-
Notifications
You must be signed in to change notification settings - Fork 98
/
jwa.ex
244 lines (191 loc) · 8.83 KB
/
jwa.ex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
defmodule JOSE.JWA do
@moduledoc ~S"""
JWA stands for JSON Web Algorithms which is defined in [RFC 7518](https://tools.ietf.org/html/rfc7518).
## Cryptographic Algorithm Fallback
Native implementations of all cryptographic and public key algorithms
required by the JWA specifications are not present in current versions
of Elixir and OTP.
JOSE will detect whether a specific algorithm is natively supported or not
and, by default, it will mark the algorithm as unsupported if a native
implementation is not found.
However, JOSE also has pure Erlang versions of many of the missing algorithms
which can be used as a fallback by calling `JOSE.crypto_fallback/1` and
passing `true`.
"""
## Crypto API
@doc """
Decrypts `cipher_text` according to `cipher` block cipher.
Currently supported block ciphers:
* `{:aes_ecb, 128}` - AES ECB with 128-bit `key` size
* `{:aes_ecb, 192}` - AES ECB with 192-bit `key` size
* `{:aes_ecb, 256}` - AES ECB with 256-bit `key` size
"""
defdelegate block_decrypt(cipher, key, cipher_text), to: :jose_jwa
@doc """
Decrypts `cipher_text` according to `cipher` block cipher.
Currently supported block ciphers:
* `{:aes_cbc, 128}` - AES CBC with 128-bit `key` size and 128-bit `iv` size
* `{:aes_cbc, 192}` - AES CBC with 192-bit `key` size and 128-bit `iv` size
* `{:aes_cbc, 256}` - AES CBC with 256-bit `key` size and 128-bit `iv` size
* `{:aes_gcm, 128}` - AES GCM with 128-bit `key` size and variable `iv` size
* `{:aes_gcm, 192}` - AES GCM with 192-bit `key` size and variable `iv` size
* `{:aes_gcm, 256}` - AES GCM with 256-bit `key` size and variable `iv` size
* `{:chacha20_poly1305, 256}` - ChaCha20/Poly1305 with 256-bit `key` size and 96-bit `iv` size
"""
defdelegate block_decrypt(cipher, key, iv, cipher_text), to: :jose_jwa
@doc """
Encrypts `plain_text` according to `cipher` block cipher.
Currently supported block ciphers:
* `{:aes_ecb, 128}` - AES ECB with 128-bit `key` size
* `{:aes_ecb, 192}` - AES ECB with 192-bit `key` size
* `{:aes_ecb, 256}` - AES ECB with 256-bit `key` size
"""
defdelegate block_encrypt(cipher, key, plain_text), to: :jose_jwa
@doc """
Encrypts `plain_text` according to `cipher` block cipher.
Currently supported block ciphers:
* `{:aes_cbc, 128}` - AES CBC with 128-bit `key` size and 128-bit `iv` size
* `{:aes_cbc, 192}` - AES CBC with 192-bit `key` size and 128-bit `iv` size
* `{:aes_cbc, 256}` - AES CBC with 256-bit `key` size and 128-bit `iv` size
* `{:aes_gcm, 128}` - AES GCM with 128-bit `key` size and variable `iv` size
* `{:aes_gcm, 192}` - AES GCM with 192-bit `key` size and variable `iv` size
* `{:aes_gcm, 256}` - AES GCM with 256-bit `key` size and variable `iv` size
* `{:chacha20_poly1305, 256}` - ChaCha20/Poly1305 with 256-bit `key` size and 96-bit `iv` size
"""
defdelegate block_encrypt(cipher, key, iv, plain_text), to: :jose_jwa
## Public Key API
@doc """
Decrypts `cipher_text` using the `private_key`.
## Options
* `:rsa_padding` - one of `:rsa_pkcs1_oaep_padding` or `:rsa_pkcs1_padding`
* `:rsa_oaep_md` - sets the hashing algorithm for `:rsa_pkcs1_oaep_padding`, defaults to `:sha`
* `:rsa_oaep_label` - sets the label for `:rsa_pkcs1_oaep_padding`, defaults to `<<>>`
"""
defdelegate decrypt_private(cipher_text, private_key, options), to: :jose_jwa
@doc """
Encrypts `plain_text` using the `public_key`.
## Options
* `:rsa_padding` - one of `:rsa_pkcs1_oaep_padding` or `:rsa_pkcs1_padding`
* `:rsa_oaep_md` - sets the hashing algorithm for `:rsa_pkcs1_oaep_padding`, defaults to `:sha`
* `:rsa_oaep_label` - sets the label for `:rsa_pkcs1_oaep_padding`, defaults to `<<>>`
"""
defdelegate encrypt_public(plain_text, public_key, options), to: :jose_jwa
@doc """
Signs the digested `message` using the `digest_type` and `private_key`.
## Options
* `:rsa_padding` - one of `:rsa_pkcs1_pss_padding` or `:rsa_pkcs1_padding`
* `:rsa_pss_saltlen` - sets the salt length for `:rsa_pkcs1_pss_padding`, defaults to `-1`
* `-2` - use maximum for salt length
* `-1` - use hash length for salt length
* any number higher than `-1` is used as the actual salt length
"""
defdelegate sign(message, digest_type, private_key, options), to: :jose_jwa
@doc """
Verifies the `signature` with the digested `message` using the `digest_type` and `public_key`.
## Options
* `:rsa_padding` - one of `:rsa_pkcs1_pss_padding` or `:rsa_pkcs1_padding`
* `:rsa_pss_saltlen` - sets the salt length for `:rsa_pkcs1_pss_padding`, defaults to `-1`
* `-2` - automatically determine based on the PSS block structure
* `-1` - use hash length for salt length
* any number higher than `-1` is used as the actual salt length
"""
defdelegate verify(message, digest_type, signature, public_key, options), to: :jose_jwa
## API
@doc """
Returns the current module and first argument for the specified `cipher`.
iex> JOSE.JWA.block_cipher({:aes_cbc, 128})
{:crypto, :aes_cbc128}
iex> JOSE.JWA.block_cipher({:aes_cbc, 192})
{:jose_jwa_unsupported, {:aes_cbc, 192}}
iex> JOSE.crypto_fallback(true)
:ok
iex> JOSE.JWA.block_cipher({:aes_cbc, 192})
{:jose_jwa_aes, {:aes_cbc, 192}}
"""
defdelegate block_cipher(cipher), to: :jose_jwa
@doc """
Returns the current block ciphers and their associated modules.
iex> JOSE.JWA.crypto_ciphers()
[{{:aes_cbc, 128}, :crypto}, {{:aes_cbc, 192}, :crypto},
{{:aes_cbc, 256}, :crypto}, {{:aes_ecb, 128}, :crypto},
{{:aes_ecb, 192}, :crypto}, {{:aes_ecb, 256}, :crypto},
{{:aes_gcm, 128}, :crypto}, {{:aes_gcm, 192}, :crypto},
{{:aes_gcm, 256}, :crypto},
{{:chacha20_poly1305, 256}, :jose_chacha20_poly1305}]
"""
defdelegate crypto_ciphers(), to: :jose_jwa
@doc """
See `JOSE.crypto_fallback/0`
"""
defdelegate crypto_fallback(), to: :jose_jwa
@doc """
See `JOSE.crypto_fallback/1`
"""
defdelegate crypto_fallback(boolean), to: :jose_jwa
@doc """
Returns the current listing of supported `:crypto` and `:public_key` algorithms.
iex> JOSE.JWA.crypto_supports()
[ciphers: [aes_cbc: 128, aes_cbc: 192, aes_cbc: 256, aes_ecb: 128, aes_ecb: 192,
aes_ecb: 256, aes_gcm: 128, aes_gcm: 192, aes_gcm: 256,
chacha20_poly1305: 256],
hashs: [:md5, :poly1305, :sha, :sha256, :sha384, :sha512, :shake256],
public_keys: [:ec_gf2m, :ecdh, :ecdsa, :ed25519, :ed25519ph, :ed448, :ed448ph,
:rsa, :x25519, :x448], rsa_crypt: [:rsa1_5, :rsa_oaep, :rsa_oaep_256],
rsa_sign: [:rsa_pkcs1_padding, :rsa_pkcs1_pss_padding]]
"""
defdelegate crypto_supports(), to: :jose_jwa
@doc """
Performs a constant time comparison between two binaries to help avoid [timing attacks](https://en.wikipedia.org/wiki/Timing_attack).
"""
defdelegate constant_time_compare(a, b), to: :jose_jwa
@doc """
Returns either `:binary` or `:list` depending on the detected runtime behavior for EC keys.
"""
defdelegate ec_key_mode(), to: :jose_jwa
@doc """
Checks whether the `cipher` is natively supported by `:crypto` or not.
"""
defdelegate is_block_cipher_supported(cipher), to: :jose_jwa
@doc """
Checks whether ChaCha20/Poly1305 support is available or not.
"""
defdelegate is_chacha20_poly1305_supported(), to: :jose_jwa
@doc """
Checks whether the `padding` is natively supported by `:public_key` or not.
"""
defdelegate is_rsa_crypt_supported(padding), to: :jose_jwa
@doc """
Checks whether the `padding` is natively supported by `:public_key` or not.
"""
defdelegate is_rsa_sign_supported(padding), to: :jose_jwa
@doc """
Returns the current listing of supported JOSE algorithms.
iex> JOSE.JWA.supports()
[{:jwe,
{:alg,
["A128GCMKW", "A128KW", "A192GCMKW", "A192KW", "A256GCMKW", "A256KW",
"ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW",
"PBES2-HS256+A128KW", "PBES2-HS384+A192KW", "PBES2-HS512+A256KW",
"RSA-OAEP", "RSA-OAEP-256", "RSA1_5", "dir"]},
{:enc,
["A128CBC-HS256", "A128GCM", "A192CBC-HS384", "A192GCM", "A256CBC-HS512",
"A256GCM", "ChaCha20/Poly1305"]}, {:zip, ["DEF"]}},
{:jwk, {:kty, ["EC", "OKP", "RSA", "oct"]},
{:kty_OKP_crv,
["Ed25519", "Ed25519ph", "Ed448", "Ed448ph", "X25519", "X448"]}},
{:jws,
{:alg,
["ES256", "ES384", "ES512", "Ed25519", "Ed25519ph", "Ed448", "Ed448ph",
"HS256", "HS384", "HS512", "PS256", "PS384", "PS512", "Poly1305", "RS256",
"RS384", "RS512", "none"]}}]
"""
defdelegate supports(), to: :jose_jwa
@doc """
See `JOSE.unsecured_signing/0`
"""
defdelegate unsecured_signing(), to: :jose_jwa
@doc """
See `JOSE.unsecured_signing/1`
"""
defdelegate unsecured_signing(boolean), to: :jose_jwa
end