jose_utils v0.1.0 JOSEUtils.JWK View Source

Convenience functions to work with JWKs

Link to this section Summary

Types

t()

A JSON Web Key in its map form

Functions

Returns the digest used by a signature algorithm of the key

Verifies a JWK

Link to this section Types

Link to this type

certificate()

View Source
certificate() :: any()
Link to this type

result()

View Source
result() :: :ok | {:error, atom()}
Link to this type

t()

View Source
t() :: %{required(String.t()) => any()}

A JSON Web Key in its map form

For instance:

%{
  "crv" => "P-256",
  "kty" => "EC",
  "x" => "6pwDpICQ8JBWdvuLuXeWILAxSEUNB_BBAswikgYKKmY",
  "y" => "fEHj1ehsIJ7PP-qon-oONl_J2yZLWpUncNRedZT7xqs"
}

Link to this section Functions

Link to this function

sig_alg_digest(map)

View Source
sig_alg_digest(t()) :: atom()

Returns the digest used by a signature algorithm of the key

Verifies a JWK

It performs the following checks:

  • verifies that the "x5c" member (if present) against:

    • the JWK key
    • the "alg" member
    • the "use" member
    • the "key_ops" member
    • the "x5t" member, if present
    • the "x5t#S256" member, if present
    • validates the certificate chain
  • verifies that the "use" and "key_ops" members are consistent
  • verifies that the "key_ops" operations are related to each other