Safe Haskell | None |
---|---|
Language | Haskell2010 |
JWE RSA encrypted token support.
Example usage:
>>>
import Jose.Jwe
>>>
import Jose.Jwa
>>>
import Crypto.PubKey.RSA
>>>
(kPub, kPr) <- generate 512 65537
>>>
Right (Jwt jwt) <- rsaEncode RSA_OAEP A128GCM kPub "secret claims"
>>>
rsaDecode kPr jwt
Right (JweHeader {jweAlg = RSA_OAEP, jweEnc = A128GCM, jweTyp = Nothing, jweCty = Nothing, jweZip = Nothing, jweKid = Nothing},"secret claims")
- jwkEncode :: MonadRandom m => JweAlg -> Enc -> Jwk -> Payload -> m (Either JwtError Jwt)
- jwkDecode :: MonadRandom m => Jwk -> ByteString -> m (Either JwtError JwtContent)
- rsaEncode :: MonadRandom m => JweAlg -> Enc -> PublicKey -> ByteString -> m (Either JwtError Jwt)
- rsaDecode :: MonadRandom m => PrivateKey -> ByteString -> m (Either JwtError Jwe)
Documentation
:: MonadRandom m | |
=> JweAlg | Algorithm to use for key encryption |
-> Enc | Content encryption algorithm |
-> Jwk | The key to use to encrypt the content key |
-> Payload | The token content (claims or nested JWT) |
-> m (Either JwtError Jwt) | The encoded JWE if successful |
Create a JWE using a JWK. The key and algorithms must be consistent or an error will be returned.
jwkDecode :: MonadRandom m => Jwk -> ByteString -> m (Either JwtError JwtContent) Source #
Try to decode a JWE using a JWK. If the key type does not match the content encoding algorithm, an error will be returned.
:: MonadRandom m | |
=> JweAlg | RSA algorithm to use ( |
-> Enc | Content encryption algorithm |
-> PublicKey | RSA key to encrypt with |
-> ByteString | The JWT claims (content) |
-> m (Either JwtError Jwt) | The encoded JWE |
Creates a JWE with the content key encoded using RSA.
:: MonadRandom m | |
=> PrivateKey | Decryption key |
-> ByteString | The encoded JWE |
-> m (Either JwtError Jwe) | The decoded JWT, unless an error occurs |
Decrypts a JWE.