (Ed25519 only).
--   
--   JWK Thumbprint (RFC 7638) is supported (requires <i>aeson</i> &gt;=
--   0.10).
--   
--   JSON Web Encryption (JWE; RFC 7516) is not yet implemented.
--   
--   The <b>ECDSA implementation is vulnerable to timing attacks</b> and
--   should only be used for verification.
@package jose
@version 0.7.0.0


-- | Advanced Encryption Standard (AES) Key Wrap Algorithm;
--   <a>https://https://tools.ietf.org/html/rfc3394</a>.
module Crypto.JOSE.AESKW

-- | Wrap a secret.
--   
--   Input size must be a multiple of 8 bytes, and at least 16 bytes.
--   Output size is input size plus 8 bytes.
aesKeyWrap :: (ByteArrayAccess m, ByteArray c, BlockCipher128 cipher) => cipher -> m -> c

-- | Unwrap a secret.
--   
--   Input size must be a multiple of 8 bytes, and at least 24 bytes.
--   Output size is input size minus 8 bytes.
--   
--   Returns <a>Nothing</a> if inherent integrity check fails. Otherwise,
--   the chance that the key data is corrupt is 2 ^ -64.
aesKeyUnwrap :: (ByteArrayAccess c, ByteArray m, BlockCipher128 cipher) => cipher -> c -> Maybe m


-- | JOSE error types.
module Crypto.JOSE.Error

-- | All the errors that can occur.
data Error

-- | A requested algorithm is not implemented
AlgorithmNotImplemented :: Error

-- | A requested algorithm cannot be used
AlgorithmMismatch :: String -> Error

-- | Wrong type of key was given
KeyMismatch :: String -> Error

-- | Key size is too small
KeySizeTooSmall :: Error

-- | RSA private key with &gt;2 primes not supported
OtherPrimesNotSupported :: Error

-- | RSA encryption, decryption or signing error
RSAError :: Error -> Error

-- | Various cryptonite library error cases
CryptoError :: CryptoError -> Error

-- | Cannot decode compact representation
CompactDecodeError :: String -> Error

-- | JSON (Aeson) decoding error
JSONDecodeError :: String -> Error
JWSCritUnprotected :: Error

-- | <tt>AnyValidated</tt> policy active, and no valid signature
--   encountered
JWSNoValidSignatures :: Error

-- | <tt>AllValidated</tt> policy active, and invalid signature encountered
JWSInvalidSignature :: Error

-- | <tt>AllValidated</tt> policy active, and there were no signatures on
--   object that matched the allowed algorithms
JWSNoSignatures :: Error
class AsError r_aoZ4
_Error :: AsError r_aoZ4 => Prism' r_aoZ4 Error
_AlgorithmNotImplemented :: AsError r_aoZ4 => Prism' r_aoZ4 ()
_AlgorithmMismatch :: AsError r_aoZ4 => Prism' r_aoZ4 String
_KeyMismatch :: AsError r_aoZ4 => Prism' r_aoZ4 String
_KeySizeTooSmall :: AsError r_aoZ4 => Prism' r_aoZ4 ()
_OtherPrimesNotSupported :: AsError r_aoZ4 => Prism' r_aoZ4 ()
_RSAError :: AsError r_aoZ4 => Prism' r_aoZ4 Error
_CryptoError :: AsError r_aoZ4 => Prism' r_aoZ4 CryptoError
_CompactDecodeError :: AsError r_aoZ4 => Prism' r_aoZ4 String
_JSONDecodeError :: AsError r_aoZ4 => Prism' r_aoZ4 String
_JWSCritUnprotected :: AsError r_aoZ4 => Prism' r_aoZ4 ()
_JWSNoValidSignatures :: AsError r_aoZ4 => Prism' r_aoZ4 ()
_JWSInvalidSignature :: AsError r_aoZ4 => Prism' r_aoZ4 ()
_JWSNoSignatures :: AsError r_aoZ4 => Prism' r_aoZ4 ()
instance Crypto.JOSE.Error.AsError Crypto.JOSE.Error.Error
instance (Crypto.Random.Types.MonadRandom m, Control.Monad.Trans.Class.MonadTrans t, GHC.Base.Functor (t m), GHC.Base.Monad (t m)) => Crypto.Random.Types.MonadRandom (t m)
instance GHC.Show.Show Crypto.JOSE.Error.Error
instance GHC.Classes.Eq Crypto.JOSE.Error.Error


-- | JWS, JWE and some related specifications provide for "compact"
--   representations of certain types. This module defines classes and
--   functions for working with such data.
module Crypto.JOSE.Compact

-- | Data that can be parsed from a compact representation.
class FromCompact a
fromCompact :: (FromCompact a, AsError e, MonadError e m) => [ByteString] -> m a

-- | Decode a compact representation.
decodeCompact :: (FromCompact a, AsError e, MonadError e m) => ByteString -> m a

-- | Data that can be converted to a compact representation.
class ToCompact a
toCompact :: ToCompact a => a -> [ByteString]

-- | Encode data to a compact representation.
encodeCompact :: (ToCompact a) => a -> ByteString


-- | JSON Web Signature algorithms.
module Crypto.JOSE.JWA.JWS

-- | RFC 7518 §3.1. "alg" (Algorithm) Header Parameters Values for JWS
data Alg
HS256 :: Alg
HS384 :: Alg
HS512 :: Alg
RS256 :: Alg
RS384 :: Alg
RS512 :: Alg
ES256 :: Alg
ES384 :: Alg
ES512 :: Alg
PS256 :: Alg
PS384 :: Alg
PS512 :: Alg
None :: Alg
EdDSA :: Alg
instance GHC.Show.Show Crypto.JOSE.JWA.JWS.Alg
instance GHC.Classes.Ord Crypto.JOSE.JWA.JWS.Alg
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWS.Alg
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWS.Alg
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWS.Alg


-- | JSON Web Encryption algorithms.
module Crypto.JOSE.JWA.JWE.Alg

-- | RFC 7518 §4.1. "alg" (Algorithm) Header Parameter Values for JWE
--   
--   This section is shuffled off into its own module to avoid circular
--   import via Crypto.JOSE.JWK, which needs Alg.
data Alg
RSA1_5 :: Alg
RSA_OAEP :: Alg
RSA_OAEP_256 :: Alg
A128KW :: Alg
A192KW :: Alg
A256KW :: Alg
Dir :: Alg
ECDH_ES :: Alg
ECDH_ES_A128KW :: Alg
ECDH_ES_A192KW :: Alg
ECDH_ES_A256KW :: Alg
A128GCMKW :: Alg
A192GCMKW :: Alg
A256GCMKW :: Alg
PBES2_HS256_A128KW :: Alg
PBES2_HS384_A192KW :: Alg
PBES2_HS512_A256KW :: Alg
instance GHC.Show.Show Crypto.JOSE.JWA.JWE.Alg.Alg
instance GHC.Classes.Ord Crypto.JOSE.JWA.JWE.Alg.Alg
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWE.Alg.Alg
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWE.Alg.Alg
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWE.Alg.Alg


-- | Data types for the JOSE library.
module Crypto.JOSE.Types

-- | A base64url encoded octet sequence interpreted as an integer.
--   
--   The value is encoded in the minimum number of octets (no leading
--   zeros) with the exception of <tt>0</tt> which is encoded as
--   <tt>AA</tt>. A leading zero when decoding is an error.
newtype Base64Integer
Base64Integer :: Integer -> Base64Integer
_Base64Integer :: Iso' Base64Integer Integer

-- | A base64url encoded octet sequence interpreted as an integer and where
--   the number of octets carries explicit bit-length information.
data SizedBase64Integer
SizedBase64Integer :: Int -> Integer -> SizedBase64Integer

-- | Generate a <a>SizedBase64Integer</a> of the given number of bytes
genSizedBase64IntegerOf :: Int -> Gen SizedBase64Integer

-- | Parsed a <a>SizedBase64Integer</a> with an expected number of
--   <i>bytes</i>.
checkSize :: Int -> SizedBase64Integer -> Parser SizedBase64Integer

-- | A base64url encoded octet sequence. Used for payloads, signatures,
--   symmetric keys, salts, initialisation vectors, etc.
newtype Base64Octets
Base64Octets :: ByteString -> Base64Octets

-- | A base64url encoded SHA-1 digest. Used for X.509 certificate
--   thumbprints.
newtype Base64SHA1
Base64SHA1 :: ByteString -> Base64SHA1

-- | A base64url encoded SHA-256 digest. Used for X.509 certificate
--   thumbprints.
newtype Base64SHA256
Base64SHA256 :: ByteString -> Base64SHA256

-- | A base64 encoded X.509 certificate.
newtype Base64X509
Base64X509 :: SignedCertificate -> Base64X509

-- | Represents a general universal resource identifier using its component
--   parts.
--   
--   For example, for the URI
--   
--   <pre>
--   foo://anonymous@www.haskell.org:42/ghc?query#frag
--   </pre>
--   
--   the components are:
data URI

-- | Prism for encoding / decoding base64url.
--   
--   To encode, <tt><a>review</a> base64url</tt>. To decode,
--   <tt><a>preview</a> base64url</tt>.
--   
--   Works with any combinations of strict/lazy <tt>ByteString</tt>.
base64url :: (AsEmpty s1, AsEmpty s2, Cons s1 s1 Word8 Word8, Cons s2 s2 Word8 Word8) => Prism' s1 s2
instance GHC.Show.Show Crypto.JOSE.Types.Base64X509
instance GHC.Classes.Eq Crypto.JOSE.Types.Base64X509
instance GHC.Show.Show Crypto.JOSE.Types.Base64SHA256
instance GHC.Classes.Eq Crypto.JOSE.Types.Base64SHA256
instance GHC.Show.Show Crypto.JOSE.Types.Base64SHA1
instance GHC.Classes.Eq Crypto.JOSE.Types.Base64SHA1
instance GHC.Show.Show Crypto.JOSE.Types.Base64Octets
instance GHC.Classes.Eq Crypto.JOSE.Types.Base64Octets
instance GHC.Show.Show Crypto.JOSE.Types.SizedBase64Integer
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.Types.Base64X509
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.Types.Base64X509
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.Types.Base64SHA256
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.Types.Base64SHA256
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.Types.Base64SHA256
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.Types.Base64SHA1
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.Types.Base64SHA1
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.Types.Base64SHA1
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.Types.Base64Octets
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.Types.Base64Octets
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.Types.Base64Octets
instance GHC.Classes.Eq Crypto.JOSE.Types.SizedBase64Integer
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.Types.SizedBase64Integer
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.Types.SizedBase64Integer
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.Types.SizedBase64Integer
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.Types.Base64Integer
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.Types.Base64Integer
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.Types.Base64Integer
instance GHC.Show.Show Crypto.JOSE.Types.Base64Integer
instance GHC.Classes.Eq Crypto.JOSE.Types.Base64Integer


-- | Cryptographic Algorithms for Keys.
module Crypto.JOSE.JWA.JWK

-- | Keys that may have have public material
class AsPublicKey k

-- | Get the public key
asPublicKey :: AsPublicKey k => Getter k (Maybe k)

-- | "crv" (Curve) Parameter
data Crv
P_256 :: Crv
P_384 :: Crv
P_521 :: Crv

-- | Parameters for Elliptic Curve Keys
data ECKeyParameters
ecCrv :: Getter ECKeyParameters Crv
ecX :: Getter ECKeyParameters SizedBase64Integer
ecY :: Getter ECKeyParameters SizedBase64Integer
ecD :: Getter ECKeyParameters (Maybe SizedBase64Integer)
curve :: Crv -> Curve
point :: ECKeyParameters -> Point
ecPrivateKey :: (MonadError e m, AsError e) => ECKeyParameters -> m Integer

-- | "oth" (Other Primes Info) Parameter
data RSAPrivateKeyOthElem
RSAPrivateKeyOthElem :: Base64Integer -> Base64Integer -> Base64Integer -> RSAPrivateKeyOthElem
[rOth] :: RSAPrivateKeyOthElem -> Base64Integer
[dOth] :: RSAPrivateKeyOthElem -> Base64Integer
[tOth] :: RSAPrivateKeyOthElem -> Base64Integer

-- | Optional parameters for RSA private keys
data RSAPrivateKeyOptionalParameters
RSAPrivateKeyOptionalParameters :: Base64Integer -> Base64Integer -> Base64Integer -> Base64Integer -> Base64Integer -> Maybe (NonEmpty RSAPrivateKeyOthElem) -> RSAPrivateKeyOptionalParameters
[rsaP] :: RSAPrivateKeyOptionalParameters -> Base64Integer
[rsaQ] :: RSAPrivateKeyOptionalParameters -> Base64Integer
[rsaDp] :: RSAPrivateKeyOptionalParameters -> Base64Integer
[rsaDq] :: RSAPrivateKeyOptionalParameters -> Base64Integer
[rsaQi] :: RSAPrivateKeyOptionalParameters -> Base64Integer
[rsaOth] :: RSAPrivateKeyOptionalParameters -> Maybe (NonEmpty RSAPrivateKeyOthElem)

-- | RSA private key parameters
data RSAPrivateKeyParameters
RSAPrivateKeyParameters :: Base64Integer -> Maybe RSAPrivateKeyOptionalParameters -> RSAPrivateKeyParameters
[rsaD] :: RSAPrivateKeyParameters -> Base64Integer
[rsaOptionalParameters] :: RSAPrivateKeyParameters -> Maybe RSAPrivateKeyOptionalParameters

-- | Parameters for RSA Keys
data RSAKeyParameters
RSAKeyParameters :: Base64Integer -> Base64Integer -> Maybe RSAPrivateKeyParameters -> RSAKeyParameters
toRSAKeyParameters :: PrivateKey -> RSAKeyParameters
rsaE :: Lens' RSAKeyParameters Base64Integer
rsaN :: Lens' RSAKeyParameters Base64Integer
rsaPrivateKeyParameters :: Lens' RSAKeyParameters (Maybe RSAPrivateKeyParameters)
rsaPublicKey :: RSAKeyParameters -> PublicKey
genRSA :: MonadRandom m => Int -> m RSAKeyParameters

-- | Symmetric key parameters data.
newtype OctKeyParameters
OctKeyParameters :: Base64Octets -> OctKeyParameters
octK :: Iso' OctKeyParameters Base64Octets
data OKPKeyParameters
Ed25519Key :: PublicKey -> (Maybe SecretKey) -> OKPKeyParameters
X25519Key :: PublicKey -> (Maybe SecretKey) -> OKPKeyParameters
data OKPCrv
Ed25519 :: OKPCrv
X25519 :: OKPCrv

-- | Keygen parameters.
data KeyMaterialGenParam

-- | Generate an EC key with specified curve.
ECGenParam :: Crv -> KeyMaterialGenParam

-- | Generate an RSA key with specified size in <i>bytes</i>.
RSAGenParam :: Int -> KeyMaterialGenParam

-- | Generate a symmetric key with specified size in <i>bytes</i>.
OctGenParam :: Int -> KeyMaterialGenParam

-- | Generate an EdDSA or Edwards ECDH key with specified curve.
OKPGenParam :: OKPCrv -> KeyMaterialGenParam

-- | Key material sum type.
data KeyMaterial
ECKeyMaterial :: ECKeyParameters -> KeyMaterial
RSAKeyMaterial :: RSAKeyParameters -> KeyMaterial
OctKeyMaterial :: OctKeyParameters -> KeyMaterial
OKPKeyMaterial :: OKPKeyParameters -> KeyMaterial
genKeyMaterial :: MonadRandom m => KeyMaterialGenParam -> m KeyMaterial
sign :: (MonadRandom m, MonadError e m, AsError e) => Alg -> KeyMaterial -> ByteString -> m ByteString
verify :: (MonadError e m, AsError e) => Alg -> KeyMaterial -> ByteString -> ByteString -> m Bool
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.KeyMaterialGenParam
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.KeyMaterialGenParam
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.KeyMaterial
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.KeyMaterial
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.OKPCrv
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.OKPCrv
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.OKPKeyParameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.OctKeyParameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.OctKeyParameters
instance Crypto.JOSE.JWA.JWK.AsPublicKey Crypto.JOSE.JWA.JWK.RSAKeyParameters
instance Crypto.JOSE.JWA.JWK.AsPublicKey Crypto.JOSE.JWA.JWK.ECKeyParameters
instance Crypto.JOSE.JWA.JWK.AsPublicKey Crypto.JOSE.JWA.JWK.OKPKeyParameters
instance Crypto.JOSE.JWA.JWK.AsPublicKey Crypto.JOSE.JWA.JWK.KeyMaterial
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.KeyMaterialGenParam
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.KeyMaterial
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.KeyMaterial
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.KeyMaterial
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.OKPCrv
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.OKPKeyParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.OKPKeyParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.OKPKeyParameters
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.OKPKeyParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.OctKeyParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.OctKeyParameters
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.OctKeyParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.RSAKeyParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.RSAKeyParameters
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.RSAKeyParameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.RSAKeyParameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.RSAKeyParameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.ECKeyParameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.ECKeyParameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.RSAPrivateKeyParameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.RSAPrivateKeyParameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.RSAPrivateKeyOptionalParameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.RSAPrivateKeyOptionalParameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.RSAPrivateKeyOthElem
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.RSAPrivateKeyOthElem
instance GHC.Show.Show Crypto.JOSE.JWA.JWK.Crv
instance GHC.Classes.Ord Crypto.JOSE.JWA.JWK.Crv
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWK.Crv
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.ECKeyParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.ECKeyParameters
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.ECKeyParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.RSAPrivateKeyParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.RSAPrivateKeyParameters
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.RSAPrivateKeyParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.RSAPrivateKeyOptionalParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.RSAPrivateKeyOptionalParameters
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.RSAPrivateKeyOptionalParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.RSAPrivateKeyOthElem
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.RSAPrivateKeyOthElem
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.RSAPrivateKeyOthElem
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWK.Crv
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWK.Crv
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWA.JWK.Crv


-- | A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data
--   structure that represents a cryptographic key. This module also
--   defines a JSON Web Key Set (JWK Set) JSON data structure for
--   representing a set of JWKs.
--   
--   <pre>
--   -- Generate RSA JWK and set "kid" param to
--   -- base64url-encoded SHA-256 thumbprint of key.
--   --
--   doGen :: IO JWK
--   doGen = do
--     jwk &lt;- <a>genJWK</a> (RSAGenParam (4096 `div` 8))
--     let
--       h = view <a>thumbprint</a> jwk :: Digest SHA256
--       kid = view (re (<tt>base64url</tt> . <a>digest</a>) . utf8) h
--     pure $ set <a>jwkKid</a> (Just kid) jwk
--   </pre>
module Crypto.JOSE.JWK

-- | Generate a JWK. Apart from key parameters, no other parameters are
--   set.
genJWK :: MonadRandom m => KeyMaterialGenParam -> m JWK

-- | Keygen parameters.
data KeyMaterialGenParam

-- | Generate an EC key with specified curve.
ECGenParam :: Crv -> KeyMaterialGenParam

-- | Generate an RSA key with specified size in <i>bytes</i>.
RSAGenParam :: Int -> KeyMaterialGenParam

-- | Generate a symmetric key with specified size in <i>bytes</i>.
OctGenParam :: Int -> KeyMaterialGenParam

-- | Generate an EdDSA or Edwards ECDH key with specified curve.
OKPGenParam :: OKPCrv -> KeyMaterialGenParam

-- | "crv" (Curve) Parameter
data Crv
P_256 :: Crv
P_384 :: Crv
P_521 :: Crv
data OKPCrv
Ed25519 :: OKPCrv
X25519 :: OKPCrv

-- | RFC 7517 §4. JSON Web Key (JWK) Format
data JWK

-- | Keys that may have have public material
class AsPublicKey k

-- | Get the public key
asPublicKey :: AsPublicKey k => Getter k (Maybe k)
jwkMaterial :: Lens' JWK KeyMaterial
jwkUse :: Lens' JWK (Maybe KeyUse)

-- | RFC 7517 §4.2. "use" (Public Key Use) Parameter
data KeyUse
Sig :: KeyUse
Enc :: KeyUse
jwkKeyOps :: Lens' JWK (Maybe [KeyOp])

-- | RFC 7517 §4.3. "key_ops" (Key Operations) Parameter
data KeyOp
Sign :: KeyOp
Verify :: KeyOp
Encrypt :: KeyOp
Decrypt :: KeyOp
WrapKey :: KeyOp
UnwrapKey :: KeyOp
DeriveKey :: KeyOp
DeriveBits :: KeyOp
jwkAlg :: Lens' JWK (Maybe JWKAlg)

-- | RFC 7517 §4.4. "alg" (Algorithm) Parameter
--   
--   See also RFC 7518 §6.4. which states that for "oct" keys, an "alg"
--   member SHOULD be present to identify the algorithm intended to be used
--   with the key, unless the application uses another means or convention
--   to determine the algorithm used.
data JWKAlg
JWSAlg :: Alg -> JWKAlg
JWEAlg :: Alg -> JWKAlg
jwkKid :: Lens' JWK (Maybe Text)
jwkX5u :: Lens' JWK (Maybe URI)
jwkX5c :: Lens' JWK (Maybe (NonEmpty Base64X509))
jwkX5t :: Lens' JWK (Maybe Base64SHA1)
jwkX5tS256 :: Lens' JWK (Maybe Base64SHA256)
fromKeyMaterial :: KeyMaterial -> JWK

-- | Convert RSA private key into a JWK
fromRSA :: PrivateKey -> JWK

-- | Convert octet string into a JWK
fromOctets :: Cons s s Word8 Word8 => s -> JWK

-- | Compute the JWK Thumbprint of a JWK
thumbprint :: HashAlgorithm a => Getter JWK (Digest a)

-- | Prism from ByteString to <tt>HashAlgorithm a =&gt; Digest a</tt>.
--   
--   Use <tt><a>re</a> digest</tt> to view the bytes of a digest
digest :: HashAlgorithm a => Prism' ByteString (Digest a)

-- | Prism for encoding / decoding base64url.
--   
--   To encode, <tt><a>review</a> base64url</tt>. To decode,
--   <tt><a>preview</a> base64url</tt>.
--   
--   Works with any combinations of strict/lazy <tt>ByteString</tt>.
base64url :: (AsEmpty s1, AsEmpty s2, Cons s1 s1 Word8 Word8, Cons s2 s2 Word8 Word8) => Prism' s1 s2

-- | RFC 7517 §5. JWK Set Format
newtype JWKSet
JWKSet :: [JWK] -> JWKSet

-- | Choose the cryptographically strongest JWS algorithm for a given key.
--   The JWK "alg" algorithm parameter is ignored.
bestJWSAlg :: (MonadError e m, AsError e) => JWK -> m Alg
instance GHC.Show.Show Crypto.JOSE.JWK.JWKSet
instance GHC.Classes.Eq Crypto.JOSE.JWK.JWKSet
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWK.JWKSet
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWK.JWKSet
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWK.JWK
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWK.JWK
instance Test.QuickCheck.Arbitrary.Arbitrary Crypto.JOSE.JWK.JWK
instance Crypto.JOSE.JWA.JWK.AsPublicKey Crypto.JOSE.JWK.JWK
instance GHC.Show.Show Crypto.JOSE.JWK.JWK
instance GHC.Classes.Eq Crypto.JOSE.JWK.JWK
instance GHC.Show.Show Crypto.JOSE.JWK.KeyUse
instance GHC.Classes.Ord Crypto.JOSE.JWK.KeyUse
instance GHC.Classes.Eq Crypto.JOSE.JWK.KeyUse
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWK.KeyUse
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWK.KeyUse
instance GHC.Show.Show Crypto.JOSE.JWK.KeyOp
instance GHC.Classes.Ord Crypto.JOSE.JWK.KeyOp
instance GHC.Classes.Eq Crypto.JOSE.JWK.KeyOp
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWK.KeyOp
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWK.KeyOp
instance GHC.Show.Show Crypto.JOSE.JWK.JWKAlg
instance GHC.Classes.Eq Crypto.JOSE.JWK.JWKAlg
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWK.JWKAlg
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWK.JWKAlg


-- | JSON Web Encryption data types specified under JSON Web Algorithms.
module Crypto.JOSE.JWA.JWE

-- | RFC 7518 §4. Cryptographic Algorithms for Key Management
data AlgWithParams
RSA1_5 :: AlgWithParams
RSA_OAEP :: AlgWithParams
RSA_OAEP_256 :: AlgWithParams
A128KW :: AlgWithParams
A192KW :: AlgWithParams
A256KW :: AlgWithParams
Dir :: AlgWithParams
ECDH_ES :: ECDHParameters -> AlgWithParams
ECDH_ES_A128KW :: ECDHParameters -> AlgWithParams
ECDH_ES_A192KW :: ECDHParameters -> AlgWithParams
ECDH_ES_A256KW :: ECDHParameters -> AlgWithParams
A128GCMKW :: AESGCMParameters -> AlgWithParams
A192GCMKW :: AESGCMParameters -> AlgWithParams
A256GCMKW :: AESGCMParameters -> AlgWithParams
PBES2_HS256_A128KW :: PBES2Parameters -> AlgWithParams
PBES2_HS384_A192KW :: PBES2Parameters -> AlgWithParams
PBES2_HS512_A256KW :: PBES2Parameters -> AlgWithParams
algObject :: Value -> Value
algWithParamsObject :: ToJSON a => a -> Value -> Value

-- | RFC 7518 §4.6.1. Header Parameters Used for ECDH Key Agreement
data ECDHParameters
ECDHParameters :: JWK -> Maybe Base64Octets -> Maybe Base64Octets -> ECDHParameters

-- | Ephemeral Public Key ; a JWK PUBLIC key
[_epk] :: ECDHParameters -> JWK

-- | Agreement PartyUInfo
[_apu] :: ECDHParameters -> Maybe Base64Octets

-- | Agreement PartyVInfo
[_apv] :: ECDHParameters -> Maybe Base64Octets

-- | RFC 7518 §4.7.1. Header Parameters Used for AES GCM Key Encryption
data AESGCMParameters
AESGCMParameters :: Base64Octets -> Base64Octets -> AESGCMParameters

-- | Initialization Vector (must be 96 bits?)
[_iv] :: AESGCMParameters -> Base64Octets

-- | Authentication Tag (must be 128 bits?)
[_tag] :: AESGCMParameters -> Base64Octets

-- | RFC 7518 §4.8.1. Header Parameters Used for PBES2 Key Encryption
data PBES2Parameters
PBES2Parameters :: Base64Octets -> Int -> PBES2Parameters

-- | PBKDF2 salt input
[_p2s] :: PBES2Parameters -> Base64Octets

-- | PBKDF2 iteration count ; POSITIVE integer
[_p2c] :: PBES2Parameters -> Int

-- | RFC 7518 §5 Cryptographic Algorithms for Content Encryption
data Enc
A128CBC_HS256 :: Enc
A192CBC_HS384 :: Enc
A256CBC_HS512 :: Enc
A128GCM :: Enc
A192GCM :: Enc
A256GCM :: Enc
instance GHC.Show.Show Crypto.JOSE.JWA.JWE.Enc
instance GHC.Classes.Ord Crypto.JOSE.JWA.JWE.Enc
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWE.Enc
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWE.Enc
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWE.Enc
instance GHC.Show.Show Crypto.JOSE.JWA.JWE.AlgWithParams
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWE.AlgWithParams
instance GHC.Show.Show Crypto.JOSE.JWA.JWE.PBES2Parameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWE.PBES2Parameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWE.AESGCMParameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWE.AESGCMParameters
instance GHC.Show.Show Crypto.JOSE.JWA.JWE.ECDHParameters
instance GHC.Classes.Eq Crypto.JOSE.JWA.JWE.ECDHParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWE.AlgWithParams
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWE.AlgWithParams
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWE.PBES2Parameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWE.PBES2Parameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWE.AESGCMParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWE.AESGCMParameters
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JOSE.JWA.JWE.ECDHParameters
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JOSE.JWA.JWE.ECDHParameters


-- | Types and functions for working with JOSE header parameters.
module Crypto.JOSE.Header

-- | A header value, along with a protection indicator.
data HeaderParam p a
HeaderParam :: p -> a -> HeaderParam p a
class Eq a => ProtectionIndicator a

-- | Get a value for indicating protection.
getProtected :: ProtectionIndicator a => a

-- | Get a <a>Just</a> a value for indicating no protection, or
--   <a>Nothing</a> if the type does not support unprotected headers.
getUnprotected :: ProtectionIndicator a => Maybe a

-- | Whether a header is protected or unprotected
data Protection
Protected :: Protection
Unprotected :: Protection

-- | Lens for the <a>Protection</a> of a <a>HeaderParam</a>
protection :: Lens' (HeaderParam p a) p

-- | Getter for whether a parameter is protected
isProtected :: (ProtectionIndicator p) => Getter (HeaderParam p a) Bool

-- | Lens for a <a>HeaderParam</a> value
param :: Lens' (HeaderParam p a) a

-- | A thing with parameters.
class HasParams (a :: * -> *)

-- | Return a list of parameters, each paired with whether it is protected
--   or not.
params :: (HasParams a, ProtectionIndicator p) => a p -> [(Bool, Pair)]

-- | List of "known extensions", i.e. keys that may appear in the "crit"
--   header parameter.
extensions :: HasParams a => Proxy a -> [Text]
parseParamsFor :: (HasParams a, HasParams b, ProtectionIndicator p) => Proxy b -> Maybe Object -> Maybe Object -> Parser (a p)

-- | Parse a required parameter that may be carried in either the protected
--   or the unprotected header.
headerRequired :: (FromJSON a, ProtectionIndicator p) => Text -> Maybe Object -> Maybe Object -> Parser (HeaderParam p a)

-- | Parse a required parameter that MUST be carried in the protected
--   header.
headerRequiredProtected :: FromJSON a => Text -> Maybe Object -> Maybe Object -> Parser a

-- | Parse an optional parameter that may be carried in either the
--   protected or the unprotected header.
headerOptional :: (FromJSON a, ProtectionIndicator p) => Text -> Maybe Object -> Maybe Object -> Parser (Maybe (HeaderParam p a))

-- | Parse an optional parameter that, if present, MUST be carried in the
--   protected header.
headerOptionalProtected :: FromJSON a => Text -> Maybe Object -> Maybe Object -> Parser (Maybe a)

-- | Parse a pair of objects (protected and unprotected header)
--   
--   This internally invokes <a>parseParamsFor</a> applied to a proxy for
--   the target type. (This allows the parsing of the "crit" parameter to
--   access "known extensions" understood by the target type.)
parseParams :: forall a p. (HasParams a, ProtectionIndicator p) => Maybe Object -> Maybe Object -> Parser (a p)

-- | Parse a "crit" header param
--   
--   Fails if:
--   
--   <ul>
--   <li>any reserved header appears in "crit" header</li>
--   <li>any value in "crit" is not a recognised extension</li>
--   <li>any value in "crit" does not have a corresponding key in the
--   object</li>
--   </ul>
parseCrit :: (Foldable t0, Foldable t1, Traversable t2, Traversable t3, Monad m) => t0 Text -> t1 Text -> Object -> t2 (t3 Text) -> m (t2 (t3 Text))

-- | Return the encoded protected parameters
protectedParamsEncoded :: (HasParams a, ProtectionIndicator p) => a p -> ByteString

-- | Return unprotected params as a JSON <a>Value</a> (always an object)
unprotectedParams :: (HasParams a, ProtectionIndicator p) => a p -> Maybe Value
class HasAlg a
alg :: HasAlg a => Lens' (a p) (HeaderParam p Alg)
class HasJku a
jku :: HasJku a => Lens' (a p) (Maybe (HeaderParam p URI))
class HasJwk a
jwk :: HasJwk a => Lens' (a p) (Maybe (HeaderParam p JWK))
class HasKid a
kid :: HasKid a => Lens' (a p) (Maybe (HeaderParam p String))
class HasX5u a
x5u :: HasX5u a => Lens' (a p) (Maybe (HeaderParam p URI))
class HasX5c a
x5c :: HasX5c a => Lens' (a p) (Maybe (HeaderParam p (NonEmpty Base64X509)))
class HasX5t a
x5t :: HasX5t a => Lens' (a p) (Maybe (HeaderParam p Base64SHA1))
class HasX5tS256 a
x5tS256 :: HasX5tS256 a => Lens' (a p) (Maybe (HeaderParam p Base64SHA256))
class HasTyp a
typ :: HasTyp a => Lens' (a p) (Maybe (HeaderParam p String))
class HasCty a
cty :: HasCty a => Lens' (a p) (Maybe (HeaderParam p String))
class HasCrit a
crit :: HasCrit a => Lens' (a p) (Maybe (NonEmpty Text))
instance (GHC.Show.Show p, GHC.Show.Show a) => GHC.Show.Show (Crypto.JOSE.Header.HeaderParam p a)
instance (GHC.Classes.Eq p, GHC.Classes.Eq a) => GHC.Classes.Eq (Crypto.JOSE.Header.HeaderParam p a)
instance GHC.Show.Show Crypto.JOSE.Header.Protection
instance GHC.Classes.Eq Crypto.JOSE.Header.Protection
instance Crypto.JOSE.Header.ProtectionIndicator Crypto.JOSE.Header.Protection
instance Crypto.JOSE.Header.ProtectionIndicator ()


-- | A <a>JWKStore</a> provides JWK enumeration and lookup.
module Crypto.JOSE.JWK.Store
class JWKStore a

-- | Enumerate keys
keys :: JWKStore a => Fold a JWK

-- | Look up key by JWS/JWE header
keysFor :: (JWKStore a, HasAlg h, HasJku h, HasJwk h, HasKid h, HasX5u h, HasX5c h, HasX5t h, HasX5tS256 h, HasTyp h, HasCty h) => KeyOp -> h p -> Fold a JWK
instance Crypto.JOSE.JWK.Store.JWKStore Crypto.JOSE.JWK.JWK
instance Crypto.JOSE.JWK.Store.JWKStore Crypto.JOSE.JWK.JWKSet


-- | JSON Web Signature (JWS) represents content secured with digital
--   signatures or Message Authentication Codes (MACs) using JavaScript
--   Object Notation (JSON) based data structures. It is defined in <a>RFC
--   7515</a>.
--   
--   <pre>
--   doJwsSign :: <a>JWK</a> -&gt; L.ByteString -&gt; IO (Either <a>Error</a> (<a>GeneralJWS</a> <a>JWSHeader</a>))
--   doJwsSign jwk payload = runExceptT $ do
--     alg &lt;- <a>bestJWSAlg</a> jwk
--     <a>signJWS</a> payload [(<a>newJWSHeader</a> (<a>Protected</a>, alg), jwk)]
--   
--   doJwsVerify :: <a>JWK</a> -&gt; <a>GeneralJWS</a> <a>JWSHeader</a> -&gt; IO (Either <a>Error</a> ())
--   doJwsVerify jwk jws = runExceptT $ <a>verifyJWS'</a> jwk jws
--   </pre>
module Crypto.JOSE.JWS

-- | JSON Web Signature data type. The payload can only be accessed by
--   verifying the JWS.
--   
--   Parameterised by the signature container type, the header
--   <a>ProtectionIndicator</a> type, and the header record type.
--   
--   Use <a>encode</a> and <a>decode</a> to convert a JWS to or from JSON.
--   When encoding a <tt><a>JWS</a> []</tt> with exactly one signature, the
--   <i>flattened JWS JSON serialisation</i> syntax is used, otherwise the
--   <i>general JWS JSON serialisation</i> is used. When decoding a
--   <tt><a>JWS</a> []</tt> either serialisation is accepted.
--   
--   <tt><a>JWS</a> <a>Identity</a></tt> uses the flattened JSON
--   serialisation or the <i>JWS compact serialisation</i> (see
--   <a>decodeCompact</a> and <a>encodeCompact</a>).
--   
--   Use <a>signJWS</a> to create a signed/MACed JWS.
--   
--   Use <a>verifyJWS</a> to verify a JWS and extract the payload.
data JWS t p a

-- | A JWS that allows multiple signatures, and cannot use the <i>compact
--   serialisation</i>. Headers may be <a>Protected</a> or
--   <a>Unprotected</a>.
type GeneralJWS = JWS [] Protection

-- | A JWS with one signature, which uses the <i>flattened
--   serialisation</i>. Headers may be <a>Protected</a> or
--   <a>Unprotected</a>.
type FlattenedJWS = JWS Identity Protection

-- | A JWS with one signature which only allows protected parameters. Can
--   use the <i>flattened serialisation</i> or the <i>compact
--   serialisation</i>.
type CompactJWS = JWS Identity ()

-- | Construct a minimal header with the given algorithm and protection
--   indicator for the <i>alg</i> header.
newJWSHeader :: (p, Alg) -> (JWSHeader p)

-- | Create a signed or MACed JWS with the given payload by traversing a
--   collection of <tt>(header, key)</tt> pairs.
signJWS :: (Cons s s Word8 Word8, HasJWSHeader a, HasParams a, MonadRandom m, AsError e, MonadError e m, Traversable t, ProtectionIndicator p) => s -> t ((a p), JWK) -> m (JWS t p a)

-- | Verify a JWS.
--   
--   Signatures made with an unsupported algorithms are ignored. If the
--   validation policy is <a>AnyValidated</a>, a single successfully
--   validated signature is sufficient. If the validation policy is
--   <a>AllValidated</a> then all remaining signatures (there must be at
--   least one) must be valid.
--   
--   Returns the payload if successfully verified.
verifyJWS :: (HasAlgorithms a, HasValidationPolicy a, AsError e, MonadError e m, HasJWSHeader h, HasParams h, JWKStore k, Cons s s Word8 Word8, AsEmpty s, Foldable t, ProtectionIndicator p) => a -> k -> JWS t p h -> m s

-- | Verify a JWS with the default validation settings.
--   
--   See also <a>defaultValidationSettings</a>.
verifyJWS' :: (AsError e, MonadError e m, HasJWSHeader h, HasParams h, JWKStore k, Cons s s Word8 Word8, AsEmpty s, Foldable t, ProtectionIndicator p) => k -> JWS t p h -> m s

-- | The default validation settings.
--   
--   <ul>
--   <li>All algorithms except "none" are acceptable.</li>
--   <li>All signatures must be valid (and there must be at least one
--   signature.)</li>
--   </ul>
defaultValidationSettings :: ValidationSettings

-- | Validation settings:
--   
--   <ul>
--   <li>The set of acceptable signature algorithms</li>
--   <li>The validation policy</li>
--   </ul>
data ValidationSettings

-- | Validation policy.
data ValidationPolicy

-- | One successfully validated signature is sufficient
AnyValidated :: ValidationPolicy

-- | All signatures in all configured algorithms must be validated. No
--   signatures in configured algorithms is also an error.
AllValidated :: ValidationPolicy
class HasValidationSettings a
validationSettings :: HasValidationSettings a => Lens' a ValidationSettings
validationSettingsAlgorithms :: HasValidationSettings a => Lens' a (Set Alg)
validationSettingsValidationPolicy :: HasValidationSettings a => Lens' a ValidationPolicy
class HasAlgorithms s
algorithms :: HasAlgorithms s => Lens' s (Set Alg)
class HasValidationPolicy s
validationPolicy :: HasValidationPolicy s => Lens' s ValidationPolicy
signatures :: Foldable t => Fold (JWS t p a) (Signature p a)

-- | Signature object containing header, and signature bytes.
--   
--   If it was decoded from a serialised JWS, it "remembers" how the
--   protected header was encoded; the remembered value is used when
--   computing the signing input and when serialising the object.
--   
--   The remembered value is not used in equality checks, i.e. two decoded
--   signatures with differently serialised by otherwise equal protected
--   headers, and equal signature bytes, are equal.
data Signature p a

-- | Getter for header of a signature
header :: Getter (Signature p a) (a p)

-- | Getter for signature bytes
signature :: (Cons s s Word8 Word8, AsEmpty s) => Getter (Signature p a) s

-- | RFC 7518 §3.1. "alg" (Algorithm) Header Parameters Values for JWS
data Alg
HS256 :: Alg
HS384 :: Alg
HS512 :: Alg
RS256 :: Alg
RS384 :: Alg
RS512 :: Alg
ES256 :: Alg
ES384 :: Alg
ES512 :: Alg
PS256 :: Alg
PS384 :: Alg
PS512 :: Alg
None :: Alg
EdDSA :: Alg
class HasJWSHeader a
jwsHeader :: HasJWSHeader a => Lens' (a p) (JWSHeader p)

-- | JWS Header data type.
data JWSHeader p
instance GHC.Classes.Eq Crypto.JOSE.JWS.ValidationPolicy
instance GHC.Show.Show (a p) => GHC.Show.Show (Crypto.JOSE.JWS.Signature p a)
instance GHC.Show.Show p => GHC.Show.Show (Crypto.JOSE.JWS.JWSHeader p)
instance GHC.Classes.Eq p => GHC.Classes.Eq (Crypto.JOSE.JWS.JWSHeader p)
instance Crypto.JOSE.JWS.HasValidationSettings a => Crypto.JOSE.JWS.HasValidationPolicy a
instance Crypto.JOSE.JWS.HasValidationSettings a => Crypto.JOSE.JWS.HasAlgorithms a
instance Crypto.JOSE.JWS.HasValidationSettings Crypto.JOSE.JWS.ValidationSettings
instance GHC.Classes.Eq (t (Crypto.JOSE.JWS.Signature p a)) => GHC.Classes.Eq (Crypto.JOSE.JWS.JWS t p a)
instance GHC.Show.Show (t (Crypto.JOSE.JWS.Signature p a)) => GHC.Show.Show (Crypto.JOSE.JWS.JWS t p a)
instance (Crypto.JOSE.Header.HasParams a, Crypto.JOSE.Header.ProtectionIndicator p) => Data.Aeson.Types.FromJSON.FromJSON (Crypto.JOSE.JWS.JWS [] p a)
instance (Crypto.JOSE.Header.HasParams a, Crypto.JOSE.Header.ProtectionIndicator p) => Data.Aeson.Types.FromJSON.FromJSON (Crypto.JOSE.JWS.JWS Data.Functor.Identity.Identity p a)
instance (Crypto.JOSE.Header.HasParams a, Crypto.JOSE.Header.ProtectionIndicator p) => Data.Aeson.Types.ToJSON.ToJSON (Crypto.JOSE.JWS.JWS [] p a)
instance (Crypto.JOSE.Header.HasParams a, Crypto.JOSE.Header.ProtectionIndicator p) => Data.Aeson.Types.ToJSON.ToJSON (Crypto.JOSE.JWS.JWS Data.Functor.Identity.Identity p a)
instance Crypto.JOSE.Header.HasParams a => Crypto.JOSE.Compact.ToCompact (Crypto.JOSE.JWS.JWS Data.Functor.Identity.Identity () a)
instance Crypto.JOSE.Header.HasParams a => Crypto.JOSE.Compact.FromCompact (Crypto.JOSE.JWS.JWS Data.Functor.Identity.Identity () a)
instance GHC.Classes.Eq (a p) => GHC.Classes.Eq (Crypto.JOSE.JWS.Signature p a)
instance (Crypto.JOSE.Header.HasParams a, Crypto.JOSE.Header.ProtectionIndicator p) => Data.Aeson.Types.FromJSON.FromJSON (Crypto.JOSE.JWS.Signature p a)
instance (Crypto.JOSE.Header.HasParams a, Crypto.JOSE.Header.ProtectionIndicator p) => Data.Aeson.Types.ToJSON.ToJSON (Crypto.JOSE.JWS.Signature p a)
instance Crypto.JOSE.JWS.HasJWSHeader Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasAlg a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasJku a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasJwk a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasKid a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasX5u a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasX5c a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasX5t a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasX5tS256 a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasTyp a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasCty a
instance Crypto.JOSE.JWS.HasJWSHeader a => Crypto.JOSE.Header.HasCrit a
instance Crypto.JOSE.Header.HasAlg Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasJku Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasJwk Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasKid Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasX5u Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasX5c Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasX5t Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasX5tS256 Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasTyp Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasCty Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasCrit Crypto.JOSE.JWS.JWSHeader
instance Crypto.JOSE.Header.HasParams Crypto.JOSE.JWS.JWSHeader


-- | Prelude for the library.
module Crypto.JOSE

module Crypto.JOSE.JWE
data JWEHeader p
JWEHeader :: Maybe AlgWithParams -> HeaderParam p Enc -> Maybe String -> Maybe (HeaderParam p URI) -> Maybe (HeaderParam p JWK) -> Maybe (HeaderParam p String) -> Maybe (HeaderParam p URI) -> Maybe (HeaderParam p (NonEmpty Base64X509)) -> Maybe (HeaderParam p Base64SHA1) -> Maybe (HeaderParam p Base64SHA256) -> Maybe (HeaderParam p String) -> Maybe (HeaderParam p String) -> Maybe (NonEmpty Text) -> JWEHeader p
[_jweAlg] :: JWEHeader p -> Maybe AlgWithParams
[_jweEnc] :: JWEHeader p -> HeaderParam p Enc
[_jweZip] :: JWEHeader p -> Maybe String
[_jweJku] :: JWEHeader p -> Maybe (HeaderParam p URI)
[_jweJwk] :: JWEHeader p -> Maybe (HeaderParam p JWK)
[_jweKid] :: JWEHeader p -> Maybe (HeaderParam p String)
[_jweX5u] :: JWEHeader p -> Maybe (HeaderParam p URI)
[_jweX5c] :: JWEHeader p -> Maybe (HeaderParam p (NonEmpty Base64X509))
[_jweX5t] :: JWEHeader p -> Maybe (HeaderParam p Base64SHA1)
[_jweX5tS256] :: JWEHeader p -> Maybe (HeaderParam p Base64SHA256)

-- | Content Type (of object)
[_jweTyp] :: JWEHeader p -> Maybe (HeaderParam p String)

-- | Content Type (of payload)
[_jweCty] :: JWEHeader p -> Maybe (HeaderParam p String)
[_jweCrit] :: JWEHeader p -> Maybe (NonEmpty Text)
data JWE a p
JWE :: (Maybe Text) -> Maybe Base64Octets -> Maybe Base64Octets -> Base64Octets -> Maybe Base64Octets -> [JWERecipient a p] -> JWE a p

-- | Encoded protected header, if available
[_protectedRaw] :: JWE a p -> (Maybe Text)

-- | JWE Initialization Vector
[_jweIv] :: JWE a p -> Maybe Base64Octets

-- | JWE AAD
[_jweAad] :: JWE a p -> Maybe Base64Octets

-- | JWE Ciphertext
[_jweCiphertext] :: JWE a p -> Base64Octets

-- | JWE Authentication Tag
[_jweTag] :: JWE a p -> Maybe Base64Octets
[_jweRecipients] :: JWE a p -> [JWERecipient a p]
instance GHC.Show.Show p => GHC.Show.Show (Crypto.JOSE.JWE.JWEHeader p)
instance GHC.Classes.Eq p => GHC.Classes.Eq (Crypto.JOSE.JWE.JWEHeader p)
instance GHC.Show.Show Crypto.JOSE.JWE.CritParameters
instance GHC.Classes.Eq Crypto.JOSE.JWE.CritParameters
instance (Crypto.JOSE.Header.HasParams a, Crypto.JOSE.Header.ProtectionIndicator p) => Data.Aeson.Types.FromJSON.FromJSON (Crypto.JOSE.JWE.JWE a p)
instance Data.Aeson.Types.FromJSON.FromJSON (Crypto.JOSE.JWE.JWERecipient a p)
instance Crypto.JOSE.Header.HasParams Crypto.JOSE.JWE.JWEHeader


-- | JSON Web Token implementation (RFC 7519). A JWT is a JWS with a
--   payload of <i>claims</i> to be transferred between two parties.
--   
--   JWTs use the JWS <i>compact serialisation</i>. See
--   <a>Crypto.JOSE.Compact</a> for details.
--   
--   <pre>
--   mkClaims :: IO <a>ClaimsSet</a>
--   mkClaims = do
--     t &lt;- <a>currentTime</a>
--     pure $ <a>emptyClaimsSet</a>
--       &amp; <a>claimIss</a> .~ Just ("alice")
--       &amp; <a>claimAud</a> .~ Just (<a>Audience</a> ["bob"])
--       &amp; <a>claimIat</a> .~ Just (<a>NumericDate</a> t)
--   
--   doJwtSign :: <a>JWK</a> -&gt; <a>ClaimsSet</a> -&gt; IO (Either <a>JWTError</a> <a>SignedJWT</a>)
--   doJwtSign jwk claims = runExceptT $ do
--     alg &lt;- <a>bestJWSAlg</a> jwk
--     <a>signClaims</a> jwk (<a>newJWSHeader</a> ((), alg)) claims
--   
--   doJwtVerify :: <a>JWK</a> -&gt; <a>SignedJWT</a> -&gt; IO (Either <a>JWTError</a> <a>ClaimsSet</a>)
--   doJwtVerify jwk jwt = runExceptT $ do
--     let config = <a>defaultJWTValidationSettings</a> (== "bob")
--     <a>verifyClaims</a> config jwk jwt
--   </pre>
--   
--   Some JWT libraries have a function that takes two strings: the
--   "secret" (a symmetric key) and the raw JWT. The following function
--   achieves the same:
--   
--   <pre>
--   verify :: L.ByteString -&gt; L.ByteString -&gt; IO (Either <a>JWTError</a> <a>ClaimsSet</a>)
--   verify k s = runExceptT $ do
--     let
--       k' = <a>fromOctets</a> k      -- turn raw secret into symmetric JWK
--       audCheck = const True  -- should be a proper audience check
--     s' &lt;- <a>decodeCompact</a> s    -- decode JWT
--     <a>verifyClaims</a> (<a>defaultJWTValidationSettings</a> audCheck) k' s'
--   </pre>
module Crypto.JWT

-- | Create a JWS JWT
signClaims :: (MonadRandom m, MonadError e m, AsError e) => JWK -> JWSHeader () -> ClaimsSet -> m SignedJWT

-- | JSON Web Token data.
data JWT a

-- | A digitally signed or MACed JWT
type SignedJWT = JWT (CompactJWS JWSHeader)

-- | Acquire the default validation settings.
--   
--   <a>RFC 7519 §4.1.3.</a> states that applications MUST identify itself
--   with a value in the audience claim, therefore a predicate must be
--   supplied.
--   
--   The other defaults are:
--   
--   <ul>
--   <li><a>defaultValidationSettings</a> for JWS verification</li>
--   <li>Zero clock skew tolerance when validating <i>nbf</i>, <i>exp</i>
--   and <i>iat</i> claims</li>
--   <li><i>iat</i> claim is checked</li>
--   <li><i>issuer</i> claim is not checked</li>
--   </ul>
defaultJWTValidationSettings :: (StringOrURI -> Bool) -> JWTValidationSettings

-- | Cryptographically verify a JWS JWT, then validate the Claims Set,
--   returning it if valid.
--   
--   This is the only way to get at the claims of a JWS JWT, enforcing that
--   the claims are cryptographically and semantically valid before the
--   application can use them.
--   
--   See also <a>verifyClaimsAt</a> which allows you to explicitly specify
--   the time.
verifyClaims :: (MonadTime m, HasAllowedSkew a, HasAudiencePredicate a, HasIssuerPredicate a, HasCheckIssuedAt a, HasValidationSettings a, AsError e, AsJWTError e, MonadError e m, JWKStore k) => a -> k -> SignedJWT -> m ClaimsSet

-- | Cryptographically verify a JWS JWT, then validate the Claims Set,
--   returning it if valid.
--   
--   This is the same as <a>verifyClaims</a> except that the time is
--   explicitly provided. If you process many requests per second this will
--   allow you to avoid unnecessary repeat system calls.
verifyClaimsAt :: (HasAllowedSkew a, HasAudiencePredicate a, HasIssuerPredicate a, HasCheckIssuedAt a, HasValidationSettings a, AsError e, AsJWTError e, MonadError e m, JWKStore k) => a -> k -> UTCTime -> SignedJWT -> m ClaimsSet

-- | Maximum allowed skew when validating the <i>nbf</i>, <i>exp</i> and
--   <i>iat</i> claims.
class HasAllowedSkew s
allowedSkew :: HasAllowedSkew s => Lens' s NominalDiffTime

-- | Predicate for checking values in the <i>aud</i> claim.
class HasAudiencePredicate s
audiencePredicate :: HasAudiencePredicate s => Lens' s (StringOrURI -> Bool)

-- | Predicate for checking the <i>iss</i> claim.
class HasIssuerPredicate s
issuerPredicate :: HasIssuerPredicate s => Lens' s (StringOrURI -> Bool)

-- | Whether to check that the <i>iat</i> claim is not in the future.
class HasCheckIssuedAt s
checkIssuedAt :: HasCheckIssuedAt s => Lens' s Bool
data JWTValidationSettings
class HasJWTValidationSettings c_a1mUq
jWTValidationSettings :: HasJWTValidationSettings c_a1mUq => Lens' c_a1mUq JWTValidationSettings
jwtValidationSettingsAllowedSkew :: HasJWTValidationSettings c_a1mUq => Lens' c_a1mUq NominalDiffTime
jwtValidationSettingsAudiencePredicate :: HasJWTValidationSettings c_a1mUq => Lens' c_a1mUq (StringOrURI -> Bool)
jwtValidationSettingsCheckIssuedAt :: HasJWTValidationSettings c_a1mUq => Lens' c_a1mUq Bool
jwtValidationSettingsIssuerPredicate :: HasJWTValidationSettings c_a1mUq => Lens' c_a1mUq (StringOrURI -> Bool)
jwtValidationSettingsValidationSettings :: HasJWTValidationSettings c_a1mUq => Lens' c_a1mUq ValidationSettings

-- | The JWT Claims Set represents a JSON object whose members are the
--   registered claims defined by RFC 7519. Unrecognised claims are
--   gathered into the <a>unregisteredClaims</a> map.
data ClaimsSet

-- | The audience claim identifies the recipients that the JWT is intended
--   for. Each principal intended to process the JWT MUST identify itself
--   with a value in the audience claim. If the principal processing the
--   claim does not identify itself with a value in the <i>aud</i> claim
--   when this claim is present, then the JWT MUST be rejected.
claimAud :: Lens' ClaimsSet (Maybe Audience)

-- | The expiration time claim identifies the expiration time on or after
--   which the JWT MUST NOT be accepted for processing. The processing of
--   <i>exp</i> claim requires that the current date/time MUST be before
--   expiration date/time listed in the <i>exp</i> claim. Implementers MAY
--   provide for some small leeway, usually no more than a few minutes, to
--   account for clock skew.
claimExp :: Lens' ClaimsSet (Maybe NumericDate)

-- | The issued at claim identifies the time at which the JWT was issued.
--   This claim can be used to determine the age of the JWT.
claimIat :: Lens' ClaimsSet (Maybe NumericDate)

-- | The issuer claim identifies the principal that issued the JWT. The
--   processing of this claim is generally application specific.
claimIss :: Lens' ClaimsSet (Maybe StringOrURI)

-- | The JWT ID claim provides a unique identifier for the JWT. The
--   identifier value MUST be assigned in a manner that ensures that there
--   is a negligible probability that the same value will be accidentally
--   assigned to a different data object. The <i>jti</i> claim can be used
--   to prevent the JWT from being replayed. The <i>jti</i> value is a
--   case-sensitive string.
claimJti :: Lens' ClaimsSet (Maybe Text)

-- | The not before claim identifies the time before which the JWT MUST NOT
--   be accepted for processing. The processing of the <i>nbf</i> claim
--   requires that the current date/time MUST be after or equal to the
--   not-before date/time listed in the <i>nbf</i> claim. Implementers MAY
--   provide for some small leeway, usually no more than a few minutes, to
--   account for clock skew.
claimNbf :: Lens' ClaimsSet (Maybe NumericDate)

-- | The subject claim identifies the principal that is the subject of the
--   JWT. The Claims in a JWT are normally statements about the subject.
--   The subject value MAY be scoped to be locally unique in the context of
--   the issuer or MAY be globally unique. The processing of this claim is
--   generally application specific.
claimSub :: Lens' ClaimsSet (Maybe StringOrURI)

-- | Claim Names can be defined at will by those using JWTs.
unregisteredClaims :: Lens' ClaimsSet (HashMap Text Value)
addClaim :: Text -> Value -> ClaimsSet -> ClaimsSet

-- | Return an empty claims set.
emptyClaimsSet :: ClaimsSet

-- | Validate the claims made by a ClaimsSet.
--   
--   These checks are performed by <a>verifyClaims</a>, which also
--   validates any signatures, so you shouldn't need to use this function
--   directly.
validateClaimsSet :: (MonadTime m, HasAllowedSkew a, HasAudiencePredicate a, HasIssuerPredicate a, HasCheckIssuedAt a, AsJWTError e, MonadError e m) => a -> ClaimsSet -> m ClaimsSet
data JWTError

-- | A JOSE error occurred while processing the JWT
JWSError :: Error -> JWTError

-- | The JWT payload is not a JWT Claims Set
JWTClaimsSetDecodeError :: String -> JWTError
JWTExpired :: JWTError
JWTNotYetValid :: JWTError
JWTNotInIssuer :: JWTError
JWTNotInAudience :: JWTError
JWTIssuedAtFuture :: JWTError
class AsJWTError r_a1m9C
_JWTError :: AsJWTError r_a1m9C => Prism' r_a1m9C JWTError
_JWSError :: AsJWTError r_a1m9C => Prism' r_a1m9C Error
_JWTClaimsSetDecodeError :: AsJWTError r_a1m9C => Prism' r_a1m9C String
_JWTExpired :: AsJWTError r_a1m9C => Prism' r_a1m9C ()
_JWTNotYetValid :: AsJWTError r_a1m9C => Prism' r_a1m9C ()
_JWTNotInIssuer :: AsJWTError r_a1m9C => Prism' r_a1m9C ()
_JWTNotInAudience :: AsJWTError r_a1m9C => Prism' r_a1m9C ()
_JWTIssuedAtFuture :: AsJWTError r_a1m9C => Prism' r_a1m9C ()

-- | Audience data. In the general case, the <i>aud</i> value is an array
--   of case-sensitive strings, each containing a <a>StringOrURI</a> value.
--   In the special case when the JWT has one audience, the <i>aud</i>
--   value MAY be a single case-sensitive string containing a
--   <a>StringOrURI</a> value.
--   
--   The <a>ToJSON</a> instance formats an <a>Audience</a> with one value
--   as a string (some non-compliant implementations require this.)
newtype Audience
Audience :: [StringOrURI] -> Audience

-- | A JSON string value, with the additional requirement that while
--   arbitrary string values MAY be used, any value containing a <tt>:</tt>
--   character MUST be a URI.
--   
--   <b>Note</b>: the <tt>IsString</tt> instance will fail if the string
--   contains a <tt>:</tt> but does not parse as a <a>URI</a>. Use
--   <a>stringOrUri</a> directly in this situation.
data StringOrURI
stringOrUri :: (Cons s s Char Char, Monoid s) => Prism' s StringOrURI
string :: Prism' StringOrURI String
uri :: Prism' StringOrURI URI

-- | A JSON numeric value representing the number of seconds from
--   1970-01-01T0:0:0Z UTC until the specified UTC date/time.
newtype NumericDate
NumericDate :: UTCTime -> NumericDate
instance GHC.Show.Show a => GHC.Show.Show (Crypto.JWT.JWT a)
instance GHC.Classes.Eq a => GHC.Classes.Eq (Crypto.JWT.JWT a)
instance GHC.Base.Monad m => Control.Monad.Time.MonadTime (Control.Monad.Trans.Reader.ReaderT Crypto.JWT.WrappedUTCTime m)
instance Crypto.JOSE.Compact.FromCompact a => Crypto.JOSE.Compact.FromCompact (Crypto.JWT.JWT a)
instance Crypto.JOSE.Compact.ToCompact a => Crypto.JOSE.Compact.ToCompact (Crypto.JWT.JWT a)
instance Crypto.JWT.HasJWTValidationSettings a => Crypto.JWT.HasCheckIssuedAt a
instance Crypto.JWT.HasJWTValidationSettings a => Crypto.JWT.HasIssuerPredicate a
instance Crypto.JWT.HasJWTValidationSettings a => Crypto.JWT.HasAudiencePredicate a
instance Crypto.JWT.HasJWTValidationSettings a => Crypto.JWT.HasAllowedSkew a
instance Crypto.JWT.HasJWTValidationSettings Crypto.JWT.JWTValidationSettings
instance Crypto.JOSE.JWS.HasValidationSettings Crypto.JWT.JWTValidationSettings
instance GHC.Show.Show Crypto.JWT.ClaimsSet
instance GHC.Classes.Eq Crypto.JWT.ClaimsSet
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JWT.ClaimsSet
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JWT.ClaimsSet
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JWT.Audience
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JWT.Audience
instance GHC.Show.Show Crypto.JWT.Audience
instance GHC.Classes.Eq Crypto.JWT.Audience
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JWT.NumericDate
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JWT.NumericDate
instance GHC.Show.Show Crypto.JWT.NumericDate
instance GHC.Classes.Ord Crypto.JWT.NumericDate
instance GHC.Classes.Eq Crypto.JWT.NumericDate
instance GHC.Show.Show Crypto.JWT.StringOrURI
instance GHC.Classes.Eq Crypto.JWT.StringOrURI
instance Data.String.IsString Crypto.JWT.StringOrURI
instance Data.Aeson.Types.FromJSON.FromJSON Crypto.JWT.StringOrURI
instance Data.Aeson.Types.ToJSON.ToJSON Crypto.JWT.StringOrURI
instance Crypto.JWT.AsJWTError Crypto.JWT.JWTError
instance Crypto.JOSE.Error.AsError Crypto.JWT.JWTError
instance GHC.Show.Show Crypto.JWT.JWTError
instance GHC.Classes.Eq Crypto.JWT.JWTError
