From aad40cc0c33f982049d216470e84ddf83e0f28ad Mon Sep 17 00:00:00 2001 From: Fraser Tweedale Date: Thu, 14 Dec 2023 09:34:12 +1000 Subject: [PATCH] fromX509PubKey: support Edwards EdDSA and ECDSA keys --- CHANGELOG.md | 11 +++++++++++ src/Crypto/JOSE/JWK.hs | 12 +++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0b68697..d6f69c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,14 @@ +## Version NEXT + +- Added `Crypto.JOSE.JWK.fromX509PubKey`, which supports conversion + from the `Data.X509.PubKey` type, such as can be read via the + *crypton-x509-store* package. It supports RSA, NIST ECC, and + Edwards curve key types (Ed25519, Ed448, X25519, X448). + +- Updated `Crypto.JOSE.JWK.fromX509Certificate` to support Edwards + curve key types (Ed25519, Ed448, X25519, X448). + + ## Version 0.11 (2023-10-31) - Migrate to the *crypton* library ecosystem. *crypton* was a hard diff --git a/src/Crypto/JOSE/JWK.hs b/src/Crypto/JOSE/JWK.hs index 0ed2d15..237cce0 100644 --- a/src/Crypto/JOSE/JWK.hs +++ b/src/Crypto/JOSE/JWK.hs @@ -255,15 +255,21 @@ fromOctets = -- | Convert from a 'X509.PubKey' (such as can be read via the --- /crypton-x509-store/ package). +-- /crypton-x509-store/ package). Supports RSA, ECDSA, Ed25519, +-- Ed448, X25519 and X448 keys. -- fromX509PubKey :: (AsError e, MonadError e m) => X509.PubKey -> m JWK fromX509PubKey = \case - X509.PubKeyRSA k -> pure (fromRSAPublic k) - X509.PubKeyEC k -> fromECPublic k + X509.PubKeyRSA k -> pure (fromRSAPublic k) + X509.PubKeyEC k -> fromECPublic k + X509.PubKeyX25519 k -> fromOKP $ X25519Key k Nothing + X509.PubKeyX448 k -> fromOKP $ X448Key k Nothing + X509.PubKeyEd25519 k -> fromOKP $ Ed25519Key k Nothing + X509.PubKeyEd448 k -> fromOKP $ Ed448Key k Nothing _ -> throwing _KeyMismatch "X.509 key type not supported" where fromECPublic = fmap (fromKeyMaterial . ECKeyMaterial) . ecParametersFromX509 + fromOKP = pure . fromKeyMaterial . OKPKeyMaterial -- | Convert an X.509 certificate into a JWK.