jose: Javascript Object Signing and Encryption and JSON Web Token library

This is a package candidate release! Here you can preview how this package release will appear once published to the main package index (which can be accomplished via the 'maintain' link below). Please note that once a package has been published to the main package index it cannot be undone! Please consult the package uploading documentation for more information.

[maintain]

An implementation of the Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT; RFC 7519) formats.

The JSON Web Signature (JWS; RFC 7515) implementation is complete.

EdDSA signatures (RFC 8037) are supported (Ed25519 only).

JWK Thumbprint (RFC 7638) is supported (requires aeson >= 0.10).

JSON Web Encryption (JWE; RFC 7516) is not yet implemented.

The ECDSA implementation is vulnerable to timing attacks and should only be used for verification.


[Skip to ReadMe]

Properties

Versions0.1.26.0, 0.1.27.0, 0.2.31.0, 0.2.33.0, 0.2.38.0, 0.2.38.1, 0.3.38.0, 0.3.41.0, 0.3.41.1, 0.3.41.2, 0.4.0.0, 0.4.0.1, 0.4.0.2, 0.4.0.3, 0.4.0.4, 0.5.0.0, 0.5.0.1, 0.5.0.2, 0.5.0.3, 0.5.0.4, 0.5.0.5, 0.6.0.0, 0.6.0.1, 0.6.0.2, 0.6.0.3, 0.7.0.0, 0.8.0.0, 0.8.0.0, 0.8.1.0
Change logNone available
Dependenciesaeson (>=0.8.0.1), attoparsec, base (>=4.8 && <5), base64-bytestring (==1.0.*), bytestring (==0.10.*), concise (>=0.1), containers (>=0.5), cryptonite (>=0.7), jose, lens (>=4.3), memory (>=0.7), monad-time (>=0.1), mtl (>=2), network-uri (>=2.6), QuickCheck (>=2), quickcheck-instances, safe (>=0.3), semigroups (>=0.15), template-haskell (>=2.4), text (>=1.1), time (>=1.5), unix, unordered-containers (==0.2.*), vector, x509 (>=1.4) [details]
LicenseApache-2.0
CopyrightCopyright (C) 2013-2018 Fraser Tweedale
AuthorFraser Tweedale
Maintainerfrase@frase.id.au
CategoryCryptography
Home pagehttps://github.com/frasertweedale/hs-jose
Bug trackerhttps://github.com/frasertweedale/hs-jose/issues
Source repositoryhead: git clone https://github.com/frasertweedale/hs-jose.git
Executablesjose-example
UploadedTue Dec 18 12:35:49 UTC 2018 by frasertweedale

Modules

[Index]

Downloads

Maintainers' corner

For package maintainers and hackage trustees


Readme for jose-0.8.0.0

[back to package description]

jose - Javascript Object Signing and Encryption & JWT (JSON Web Token)

jose is a Haskell implementation of Javascript Object Signing and Encryption and JSON Web Token.

The JSON Web Signature (JWS; RFC 7515) implementation is complete. JSON Web Encryption (JWE; RFC 7516) is not yet implemented.

EdDSA signatures (RFC 8037) are supported (Ed25519 only).

JWK Thumbprint (RFC 7638) is supported (requires aeson >= 0.10).

Contributions are welcome.

Security

If you discover a security issue in this library, please email me the details, ideally with a proof of concept (frase @ frase.id.au ; PGP key).

Before reporting an issue, please note the following known vulnerabilities:

and the following known not-vulnerabilities:

Interoperability issues

The following known interoperability issues will not be addressed, so please do not open issues:

Contributing

Bug reports, patches, feature requests, code review, crypto review, examples and documentation are welcome.

If you are wondering about how or whether to implement some feature or fix, please open an issue where it can be discussed. I appreciate your efforts, but I do not wish such efforts to be misplaced.

To submit a patch, please use git send-email or open a pull request. Write a [well formed commit message]( http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). If your patch is nontrivial, update the copyright notice at the top of the modified files