| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
SDJWT.Internal.KeyBinding
Description
Key Binding JWT support for SD-JWT+KB.
This module provides functions for creating and verifying Key Binding JWTs (KB-JWT) as specified in RFC 9901 Section 7. Key Binding provides proof of possession of a key by the holder.
Synopsis
- createKeyBindingJWT :: JWKLike jwk => HashAlgorithm -> jwk -> Text -> Text -> Int64 -> SDJWTPresentation -> Object -> IO (Either SDJWTError Text)
- computeSDHash :: HashAlgorithm -> SDJWTPresentation -> Digest
- verifyKeyBindingJWT :: JWKLike jwk => HashAlgorithm -> jwk -> Text -> SDJWTPresentation -> IO (Either SDJWTError ())
- addKeyBindingToPresentation :: JWKLike jwk => HashAlgorithm -> jwk -> Text -> Text -> Int64 -> SDJWTPresentation -> Object -> IO (Either SDJWTError SDJWTPresentation)
Documentation
Arguments
| :: JWKLike jwk | |
| => HashAlgorithm | Hash algorithm for computing sd_hash |
| -> jwk | Holder private key (Text or jose JWK object) |
| -> Text | Audience claim (verifier identifier) |
| -> Text | Nonce from verifier |
| -> Int64 | Issued at timestamp (Unix epoch seconds) |
| -> SDJWTPresentation | The SD-JWT presentation to bind |
| -> Object | Optional additional claims (e.g., exp, nbf). These will be validated during verification if present. Pass |
| -> IO (Either SDJWTError Text) |
Create a Key Binding JWT.
Creates a KB-JWT that proves the holder possesses a specific key. The KB-JWT contains:
- aud: Audience (verifier identifier)
- nonce: Nonce provided by verifier
- iat: Issued at timestamp
- sd_hash: Hash of the SD-JWT presentation
- Optional additional claims (e.g., exp for expiration time)
Note: RFC 9901 Section 4.3 states that additional claims in optionalClaims SHOULD be avoided
unless there is a compelling reason, as they may harm interoperability.
Returns the signed KB-JWT as a compact JWT string.
computeSDHash :: HashAlgorithm -> SDJWTPresentation -> Digest Source #
Compute sd_hash for key binding.
The sd_hash is computed as the hash of the serialized SD-JWT presentation (without the KB-JWT part). This hash is included in the KB-JWT to bind it to the specific presentation.
The hash is computed over the US-ASCII bytes of the presentation string (per RFC 9901). Since the serialized presentation contains only ASCII characters (base64url-encoded strings and tilde separators), UTF-8 encoding produces identical bytes to US-ASCII.
Arguments
| :: JWKLike jwk | |
| => HashAlgorithm | Hash algorithm for verifying sd_hash |
| -> jwk | Holder public key (Text or jose JWK object) |
| -> Text | KB-JWT to verify |
| -> SDJWTPresentation | The SD-JWT presentation |
| -> IO (Either SDJWTError ()) |
Verify a Key Binding JWT.
Verifies that:
- The KB-JWT signature is valid (using holder's public key)
- The sd_hash in the KB-JWT matches the computed hash of the presentation
- The nonce, audience, and iat claims are present and valid
Returns 'Right ()' if verification succeeds, Left with error otherwise.
addKeyBindingToPresentation Source #
Arguments
| :: JWKLike jwk | |
| => HashAlgorithm | Hash algorithm for computing sd_hash |
| -> jwk | Holder private key (Text or jose JWK object) |
| -> Text | Audience claim (verifier identifier) |
| -> Text | Nonce provided by verifier |
| -> Int64 | Issued at timestamp (Unix epoch seconds) |
| -> SDJWTPresentation | The SD-JWT presentation to bind |
| -> Object | Optional additional claims (e.g., exp, nbf). Standard JWT claims will be validated during verification if present. Pass |
| -> IO (Either SDJWTError SDJWTPresentation) |
Add key binding to a presentation.
Creates a KB-JWT and adds it to the presentation, converting it to SD-JWT+KB format.
The KB-JWT includes required claims (aud, nonce, iat, sd_hash) plus any optional
claims provided. Standard JWT claims like exp (expiration time) and nbf (not before)
will be automatically validated during verification if present.
Note: RFC 9901 Section 4.3 states that additional claims in optionalClaims SHOULD be avoided
unless there is a compelling reason, as they may harm interoperability.