Library
Module
Module type
Parameter
Class
Class type
use
will default to `Sig
in all functions unless supplied
type pub_rsa = Mirage_crypto_pk.Rsa.pub jwk
rsa
represents a public JWK with kty
`RSA
and a Rsa.pub
key
type priv_rsa = Mirage_crypto_pk.Rsa.priv jwk
rsa
represents a private JWK with kty
`RSA
and a Rsa.priv
key
type oct = string jwk
oct
represents a JWK with kty
`OCT
and a string key.
oct
will in most cases be a private key but there are some cases where it will be considered public, eg. if you parse a public JSON
type priv_es256 = Mirage_crypto_ec.P256.Dsa.priv jwk
es256
represents a public JWK with kty
`EC
and a P256.pub
key
type pub_es256 = Mirage_crypto_ec.P256.Dsa.pub jwk
es256
represents a private JWK with kty
`EC
and a P256.priv
key
type priv_es512 = Mirage_crypto_ec.P521.Dsa.priv jwk
es512
represents a public JWK with kty
`EC
and a P512.pub
key
type pub_es512 = Mirage_crypto_ec.P521.Dsa.pub jwk
es512
represents a private JWK with kty
`EC
and a P512.priv
key
These keys are safe to show and should be used to verify signed content.
val make_pub_rsa : ?use:use -> Mirage_crypto_pk.Rsa.pub -> public t
rsa_of_pub use pub
takes a public key generated by Nocrypto and returns a result t or a message of what went wrong.
of_pub_pem use pem
takes a PEM as a string and returns a public t
or a message of what went wrong.
to_pub_pem t
takes a JWK and returns a result PEM string or a message of what went wrong.
val of_pub_json :
Yojson.Safe.t ->
(public t,
[> `Json_parse_failed of string | `Msg of string | `Unsupported_kty ])
result
of_pub_json t
takes a Yojson.Safe.t
and tries to return a public t
val of_pub_json_string :
string ->
(public t,
[> `Json_parse_failed of string | `Msg of string | `Unsupported_kty ])
result
of_pub_json_string json_string
takes a JSON string representation and tries to return a public t
val to_pub_json : 'a t -> Yojson.Safe.t
to_pub_json t
takes a priv t
and returns a JSON representation
val to_pub_json_string : 'a t -> string
to_pub_json_string t
takes a priv t
and returns a JSON string representation
These keys are not safe to show and should be used to sign content.
val make_priv_rsa : ?use:use -> Mirage_crypto_pk.Rsa.priv -> priv t
make_priv_rsa use priv
takes a private key generated by Nocrypto and returns a priv t or a message of what went wrong.
of_priv_pem use pem
takes a PEM as a string and returns a priv t
or a message of what went wrong.
make_oct use secret
creates a priv t
from a shared secret
to_priv_pem t
takes a JWK and returns a result PEM string or a message of what went wrong.
val of_priv_json :
Yojson.Safe.t ->
(priv t,
[> `Json_parse_failed of string | `Msg of string | `Unsupported_kty ])
result
of_json json
takes a Yojson.Safe.t
and returns a priv t
val of_priv_json_string :
string ->
(priv t,
[> `Json_parse_failed of string | `Msg of string | `Unsupported_kty ])
result
of_priv_json_string json_string
takes a JSON string representation and tries to return a private t
val to_priv_json : priv t -> Yojson.Safe.t
to_json t
takes a t
and returns a Yojson.Safe.t
to_priv_json_string t
takes a priv t
and returns a JSON string representation
pub_of_priv t
takes a priv t
and returns the coresponding public key.
When using it on Oct
keys it will just return the same as it's a symetric key.
Utils to get different data from a JWK
val get_kid : 'a t -> string option
get_kid jwk
is a convencience function to get the kid string
val get_thumbprint :
Mirage_crypto.Hash.hash ->
'a t ->
(Cstruct.t, [> `Unsafe ]) result
get_thumbprint hash jwk
calculates the thumbprint of jwk
with hash
, following RFC 7638.
Returns an error for symmetric keys: sharing the hash may leak information about the key itself ans it's deemed unsafe.
val use_to_string : use -> string
val use_of_string : string -> use