JOSE
JOSE stands for JSON Object Signing and Encryption which is a is a set of standards established by the JOSE Working Group.
JOSE is split into 5 main components:
JOSE.JWA
- JSON Web Algorithms (JWA) RFC 7518JOSE.JWE
- JSON Web Encryption (JWE) RFC 7516JOSE.JWK
- JSON Web Key (JWK) RFC 7517JOSE.JWS
- JSON Web Signature (JWS) RFC 7515JOSE.JWT
- JSON Web Token (JWT) RFC 7519
Additional specifications and drafts implemented:
- JSON Web Key (JWK) Thumbprint RFC 7638
- JWS Unencoded Payload Option draft-ietf-jose-jws-signing-input-options-04
Summary
Functions
Gets the current Cryptographic Algorithm Fallback state, defaults to false
Sets the current Cryptographic Algorithm Fallback state
Decode JSON to a term using the module returned by json_module/0
Decode a term to JSON using the module returned by json_module/0
Gets the current JSON module used by decode/1
and encode/1
, see json_module/1
for default
Gets the current Unsecured Signing state, defaults to false
Sets the current Unsecured Signing state
Functions
Decode JSON to a term using the module returned by json_module/0
.
Decode a term to JSON using the module returned by json_module/0
.
Gets the current JSON module used by decode/1
and encode/1
, see json_module/1
for default.
Sets the current JSON module used by decode/1
and encode/1
.
Currently supported JSON modules (first found is used as default):
Additional modules that implement the jose_json
behavior may also be used.
Sets the current Unsecured Signing state.
Enables/disables the "none"
algorithm used for signing and verifying.
See Critical vulnerabilities in JSON Web Token libraries for more information.