saml2-web-sso-0.20: Library and example web app for the SAML Web-based SSO profile.
Safe HaskellSafe-Inferred
LanguageHaskell2010

Text.XML.DSig

Description

Partial implementation of https://www.w3.org/TR/xmldsig-core/. We use hsaml2, hxt, x509 and other dubious packages internally, but expose xml-types and cryptonite.

FUTUREWORK: other implementations that could be used for testing: https://www.aleksey.com/xmlsec/ (C); https://github.com/yaronn/xml-crypto (js)

Synopsis

types

data SignCreds Source #

Constructors

SignCreds SignDigest SignKey 

Instances

Instances details
Show SignCreds Source # 
Instance details

Defined in Text.XML.DSig

Methods

showsPrec :: Int -> SignCreds -> ShowS #

show :: SignCreds -> String #

showList :: [SignCreds] -> ShowS #

Eq SignCreds Source # 
Instance details

Defined in Text.XML.DSig

Methods

(==) :: SignCreds -> SignCreds -> Bool #

(/=) :: SignCreds -> SignCreds -> Bool #

data SignDigest Source #

Constructors

SignDigestSha256 

Instances

Instances details
Bounded SignDigest Source # 
Instance details

Defined in Text.XML.DSig

Methods

minBound :: SignDigest #

maxBound :: SignDigest #

Enum SignDigest Source # 
Instance details

Defined in Text.XML.DSig

Methods

succ :: SignDigest -> SignDigest #

pred :: SignDigest -> SignDigest #

toEnum :: Int -> SignDigest #

fromEnum :: SignDigest -> Int #

enumFrom :: SignDigest -> [SignDigest] #

enumFromThen :: SignDigest -> SignDigest -> [SignDigest] #

enumFromTo :: SignDigest -> SignDigest -> [SignDigest] #

enumFromThenTo :: SignDigest -> SignDigest -> SignDigest -> [SignDigest] #

Show SignDigest Source # 
Instance details

Defined in Text.XML.DSig

Methods

showsPrec :: Int -> SignDigest -> ShowS #

show :: SignDigest -> String #

showList :: [SignDigest] -> ShowS #

Eq SignDigest Source # 
Instance details

Defined in Text.XML.DSig

Methods

(==) :: SignDigest -> SignDigest -> Bool #

(/=) :: SignDigest -> SignDigest -> Bool #

data SignKey Source #

Constructors

SignKeyRSA PublicKey 

Instances

Instances details
Show SignKey Source # 
Instance details

Defined in Text.XML.DSig

Methods

showsPrec :: Int -> SignKey -> ShowS #

show :: SignKey -> String #

showList :: [SignKey] -> ShowS #

Eq SignKey Source # 
Instance details

Defined in Text.XML.DSig

Methods

(==) :: SignKey -> SignKey -> Bool #

(/=) :: SignKey -> SignKey -> Bool #

data SignPrivCreds Source #

Constructors

SignPrivCreds SignDigest SignPrivKey 

Instances

Instances details
Show SignPrivCreds Source # 
Instance details

Defined in Text.XML.DSig

Methods

showsPrec :: Int -> SignPrivCreds -> ShowS #

show :: SignPrivCreds -> String #

showList :: [SignPrivCreds] -> ShowS #

Eq SignPrivCreds Source # 
Instance details

Defined in Text.XML.DSig

Methods

(==) :: SignPrivCreds -> SignPrivCreds -> Bool #

(/=) :: SignPrivCreds -> SignPrivCreds -> Bool #

data SignPrivKey Source #

Constructors

SignPrivKeyRSA KeyPair 

Instances

Instances details
Show SignPrivKey Source # 
Instance details

Defined in Text.XML.DSig

Methods

showsPrec :: Int -> SignPrivKey -> ShowS #

show :: SignPrivKey -> String #

showList :: [SignPrivKey] -> ShowS #

Eq SignPrivKey Source # 
Instance details

Defined in Text.XML.DSig

Methods

(==) :: SignPrivKey -> SignPrivKey -> Bool #

(/=) :: SignPrivKey -> SignPrivKey -> Bool #

credential handling

verifySelfSignature :: (HasCallStack, MonadError String m) => SignedCertificate -> m () Source #

parseKeyInfo :: (HasCallStack, MonadError String m) => Bool -> LT -> m SignedCertificate Source #

Read the KeyInfo element of a meta file's IDPSSODescriptor into a public key that can be used for signing. Tested for KeyInfo elements that contain an x509 certificate.

Self-signatures are only verified if first argument is True. The reason for this flag is that some IdPs (e.g. centrify) sign their certificates with external CAs. Verification against external cert needs to be done separately before calling this function.

renderKeyInfo :: HasCallStack => SignedCertificate -> LT Source #

certToCreds :: (HasCallStack, MonadError String m) => SignedCertificate -> m SignCreds Source #

certToPublicKey :: (HasCallStack, MonadError String m) => SignedCertificate -> m PublicKey Source #

mkSignCreds :: (MonadRandom m, MonadIO m) => Int -> m (SignPrivCreds, SignCreds) Source #

mkSignCredsWithCert :: forall m. (MonadRandom m, MonadIO m) => Maybe DateTime -> Int -> m (SignPrivCreds, SignCreds, SignedCertificate) Source #

If first argument validSince is Nothing, use cucrent system time.

signature verification

verify :: forall m. MonadError String m => NonEmpty SignCreds -> LBS -> String -> m () Source #

We sometimes get XML documents that are underspecific about which credentials they are going to use later. As longs as all credentials are from the same authoritative source, it may be ok to ask for *any* of them to match a signature. So here is an or over verify and a non-empty list of SignCreds.

NB: The call to unsafePerformIO in this function is sound under the assumption that verifyIO has no effects in IO other than throwing SomeException (which are captured by try. Technically, it does have other effects, like opening temp files for capturing stderr (if any), but we do not care about those. The only thing we care about is that the conceptually pure function of validating a signature will either be called twice with the same arguments and return the same result value, or not be called a second time with the same arguments, in which case that same value will be used.

verifyRoot :: forall m. MonadError String m => NonEmpty SignCreds -> LBS -> m () Source #

verifyIO :: NonEmpty SignCreds -> LBS -> String -> IO [(SignCreds, Either SignatureError ())] Source #

Try a list of creds against a document. If all fail, return a list of errors for each cert; if *any* succeed, return the empty list.

signature creation

signRoot :: (MonadRandom m, MonadError String m) => SignPrivCreds -> Document -> m Document Source #

Make sure that root node node has ID attribute and sign it. This is similar to the more primitive generateSignature. Cons signature to the children list (left-most position).

signRootAt :: (MonadRandom m, MonadError String m) => Int -> SignPrivCreds -> Document -> m Document Source #

Like signRoot, but insert signature at any given position in the children list. If the list is too short for this position, throw an error.

testing

type HasMonadSign = MonadIO Source #

newtype MonadSign a Source #

Constructors

MonadSign (ExceptT String IO a) 

Instances

Instances details
Applicative MonadSign Source # 
Instance details

Defined in Text.XML.DSig

Methods

pure :: a -> MonadSign a #

(<*>) :: MonadSign (a -> b) -> MonadSign a -> MonadSign b #

liftA2 :: (a -> b -> c) -> MonadSign a -> MonadSign b -> MonadSign c #

(*>) :: MonadSign a -> MonadSign b -> MonadSign b #

(<*) :: MonadSign a -> MonadSign b -> MonadSign a #

Functor MonadSign Source # 
Instance details

Defined in Text.XML.DSig

Methods

fmap :: (a -> b) -> MonadSign a -> MonadSign b #

(<$) :: a -> MonadSign b -> MonadSign a #

Monad MonadSign Source # 
Instance details

Defined in Text.XML.DSig

Methods

(>>=) :: MonadSign a -> (a -> MonadSign b) -> MonadSign b #

(>>) :: MonadSign a -> MonadSign b -> MonadSign b #

return :: a -> MonadSign a #

MonadRandom MonadSign Source # 
Instance details

Defined in Text.XML.DSig

Methods

getRandomBytes :: ByteArray byteArray => Int -> MonadSign byteArray Source #

MonadError String MonadSign Source # 
Instance details

Defined in Text.XML.DSig

Methods

throwError :: String -> MonadSign a #

catchError :: MonadSign a -> (String -> MonadSign a) -> MonadSign a #

runMonadSign :: MonadSign a -> IO (Either String a) Source #

signElementIO :: (HasCallStack, HasMonadSign m) => SignPrivCreds -> [Node] -> m [Node] Source #

signElementIOAt :: (HasCallStack, HasMonadSign m) => Int -> SignPrivCreds -> [Node] -> m [Node] Source #