jose-jwt-0.4: JSON Object Signing and Encryption Library

Safe HaskellNone
LanguageHaskell2010

Jose.Jwe

Description

JWE RSA encrypted token support.

Example usage:

>>> import Jose.Jwe
>>> import Jose.Jwa
>>> import Crypto.Random.AESCtr
>>> g <- makeSystem
>>> import Crypto.PubKey.RSA
>>> let ((kPub, kPr), g') = generate g 512 65537
>>> let (Jwt jwt, g'') = rsaEncode g' RSA_OAEP A128GCM kPub "secret claims"
>>> fst $ rsaDecode g'' kPr jwt
Right (JweHeader {jweAlg = RSA_OAEP, jweEnc = A128GCM, jweTyp = Nothing, jweCty = Nothing, jweZip = Nothing, jweKid = Nothing},"secret claims")

Synopsis

Documentation

jwkEncode Source

Arguments

:: CPRG g 
=> g

Random number generator

-> JweAlg

Algorithm to use for key encryption

-> Enc

Content encryption algorithm

-> Jwk

The key to use to encrypt the content key

-> Payload

The token content (claims or nested JWT)

-> (Either JwtError Jwt, g)

The encoded JWE if successful

Create a JWE using a JWK. The key and algorithms must be consistent or an error will be returned.

rsaEncode Source

Arguments

:: CPRG g 
=> g

Random number generator

-> JweAlg

RSA algorithm to use (RSA_OAEP or RSA1_5)

-> Enc

Content encryption algorithm

-> PublicKey

RSA key to encrypt with

-> ByteString

The JWT claims (content)

-> (Jwt, g)

The encoded JWE and new generator

Creates a JWE.

rsaDecode Source

Arguments

:: CPRG g 
=> g 
-> PrivateKey

Decryption key

-> ByteString

The encoded JWE

-> (Either JwtError Jwe, g)

The decoded JWT, unless an error occurs

Decrypts a JWE.