Skip to content

kilianmh/jose

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

jose

Quicklisp dist Build Status Coverage Status

A JSON Object Signing and Encryption (JOSE) implementation for Common Lisp.

Usage

HMAC

(defvar *key* (ironclad:ascii-string-to-byte-array "my$ecret"))

(defvar *token*
  (jose:encode :hs256 *key* '(("hello" . "world"))))

*token*
;=> "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJoZWxsbyI6IndvcmxkIn0.Vr0VKL9WHX9lUPWzrE0DX4fEvl0_CgnKlzI2mWiro8E"

(jose:decode :hs256 *key* *token*)
;=> (("hello" . "world"))
;   (("alg" . "HS256") ("typ" . "JWT"))

;; Decoding without signature verification.
(jose:inspect-token *token*)
;=> (("hello" . "world"))
;   (("alg" . "HS256") ("typ" . "JWT"))
;   #(142 123 175 222 84 4 134 19 70 182 50 209 29 113 176 40 82 42 241 90 230 91
;     176 235 254 57 221 93 97 220 6 101)

RSA

For RSA algorithm, the key must be an instance of Ironclad public/private key, that can be generated with ironclad:generate-key-pair.

To read from OpenSSH key files, use cl-ssh-keys. To parse ASN.1 keys, asn1 library will help.

;; Generate a new key pairs with Ironclad
(defvar *private-key*
  (ironclad:generate-key-pair :rsa :num-bits 2048))

;; Or, read a private key file generated by OpenSSH
(defvar *private-key*
  (ssh-keys:parse-private-key-file #P"~/.ssh/id_rsa"))

(defvar *token*
  (jose:encode :rs256 *private-key* '(("hello" . "world"))))

Supported Algorithms

  • HS256
  • HS384
  • HS512
  • RS256
  • RS384
  • RS512
  • PS256
  • PS384
  • PS512
  • none

See Also

Author

Copyright

Copyright (c) 2017 Eitaro Fukamachi ([email protected])

License

Licensed under the BSD 2-Clause License.

About

A JOSE implementation

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Common Lisp 100.0%