VOOZH about

URL: https://hackage.haskell.org/package/jose

⇱ jose: JSON Object Signing and Encryption (JOSE) and JSON Web Token (JWT) library

Hackage :: [Package]

jose: JSON Object Signing and Encryption (JOSE) and JSON Web Token (JWT) library

[ apache, cryptography, library ] [ Propose Tags ] [ Report a vulnerability ]

Implementation of JSON Object Signing and Encryption (JOSE) and JSON Web Token (JWT; RFC 7519).

The JSON Web Signature (JWS; RFC 7515) implementation is complete.

EdDSA signatures (RFC 8037) and secp256k1 (RFC 8812) are supported.

JWK Thumbprint (RFC 7638) is supported.

JSON Web Encryption (JWE; RFC 7516) is not yet implemented.

The ECDSA implementation is vulnerable to timing attacks and should only be used for verification.

[Skip to Readme]
👁 Image
👁 Image

Modules

[Index] [Quick Jump]

Flags

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Candidates

  • No Candidates
Versions [RSS] 0.1.26.0, 0.1.27.0, 0.2.31.0, 0.2.33.0, 0.2.38.0, 0.2.38.1, 0.3.38.0, 0.3.41.0, 0.3.41.1, 0.3.41.2, 0.4.0.0, 0.4.0.1, 0.4.0.2, 0.4.0.3, 0.4.0.4, 0.5.0.0, 0.5.0.1, 0.5.0.2, 0.5.0.3, 0.5.0.4, 0.5.0.5, 0.6.0.0, 0.6.0.1, 0.6.0.2, 0.6.0.3, 0.7.0.0, 0.8.0.0, 0.8.1.0, 0.8.2.0, 0.8.2.1, 0.8.3, 0.8.3.1, 0.8.4, 0.8.4.1, 0.8.5, 0.8.5.1, 0.9, 0.10, 0.10.0.1, 0.11, 0.12, 0.13
Change log CHANGELOG.md
Dependencies aeson (>=2.0.1.0 && <3), base (>=4.18 && <5), base64-bytestring (>=1.2.1.0 && <1.3), bytestring (>=0.10 && <0.13), concise (>=0.1), containers (>=0.5.8), crypton (>=1.1.0), crypton-x509 (>=1.7.6), jose, lens (>=4.16), monad-time (>=0.4), mtl (>=2.2.1), network-uri (>=2.6), ram (>=0.19), template-haskell (>=2.12), text (>=1.1), time (>=1.5), unix [details]
Tested with ghc ==9.6.7 || ==9.8.4 || ==9.10.3 || ==9.12.4 || ==9.14.1
License Apache-2.0
Copyright Copyright (C) 2013-2025 Fraser Tweedale
Author Fraser Tweedale
Maintainer frase@frase.id.au
Uploaded by frasertweedale at 2026-06-06T14:52:11Z
Category Cryptography
Home page https://github.com/frasertweedale/hs-jose
Bug tracker https://github.com/frasertweedale/hs-jose/issues
Source repo head: git clone https://github.com/frasertweedale/hs-jose.git
Distributions Arch:0.10.0.1, LTSHaskell:0.11, Stackage:0.12
Reverse Dependencies 27 direct, 26 indirect []
Executables jose-example
Downloads 38078 total (109 in the last 30 days)
Rating 1.75 (votes: 2) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs available [build log]
Last success reported on 2026-06-06 [all 1 reports]

Readme for jose-0.13

[back to package description]

jose - JSON Object Signing and Encryption & JWT (JSON Web Token)

jose is a Haskell implementation of JSON Object Signing and Encryption (JOSE) and JSON Web Token (JWT).

The JSON Web Signature (JWS; RFC 7515) implementation is complete. JSON Web Encryption (JWE; RFC 7516) is not yet implemented.

EdDSA signatures (RFC 8037) and secp256k1 signatures (RFC 8812) are supported.

JWK Thumbprint (RFC 7638) is supported.

Contributions are welcome.

Security

If you discover a security issue in this library, please email me the details, ideally with a proof of concept (frase @ frase.id.au ; PGP key).

Before reporting an issue, please note the following known vulnerabilities:

  • The ECDSA implementation is vulnerable to timing attacks and should therefore only be used for verification.

and the following known not-vulnerabilities:

Interoperability issues

The following known interoperability issues will not be addressed, so please do not open issues:

  • Some JOSE tools and libraries permit the use of short keys, in violation of the RFCs. This implementation rejects JWS or JWT objects minted with short keys, as required by the RFCs.

  • The Auth0 software produces objects with an invalid "x5t" parameter. The datum should be a base64url-encoded SHA-1 digest, but Auth0 produces a base64url-encoded hex-encoded SHA-1 digest. The object can be repaired (example) so that this library will admit it, unless the offending parameter is part of the JWS Protected Header in which case you are out of luck (until Auth0 bring their implementation into compliance).

  • JWKs with leading null bytes in the RSA "n" parameter (a violation of RFC 7518) have been seen in the wild. This library rejects nonconformant JWKs. If you know which programs/libraries produce such objects, please file bugs against them. It is straightforward to repair these keys: base64url-decode the offending parameter, drop the leading null byte, base64url-encode again then update the JSON object.

Contributing

Bug reports, patches, feature requests, code review, crypto review, examples and documentation are welcome.

If you are wondering about how or whether to implement some feature or fix, please open an issue where it can be discussed. I appreciate your efforts, but I do not wish such efforts to be misplaced.

To submit a patch, please use git send-email or open a pull request. Write a well formed commit message. If your patch is nontrivial, update the copyright notice at the top of the modified files.

Produced by hackage and Cabal 3.16.1.0.