Hello community, here is the log from the commit of package ghc-jose-jwt for openSUSE:Factory checked in at 2016-11-14 20:14:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ghc-jose-jwt (Old) and /work/SRC/openSUSE:Factory/.ghc-jose-jwt.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ghc-jose-jwt" Changes: -------- --- /work/SRC/openSUSE:Factory/ghc-jose-jwt/ghc-jose-jwt.changes 2016-11-04 20:59:30.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.ghc-jose-jwt.new/ghc-jose-jwt.changes 2016-11-14 20:14:16.000000000 +0100 @@ -1,0 +2,5 @@ +Mon Sep 26 06:51:33 UTC 2016 - [email protected] + +- Update to version 0.7.3 with cabal2obs. + +------------------------------------------------------------------- Old: ---- 1.cabal jose-jwt-0.7.tar.gz New: ---- jose-jwt-0.7.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ghc-jose-jwt.spec ++++++ --- /var/tmp/diff_new_pack.sfsSbH/_old 2016-11-14 20:14:17.000000000 +0100 +++ /var/tmp/diff_new_pack.sfsSbH/_new 2016-11-14 20:14:17.000000000 +0100 @@ -19,16 +19,14 @@ %global pkg_name jose-jwt %bcond_with tests Name: ghc-%{pkg_name} -Version: 0.7 +Version: 0.7.3 Release: 0 Summary: JSON Object Signing and Encryption Library License: BSD-3-Clause -Group: System/Libraries +Group: Development/Languages/Other Url: https://hackage.haskell.org/package/%{pkg_name} Source0: https://hackage.haskell.org/package/%{pkg_name}-%{version}/%{pkg_name}-%{version}.tar.gz -Source1: https://hackage.haskell.org/package/%{pkg_name}-%{version}/revision/1.cabal BuildRequires: ghc-Cabal-devel -# Begin cabal-rpm deps: BuildRequires: ghc-aeson-devel BuildRequires: ghc-bytestring-devel BuildRequires: ghc-cereal-devel @@ -46,11 +44,9 @@ %if %{with tests} BuildRequires: ghc-HUnit-devel BuildRequires: ghc-QuickCheck-devel -BuildRequires: ghc-aeson-qq-devel BuildRequires: ghc-doctest-devel BuildRequires: ghc-hspec-devel %endif -# End cabal-rpm deps %description An implementation of the JOSE suite of IETF standards and the closely related @@ -71,22 +67,15 @@ %prep %setup -q -n %{pkg_name}-%{version} -cp -p %{SOURCE1} %{pkg_name}.cabal - %build %ghc_lib_build - %install %ghc_lib_install - %check -%if %{with tests} -%{cabal} test -%endif - +%cabal_test %post devel %ghc_pkg_recache ++++++ jose-jwt-0.7.tar.gz -> jose-jwt-0.7.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/CHANGELOG.md new/jose-jwt-0.7.3/CHANGELOG.md --- old/jose-jwt-0.7/CHANGELOG.md 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/CHANGELOG.md 2016-09-24 13:13:36.000000000 +0200 @@ -1,3 +1,20 @@ +0.7.3 +----- + +* Add JSON test data to extra-source-files. + +0.7.2 +----- + +* Remove test dependency on aeson-qq + +0.7.1 +----- + +* Update cryptonite version to 0.19 to avoid security issues +* Fix broken benchmark code +* Better error message for invalid key length when using AES keywrap + 0.7 --- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/Jose/Internal/Crypto.hs new/jose-jwt-0.7.3/Jose/Internal/Crypto.hs --- old/jose-jwt-0.7/Jose/Internal/Crypto.hs 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/Jose/Internal/Crypto.hs 2016-06-01 20:16:46.000000000 +0200 @@ -173,8 +173,16 @@ -- Dummy type to constrain Cipher type data C c = C -initCipher :: BlockCipher c => C c -> B.ByteString -> Maybe c -initCipher _ k = maybeCryptoError $ cipherInit k +initCipher :: BlockCipher c => C c -> ByteString -> Either JwtError c +initCipher _ k = mapFail (cipherInit k) + +-- Map CryptoFailable to JwtError +mapFail :: CryptoFailable a -> Either JwtError a +mapFail (CryptoPassed a) = return a +mapFail (CryptoFailed e) = Left $ case e of + CryptoError_KeySizeInvalid -> KeyError "cipher key length is invalid" + _ -> BadCrypto + -- | Decrypt an AES encrypted message. decryptPayload :: Enc -- ^ Encryption algorithm @@ -197,14 +205,14 @@ doGCM :: BlockCipher c => C c -> Maybe ByteString doGCM c = do - cipher <- initCipher c cek + cipher <- rightToMaybe (initCipher c cek) aead <- maybeCryptoError (aeadInit AEAD_GCM cipher iv) aeadSimpleDecrypt aead aad ct (AuthTag $ BA.convert sig) doCBC :: (HashAlgorithm a, BlockCipher c) => C c -> a -> Int -> Maybe ByteString doCBC c a tagLen = do checkMac a tagLen - cipher <- initCipher c cbcEncKey + cipher <- rightToMaybe (initCipher c cbcEncKey) iv' <- makeIV iv unless (B.length ct `mod` blockSize cipher == 0) Nothing unpad $ cbcDecrypt cipher iv' ct @@ -237,13 +245,13 @@ doGCM :: BlockCipher c => C c -> Maybe (AuthTag, ByteString) doGCM c = do - cipher <- initCipher c cek + cipher <- rightToMaybe (initCipher c cek) aead <- maybeCryptoError (aeadInit AEAD_GCM cipher iv) return $ aeadSimpleEncrypt aead aad msg 16 doCBC :: (HashAlgorithm a, BlockCipher c) => C c -> a -> Int -> Maybe (AuthTag, ByteString) doCBC c a tagLen = do - cipher <- initCipher c cbcEncKey + cipher <- rightToMaybe (initCipher c cbcEncKey) iv' <- makeIV iv let ct = cbcEncrypt cipher iv' (pad msg) mac = doMac a ct @@ -271,6 +279,7 @@ padByte = fromIntegral $ 16 - lastBlockSize :: Word8 padding = B.replicate (fromIntegral padByte) padByte + -- Key wrapping and unwrapping functions -- | <https://tools.ietf.org/html/rfc3394#section-2.2.1> @@ -287,7 +296,7 @@ doKeyWrap c = do when (l < 16 || l `mod` 8 /= 0) (Left (KeyError "Invalid content key")) - cipher <- maybe (Left (KeyError "cipher initialization failed")) return $ initCipher c kek + cipher <- initCipher c kek let p = toBlocks cek (r0, r) = foldl (doRound (ecbEncrypt cipher) 1) (iv, p) [0..5] Right $ B.concat (r0 : r) @@ -322,7 +331,7 @@ doUnWrap c = do when (l < 24 || l `mod` 8 /= 0) (Left BadCrypto) - cipher <- maybe (Left BadCrypto) return $ initCipher c kek + cipher <- initCipher c kek let r = toBlocks encK (p0, p) = foldl (doRound (ecbDecrypt cipher) n) (head r, reverse (tail r)) (reverse [0..5]) unless (p0 == iv) (Left BadCrypto) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/Jose/Jwa.hs new/jose-jwt-0.7.3/Jose/Jwa.hs --- old/jose-jwt-0.7/Jose/Jwa.hs 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/Jose/Jwa.hs 2016-06-01 20:16:46.000000000 +0200 @@ -13,7 +13,6 @@ import Control.Applicative (pure) import Data.Aeson import Data.Text (Text) -import Data.Maybe (fromJust) import Data.Tuple (swap) -- | General representation of the @alg@ JWT header value. @@ -35,7 +34,7 @@ algs = [("none", Signed None), ("HS256", Signed HS256), ("HS384", Signed HS384), ("HS512", Signed HS512), ("RS256", Signed RS256), ("RS384", Signed RS384), ("RS512", Signed RS512), ("ES256", Signed ES256), ("ES384", Signed ES384), ("ES512", Signed ES512), ("RSA1_5", Encrypted RSA1_5), ("RSA-OAEP", Encrypted RSA_OAEP), ("A128KW", Encrypted A128KW), ("A192KW", Encrypted A192KW), ("A256KW", Encrypted A256KW)] algName :: Alg -> Text -algName a = fromJust $ lookup a algNames +algName a = let Just n = lookup a algNames in n algNames :: [(Alg, Text)] algNames = map swap algs @@ -44,7 +43,7 @@ encs = [("A128CBC-HS256", A128CBC_HS256), ("A256CBC-HS512", A256CBC_HS512), ("A192CBC-HS384", A192CBC_HS384), ("A128GCM", A128GCM), ("A192GCM", A192GCM), ("A256GCM", A256GCM)] encName :: Enc -> Text -encName e = fromJust $ lookup e encNames +encName e = let Just n = lookup e encNames in n encNames :: [(Enc, Text)] encNames = map swap encs diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/Jose/Jwe.hs new/jose-jwt-0.7.3/Jose/Jwe.hs --- old/jose-jwt-0.7/Jose/Jwe.hs 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/Jose/Jwe.hs 2016-06-01 20:16:46.000000000 +0200 @@ -6,12 +6,10 @@ -- -- >>> import Jose.Jwe -- >>> import Jose.Jwa --- >>> import Crypto.Random --- >>> g <- drgNew -- >>> import Crypto.PubKey.RSA --- >>> let ((kPub, kPr), g') = withDRG g (generate 512 65537) --- >>> let (Right (Jwt jwt), g'') = withDRG g' (rsaEncode RSA_OAEP A128GCM kPub "secret claims") --- >>> fst $ withDRG g'' (rsaDecode kPr jwt) +-- >>> (kPub, kPr) <- generate 512 65537 +-- >>> Right (Jwt jwt) <- rsaEncode RSA_OAEP A128GCM kPub "secret claims" +-- >>> rsaDecode kPr jwt -- Right (JweHeader {jweAlg = RSA_OAEP, jweEnc = A128GCM, jweTyp = Nothing, jweCty = Nothing, jweZip = Nothing, jweKid = Nothing},"secret claims") module Jose.Jwe diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/Jose/Jwt.hs new/jose-jwt-0.7.3/Jose/Jwt.hs --- old/jose-jwt-0.7/Jose/Jwt.hs 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/Jose/Jwt.hs 2016-09-22 19:53:29.000000000 +0200 @@ -10,12 +10,10 @@ -- >>> import Jose.Jwk -- >>> import Data.ByteString -- >>> import Data.Aeson (decodeStrict) --- >>> import Crypto.Random --- >>> g <- drgNew -- >>> let jsonJwk = "{\"kty\":\"RSA\", \"kid\":\"mykey\", \"n\":\"ofgWCuLjybRlzo0tZWJjNiuSfb4p4fAkd_wWJcyQoTbji9k0l8W26mPddxHmfHQp-Vaw-4qPCJrcS2mJPMEzP1Pt0Bm4d4QlL-yRT-SFd2lZS-pCgNMsD1W_YpRPEwOWvG6b32690r2jZ47soMZo9wGzjb_7OMg0LOL-bSf63kpaSHSXndS5z5rexMdbBYUsLA9e-KXBdQOS-UTo7WTBEMa2R2CapHg665xsmtdVMTBQY4uDZlxvb3qCo5ZwKh9kG4LT6_I5IhlJH7aGhyxXFvUK-DWNmoudF8NAco9_h9iaGNj8q2ethFkMLs91kzk2PAcDTW9gb54h4FRWyuXpoQ\", \"e\":\"AQAB\", \"d\":\"Eq5xpGnNCivDflJsRQBXHx1hdR1k6Ulwe2JZD50LpXyWPEAeP88vLNO97IjlA7_GQ5sLKMgvfTeXZx9SE-7YwVol2NXOoAJe46sui395IW_GO-pWJ1O0BkTGoVEn2bKVRUCgu-GjBVaYLU6f3l9kJfFNS3E0QbVdxzubSu3Mkqzjkn439X0M_V51gfpRLI9JYanrC4D4qAdGcopV_0ZHHzQlBjudU2QvXt4ehNYTCBr6XCLQUShb1juUO1ZdiYoFaFQT5Tw8bGUl_x_jTj3ccPDVZFD9pIuhLhBOneufuBiB4cS98l2SR_RQyGWSeWjnczT0QU91p1DhOVRuOopznQ\"}" :: ByteString -- >>> let Just jwk = decodeStrict jsonJwk :: Maybe Jwk --- >>> let (Right (Jwt jwtEncoded), g') = withDRG g $ encode [jwk] (JwsEncoding RS256) (Claims "public claims") --- >>> let (Right jwtDecoded, g'') = withDRG g' $ Jose.Jwt.decode [jwk] (Just (JwsEncoding RS256)) jwtEncoded +-- >>> Right (Jwt jwtEncoded) <- encode [jwk] (JwsEncoding RS256) (Claims "public claims") +-- >>> Right jwtDecoded <- Jose.Jwt.decode [jwk] (Just (JwsEncoding RS256)) jwtEncoded -- >>> jwtDecoded -- Jws (JwsHeader {jwsAlg = RS256, jwsTyp = Nothing, jwsCty = Nothing, jwsKid = Just (KeyId "mykey")},"public claims") @@ -27,7 +25,7 @@ ) where -import Control.Monad (when, unless, liftM) +import Control.Monad (msum, when, unless, liftM) import Control.Monad.Trans (lift) import Control.Monad.Trans.Either import qualified Crypto.PubKey.ECC.ECDSA as ECDSA @@ -35,8 +33,7 @@ import Crypto.Random (MonadRandom) import Data.Aeson (decodeStrict') import Data.ByteString (ByteString) -import Data.List (find) -import Data.Maybe (fromJust, isJust, isNothing) +import Data.Maybe (isNothing) import qualified Data.ByteString.Char8 as BC import qualified Jose.Internal.Base64 as B64 @@ -104,7 +101,9 @@ JweH h -> do unless (isNothing encoding || encoding == Just (JweEncoding (jweAlg h) (jweEnc h))) $ left (BadAlgorithm "Expected encoding doesn't match JWE header") mapM decodeWithJwe ks - maybe (left $ KeyError "None of the keys was able to decode the JWT") (return . fromJust) $ find isJust decodings + case msum decodings of + Nothing -> left $ KeyError "None of the keys was able to decode the JWT" + Just jwtContent -> return jwtContent where decodeWithJws :: MonadRandom m => Jwk -> EitherT JwtError m (Maybe JwtContent) decodeWithJws k = either (const $ return Nothing) (return . Just . Jws) $ case k of diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/benchmarks/bench.hs new/jose-jwt-0.7.3/benchmarks/bench.hs --- old/jose-jwt-0.7/benchmarks/bench.hs 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/benchmarks/bench.hs 2016-06-01 20:16:46.000000000 +0200 @@ -1,17 +1,21 @@ -{-# LANGUAGE OverloadedStrings #-} +{-# LANGUAGE OverloadedStrings, CPP #-} module Main where import Criterion.Main import Crypto.Random +import Data.Word (Word64) import Jose.Jws import Jose.Jwa import Jose.Jwt import Keys +benchRNG = drgNewTest (w, w, w, w, w) where w = 1 :: Word64 + +fstWithRNG = fst . withDRG benchRNG + main = do - rng <- cprgCreate `fmap` createEntropyPool :: IO SystemRNG let msg = "The best laid schemes o' mice and men" - rsaE a m = case fst $ rsaEncode rng a jwsRsaPrivateKey m of + rsaE a m = case fstWithRNG (rsaEncode a jwsRsaPrivateKey m) of Left _ -> error "RSA encode shouldn't fail" Right (Jwt j) -> j hmacE a m = case hmacEncode a jwsHmacKey m of @@ -21,9 +25,12 @@ defaultMain [ bgroup "JWS" [ bench "encode RSA256" $ nf (rsaE RS256) msg +#if MIN_VERSION_cryptonite(0,13,0) , bench "encode RSA384" $ nf (rsaE RS384) msg - , bench "encode RSA512" $ nf (rsaE RS384) msg +#endif + , bench "encode RSA512" $ nf (rsaE RS512) msg , bench "encode HS256" $ nf (hmacE HS256) msg + , bench "encode HS384" $ nf (hmacE HS384) msg , bench "encode HS512" $ nf (hmacE HS512) msg ] ] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/jose-jwt.cabal new/jose-jwt-0.7.3/jose-jwt.cabal --- old/jose-jwt-0.7/jose-jwt.cabal 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/jose-jwt.cabal 2016-09-24 13:12:30.000000000 +0200 @@ -1,5 +1,5 @@ Name: jose-jwt -Version: 0.7 +Version: 0.7.3 Synopsis: JSON Object Signing and Encryption Library Homepage: http://github.com/tekul/jose-jwt Bug-Reports: http://github.com/tekul/jose-jwt/issues @@ -22,6 +22,7 @@ Extra-Source-Files: CHANGELOG.md + tests/*.json -- disable doctests with -f-doctest Flag doctest @@ -30,7 +31,7 @@ Source-Repository head Type: git - Location: git://github.com/tekul/jose-jwt.git + Location: https://github.com/tekul/jose-jwt.git Library Default-Language: Haskell2010 @@ -42,12 +43,12 @@ , Jose.Internal.Base64 , Jose.Internal.Crypto Other-Modules: Jose.Types - Build-Depends: base >= 4 && < 5 + Build-Depends: base >= 4.6 && < 5 , aeson >= 0.8.0.2 , bytestring >= 0.9 , cereal >= 0.4 , containers >= 0.4 - , cryptonite >= 0.3 + , cryptonite >= 0.19 , either , memory >= 0.10 , mtl >= 2.1.3.1 @@ -66,7 +67,6 @@ Build-depends: jose-jwt , base , aeson - , aeson-qq , bytestring , cryptonite , either >= 4.0 @@ -105,5 +105,6 @@ , base , bytestring , criterion + , cryptonite - Ghc-Options: -Wall -O2 + Ghc-Options: -Wall -fno-warn-missing-signatures diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/tests/Tests/JweSpec.hs new/jose-jwt-0.7.3/tests/Tests/JweSpec.hs --- old/jose-jwt-0.7/tests/Tests/JweSpec.hs 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/tests/Tests/JweSpec.hs 2016-06-01 20:16:46.000000000 +0200 @@ -6,7 +6,6 @@ import Control.Applicative import Data.Aeson (decodeStrict') import Data.Bits (xor) -import Data.Maybe (fromJust) import Data.Word (Word8, Word64) import qualified Data.ByteArray as BA import qualified Data.ByteString as B @@ -133,7 +132,7 @@ it "padded msg is always a multiple of 16" $ property $ \s -> B.length (pad (B.pack s)) `mod` 16 == 0 it "unpad is the inverse of pad" $ property $ - \s -> let msg = B.pack s in (fromJust . unpad . pad) msg == msg + \s -> let msg = B.pack s in (unpad . pad) msg == Just msg it "jwe decode/decode returns the original payload" $ property jweRoundTrip context "miscellaneous tests" $ do @@ -148,7 +147,7 @@ jweRoundTrip :: RNG -> JWEAlgs -> [Word8] -> Bool jweRoundTrip g (JWEAlgs a e) msg = encodeDecode == Right (Jwe (defJweHdr {jweAlg = a, jweEnc = e}, bs)) where - jwks = map (fromJust . decodeStrict') [a1jwk, a2jwk, a3jwk] + jwks = [a1jwk, a2jwk, a3jwk] >>= \j -> let Just jwk = decodeStrict' j in [jwk] bs = B.pack msg encodeDecode = fst (withDRG blinderRNG (decode jwks Nothing encoded)) Right encoded = unJwt <$> fst (withDRG g (encode jwks (JweEncoding a e) (Claims bs))) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/tests/Tests/JwkSpec.hs new/jose-jwt-0.7.3/tests/Tests/JwkSpec.hs --- old/jose-jwt-0.7/tests/Tests/JwkSpec.hs 2015-10-14 20:05:12.000000000 +0200 +++ new/jose-jwt-0.7.3/tests/Tests/JwkSpec.hs 2016-09-23 14:56:41.000000000 +0200 @@ -1,4 +1,4 @@ -{-# LANGUAGE OverloadedStrings, QuasiQuotes #-} +{-# LANGUAGE OverloadedStrings #-} module Tests.JwkSpec where @@ -6,8 +6,7 @@ import Test.HUnit hiding (Test) import Data.Aeson -import Data.Aeson.QQ -import qualified Data.ByteString.Char8 () +import qualified Data.ByteString.Char8 as B import qualified Data.HashMap.Strict as H import Data.Word (Word64) import qualified Data.Vector as V @@ -19,30 +18,14 @@ import Jose.Jwk import Jose.Jwa --- Some JSON keys to decode -- TODO: Support for {"kty": "oct", "alg": "A128KW", "k":"GawgguFyGrWKav7AX4VKUg"} -keySet :: Object -Object keySet = [aesonQQ| - { "keys" : - [ {"use": "enc", "n": "vnifEgZCnBxY5UDt3TJXp3_mNv92VWwHoc3B2oCuzgpgNyBwbBVIu3ScaflvQlntSgfo9VHiu16IqPuCOL4FjcY2RUZY7zizUZ2hFmmMThyx4HfTcDMNFOnetB1mKVUQ3gBOFjdnnj9auO4EK22xRcdB704XhES1TtYIiCxxfPOYBysCDHYcR-0KKjUPyXyhBGFoxiUrYP-c14Pf-aKWgNDqVlYlqayw9JHN4QVeJm8M5DHiPOtxO096Mc-5-X5NwXFMTzjywFWzkbFy7XmJj6BDmmh8-WUOBK1a9gy4zTysL9HfNhJIqi3BJUtLM_x2t-ISROm-Ud3y-4xgavXBTw", "e": "AQAB", "kty": "RSA", "kid": "a0"} - , {"use": "sig", "n": "o9kJbxD1SgwrV_ottw7oHxxkjw83AuRrYbq8PzXDfhmvqvRHjhAOEGk1qDUbI8tkWzXsTuy-0UAvI9Xt3Qqmmk1MSkAx6K355_J1ofTafH5VrtPavC7HMVnz1zDebgwJH869jWHFghzL0Nr32zq4_V-gpt-zugKFpQi_LA9dtuAjcSTCMnDzTMw4WrMbzNOm90q0CkJCrWe6xM9z4Q_GCPgb2S4lsd5iNdtus9pG104wFAkgY7BXNP3hatYa1UVkAQdWMYyQATs6HMBZF4Ljf-upU9ic_vGwTGgunvQ7z29yrAFWaZQ-EqjYUnvQlmPFqMaNxg3TkPIgntqvZOdW_w", "e": "AQAB", "kty": "RSA", "kid": "a1"} - , {"use": "sig", "crv": "P-256", "kty": "EC", "y": "kgFS_XvVOyuS41mBzmwJa-ik8Cy4rvM3uFncxmi_-Y8", "x": "bjX_T6O5OUW6WALJ173CH34TfzK9zEHycFT6KMWDnow", "kid": "a2"} - , {"use": "enc", "crv": "P-256", "kty": "EC", "y": "zcOqE_LYsPTf7a9FOFpJiwK2ZQuUmoNLdsY7BRTICN0", "x": "6eXHDpNoiUaAR5Cle6rfmrVgksSagyi8fzvLF1kedKc", "kid": "a3"} - , {"kty": "oct", "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow", "kid":"HMAC key used in JWS A.1 example"} - , {"kty":"EC", "crv":"P-256", "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", "use":"enc", "kid":"1"} - , {"kty":"RSA", "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e":"AQAB", "alg":"RS256", "kid":"2015-05-16T18:00:14.259Z"} - , {"kty":"EC", "crv":"P-256", "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE", "use":"enc", "kid":"1"} - , {"kty":"RSA", "n":"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e":"AQAB", "d":"X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q", "p":"83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPVnwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqVWlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs", "q":"3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyumqjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgxkIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk", "dp":"G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0", "dq":"s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk", "qi":"GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU", "alg":"RS256", "kid":"2015-05-16T18:00:14.259Z"} - ] - } -|] - - spec :: Spec spec = do - let Success s@(JwkSet _) = fromJSON (Object keySet) :: Result JwkSet - Just s' = decode' (encode s) :: Maybe JwkSet - Just s'' = decode' (encode s) :: Maybe JwkSet + jwkFile <- runIO (B.readFile "tests/jwks.json") + let Just (Object keySet) = decodeStrict jwkFile + Success s = fromJSON (Object keySet) :: Result JwkSet + Just s' = decode (encode s) + Just s'' = decode' (encode s') kss = keys s' k0 = head kss k1 = kss !! 1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jose-jwt-0.7/tests/jwks.json new/jose-jwt-0.7.3/tests/jwks.json --- old/jose-jwt-0.7/tests/jwks.json 1970-01-01 01:00:00.000000000 +0100 +++ new/jose-jwt-0.7.3/tests/jwks.json 2016-09-23 14:44:29.000000000 +0200 @@ -0,0 +1,12 @@ +{ "keys" : + [ {"use": "enc", "n": "vnifEgZCnBxY5UDt3TJXp3_mNv92VWwHoc3B2oCuzgpgNyBwbBVIu3ScaflvQlntSgfo9VHiu16IqPuCOL4FjcY2RUZY7zizUZ2hFmmMThyx4HfTcDMNFOnetB1mKVUQ3gBOFjdnnj9auO4EK22xRcdB704XhES1TtYIiCxxfPOYBysCDHYcR-0KKjUPyXyhBGFoxiUrYP-c14Pf-aKWgNDqVlYlqayw9JHN4QVeJm8M5DHiPOtxO096Mc-5-X5NwXFMTzjywFWzkbFy7XmJj6BDmmh8-WUOBK1a9gy4zTysL9HfNhJIqi3BJUtLM_x2t-ISROm-Ud3y-4xgavXBTw", "e": "AQAB", "kty": "RSA", "kid": "a0"} + , {"use": "sig", "n": "o9kJbxD1SgwrV_ottw7oHxxkjw83AuRrYbq8PzXDfhmvqvRHjhAOEGk1qDUbI8tkWzXsTuy-0UAvI9Xt3Qqmmk1MSkAx6K355_J1ofTafH5VrtPavC7HMVnz1zDebgwJH869jWHFghzL0Nr32zq4_V-gpt-zugKFpQi_LA9dtuAjcSTCMnDzTMw4WrMbzNOm90q0CkJCrWe6xM9z4Q_GCPgb2S4lsd5iNdtus9pG104wFAkgY7BXNP3hatYa1UVkAQdWMYyQATs6HMBZF4Ljf-upU9ic_vGwTGgunvQ7z29yrAFWaZQ-EqjYUnvQlmPFqMaNxg3TkPIgntqvZOdW_w", "e": "AQAB", "kty": "RSA", "kid": "a1"} + , {"use": "sig", "crv": "P-256", "kty": "EC", "y": "kgFS_XvVOyuS41mBzmwJa-ik8Cy4rvM3uFncxmi_-Y8", "x": "bjX_T6O5OUW6WALJ173CH34TfzK9zEHycFT6KMWDnow", "kid": "a2"} + , {"use": "enc", "crv": "P-256", "kty": "EC", "y": "zcOqE_LYsPTf7a9FOFpJiwK2ZQuUmoNLdsY7BRTICN0", "x": "6eXHDpNoiUaAR5Cle6rfmrVgksSagyi8fzvLF1kedKc", "kid": "a3"} + , {"kty": "oct", "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow", "kid":"HMAC key used in JWS A.1 example"} + , {"kty":"EC", "crv":"P-256", "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", "use":"enc", "kid":"1"} + , {"kty":"RSA", "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e":"AQAB", "alg":"RS256", "kid":"2015-05-16T18:00:14.259Z"} + , {"kty":"EC", "crv":"P-256", "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE", "use":"enc", "kid":"1"} + , {"kty":"RSA", "n":"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMstn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbISD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", "e":"AQAB", "d":"X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqijwp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d_cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBznbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFzme1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q", "p":"83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPVnwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqVWlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs", "q":"3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyumqjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgxkIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk", "dp":"G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0", "dq":"s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk", "qi":"GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU", "alg":"RS256", "kid":"2015-05-16T18:00:14.259Z"} + ] +}
