jose: Javascript Object Signing and Encryption and JSON Web Token library

[ apache, cryptography, library ] [ Propose Tags ]

An implementation of the Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT; RFC 7519) formats.

The JSON Web Signature (JWS; RFC 7515) implementation is complete. JSON Web Encryption (JWE; RFC 7516) is not yet implemented.

All JWS algorithms (HMAC, ECDSA, RSASSA-PKCS-v1_5 and RSASSA-PSS) are implemented, however, the ECDSA implementation is is vulnerable to timing attacks and should therefore only be used for JWS verification.

The Crypto.JOSE.Legacy module is provided for working with the Mozilla Persona (formerly BrowserID) key format. Only RSA keys are supported - DSA keys cannot be used and must be handled as opaque objects.


[Skip to Readme]

Downloads

Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

  • No Candidates
Versions [RSS] 0.1.26.0, 0.1.27.0, 0.2.31.0, 0.2.33.0, 0.2.38.0, 0.2.38.1, 0.3.38.0, 0.3.41.0, 0.3.41.1, 0.3.41.2, 0.4.0.0, 0.4.0.1, 0.4.0.2, 0.4.0.3, 0.4.0.4, 0.5.0.0, 0.5.0.1, 0.5.0.2, 0.5.0.3, 0.5.0.4, 0.5.0.5, 0.6.0.0, 0.6.0.1, 0.6.0.2, 0.6.0.3, 0.7.0.0, 0.8.0.0, 0.8.1.0, 0.8.2.0, 0.8.2.1, 0.8.3, 0.8.3.1, 0.8.4, 0.8.4.1, 0.8.5, 0.8.5.1, 0.9, 0.10, 0.10.0.1, 0.11
Dependencies aeson (>=0.8.0.1), attoparsec, base (>=4.8 && <4.13), base64-bytestring (>=1.0 && <1.1), byteable (>=0.1 && <0.2), bytestring (>=0.10 && <0.11), containers (>=0.5), cryptonite (>=0.7), jose, lens (>=4.3), memory (>=0.7), monad-time (>=0.1), mtl (>=2), network-uri (>=2.6), QuickCheck (>=2), quickcheck-instances, safe (>=0.3), semigroups (>=0.15), template-haskell (>=2.4), text (>=1.1), time (>=1.5), unordered-containers (>=0.2 && <0.3), vector, x509 (>=1.4) [details]
License Apache-2.0
Copyright Copyright (C) 2013, 2014, 2015, 2016 Fraser Tweedale
Author Fraser Tweedale
Maintainer frase@frase.id.au
Revised Revision 1 made by phadej at 2020-04-14T14:54:10Z
Category Cryptography
Home page https://github.com/frasertweedale/hs-jose
Bug tracker https://github.com/frasertweedale/hs-jose/issues
Source repo head: git clone https://github.com/frasertweedale/hs-jose.git
Uploaded by frasertweedale at 2017-07-18T13:21:42Z
Distributions Arch:0.10, LTSHaskell:0.11, NixOS:0.11, Stackage:0.11
Reverse Dependencies 21 direct, 23 indirect [details]
Executables example
Downloads 34521 total (237 in the last 30 days)
Rating 1.75 (votes: 2) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2017-07-18 [all 1 reports]

Readme for jose-0.5.0.5

[back to package description]

jose - Javascript Object Signing and Encryption & JWT (JSON Web Token)

jose is a Haskell implementation of Javascript Object Signing and Encryption and JSON Web Token.

Encryption (JWE) is not supported but signing is supported. All key types and algorithms are supported, however, EC signing is currently vulnerable to timing attacks therefore its use is strongly discouraged (EC validation is safe).

Contributions are welcome.