JOSE

JOSE stands for JSON Object Signing and Encryption which is a is a set of standards established by the JOSE Working Group.

JOSE is split into 5 main components:

Additional specifications and drafts implemented:

Summary

Functions

Gets the current Cryptographic Algorithm Fallback state, defaults to false

Sets the current Cryptographic Algorithm Fallback state

Decode JSON to a term using the module returned by json_module/0

Decode a term to JSON using the module returned by json_module/0

Gets the current JSON module used by decode/1 and encode/1, see json_module/1 for default

Sets the current JSON module used by decode/1 and encode/1

Gets the current Unsecured Signing state, defaults to false

Sets the current Unsecured Signing state

Functions

crypto_fallback()

Gets the current Cryptographic Algorithm Fallback state, defaults to false.

crypto_fallback(boolean)

Sets the current Cryptographic Algorithm Fallback state.

decode(binary)

Decode JSON to a term using the module returned by json_module/0.

encode(term)

Decode a term to JSON using the module returned by json_module/0.

json_module()

Gets the current JSON module used by decode/1 and encode/1, see json_module/1 for default.

json_module(module)

Sets the current JSON module used by decode/1 and encode/1.

Currently supported JSON modules (first found is used as default):

Additional modules that implement the jose_json behavior may also be used.

unsecured_signing()

Gets the current Unsecured Signing state, defaults to false.

unsecured_signing(boolean)

Sets the current Unsecured Signing state.

Enables/disables the "none" algorithm used for signing and verifying.

See Critical vulnerabilities in JSON Web Token libraries for more information.