Open hasufell opened 2 years ago
frasertweedale
commented
2 years ago Is there an alternative library that provides all the primitives JOSE needs?
That's the first question. Even if there is, it would be a huge undertaking to implement. I would need to be paid (how much, I don't know, I can only scope the work after I see the interface of the library(/ies) that offer all the types and primitives needed).
hasufell
commented
2 years ago Is there an alternative library that provides all the primitives JOSE needs?
Probably the only one is https://hackage.haskell.org/package/HsOpenSSL
What primitives does JOSE need exactly?
frasertweedale
commented
2 years ago For JWS & signed JWT:
HsOpenSSL at this time seems only to support RSASSA-PKCS1v1.5 and HMAC (with all relevant digests). It also seems to be quite a nuisance to load keys (I might have missed something though).
What features and algorithms do you need?
If your company is willing to pay, please reach out and we can discuss in more detail (see my git commits for email address to use).
I don't want to use cryptonite and other related libraries. There's some discussion about that here: https://mail.haskell.org/pipermail/libraries/2020-August/030671.html
So... can someone say if there's a way to switch out cryptonite for something else and maybe put it behind a cabal flag?