jose is a Haskell implementation of JSON Object Signing and Encryption (JOSE) and JSON Web Token (JWT).
The JSON Web Signature (JWS; RFC 7515) implementation is complete. JSON Web Encryption (JWE; RFC 7516) is not yet implemented.
EdDSA signatures (RFC 8037) and secp256k1 signatures (RFC 8812) are supported.
JWK Thumbprint (RFC 7638) is supported.
Contributions are welcome.
If you discover a security issue in this library, please email me
the details, ideally with a proof of concept (frase @ frase.id.au
; PGP key).
Before reporting an issue, please note the following known vulnerabilities:
and the following known not-vulnerabilities:
The library is not vulnerable to JWS algorithm substitution attacks. Haskell's type system excludes this attack.
The default JWS validation settings reject the "none"
algorithm, as required by RFC 7518.
The library is not vulnerable to ECDH invalid curve attacks because JWE is not implemented.
The following known interoperability issues will not be addressed, so please do not open issues:
Some JOSE tools and libraries permit the use of short keys, in violation of the RFCs. This implementation rejects JWS or JWT objects minted with short keys, as required by the RFCs.
The Auth0 software produces objects with an invalid "x5t"
parameter.
The datum should be a base64url-encoded SHA-1 digest, but Auth0
produces a base64url-encoded hex-encoded SHA-1 digest. The object
can be repaired
(example)
so that this library will admit it, unless the offending parameter
is part of the JWS Protected Header in which case you are out of
luck (until Auth0 bring their implementation into compliance).
JWKs with leading null bytes in the RSA "n"
parameter (a
violation of RFC
7518) have been
seen in the
wild. This
library rejects nonconformant JWKs. If you know which
programs/libraries produce such objects, please file bugs against
them. It is straightforward to repair these keys:
base64url-decode the offending parameter, drop the leading null
byte, base64url-encode again then update the JSON object.
Bug reports, patches, feature requests, code review, crypto review, examples and documentation are welcome.
If you are wondering about how or whether to implement some feature or fix, please open an issue where it can be discussed. I appreciate your efforts, but I do not wish such efforts to be misplaced.
To submit a patch, please use git send-email
or open a pull
request. Write a well formed commit message.
If your patch is nontrivial, update the copyright notice at the top
of the modified files.