Rhonabwy
Javascript Object Signing and Encryption (JOSE) library - JWK, JWKS, JWS, JWE and JWT
Functions
JWE functions

Functions

int r_jwe_set_properties (jwe_t *jwe,...)
 
jwe_tr_jwe_copy (jwe_t *jwe)
 
int r_jwe_set_payload (jwe_t *jwe, const unsigned char *payload, size_t payload_len)
 
const unsigned char * r_jwe_get_payload (jwe_t *jwe, size_t *payload_len)
 
int r_jwe_set_alg (jwe_t *jwe, jwa_alg alg)
 
jwa_alg r_jwe_get_alg (jwe_t *jwe)
 
int r_jwe_set_enc (jwe_t *jwe, jwa_enc enc)
 
jwa_enc r_jwe_get_enc (jwe_t *jwe)
 
const char * r_jwe_get_kid (jwe_t *jwe)
 
int r_jwe_set_header_str_value (jwe_t *jwe, const char *key, const char *str_value)
 
int r_jwe_set_header_int_value (jwe_t *jwe, const char *key, rhn_int_t i_value)
 
int r_jwe_set_header_json_t_value (jwe_t *jwe, const char *key, json_t *j_value)
 
int r_jwe_set_full_header_json_t (jwe_t *jwe, json_t *j_header)
 
int r_jwe_set_full_header_json_str (jwe_t *jwe, const char *str_header)
 
int r_jwe_set_full_unprotected_header_json_t (jwe_t *jwe, json_t *j_unprotected_header)
 
int r_jwe_set_full_unprotected_header_json_str (jwe_t *jwe, const char *str_unprotected_header)
 
json_t * r_jwe_get_full_unprotected_header_json_t (jwe_t *jwe)
 
char * r_jwe_get_full_unprotected_header_str (jwe_t *jwe)
 
const char * r_jwe_get_header_str_value (jwe_t *jwe, const char *key)
 
rhn_int_t r_jwe_get_header_int_value (jwe_t *jwe, const char *key)
 
json_t * r_jwe_get_header_json_t_value (jwe_t *jwe, const char *key)
 
json_t * r_jwe_get_full_header_json_t (jwe_t *jwe)
 
char * r_jwe_get_full_header_str (jwe_t *jwe)
 
int r_jwe_add_keys (jwe_t *jwe, jwk_t *jwk_privkey, jwk_t *jwk_pubkey)
 
int r_jwe_add_jwks (jwe_t *jwe, jwks_t *jwks_privkey, jwks_t *jwks_pubkey)
 
int r_jwe_add_keys_json_str (jwe_t *jwe, const char *privkey, const char *pubkey)
 
int r_jwe_add_keys_json_t (jwe_t *jwe, json_t *privkey, json_t *pubkey)
 
int r_jwe_add_keys_pem_der (jwe_t *jwe, int format, const unsigned char *privkey, size_t privkey_len, const unsigned char *pubkey, size_t pubkey_len)
 
int r_jwe_add_keys_gnutls (jwe_t *jwe, gnutls_privkey_t privkey, gnutls_pubkey_t pubkey)
 
int r_jwe_add_key_symmetric (jwe_t *jwe, const unsigned char *key, size_t key_len)
 
jwks_tr_jwe_get_jwks_privkey (jwe_t *jwe)
 
jwks_tr_jwe_get_jwks_pubkey (jwe_t *jwe)
 
int r_jwe_set_cypher_key (jwe_t *jwe, const unsigned char *key, size_t key_len)
 
const unsigned char * r_jwe_get_cypher_key (jwe_t *jwe, size_t *key_len)
 
int r_jwe_generate_cypher_key (jwe_t *jwe)
 
int r_jwe_set_iv (jwe_t *jwe, const unsigned char *iv, size_t iv_len)
 
const unsigned char * r_jwe_get_iv (jwe_t *jwe, size_t *iv_len)
 
int r_jwe_generate_iv (jwe_t *jwe)
 
int r_jwe_set_aad (jwe_t *jwe, const unsigned char *aad, size_t aad_len)
 
const unsigned char * r_jwe_get_aad (jwe_t *jwe, size_t *aad_len)
 
int r_jwe_encrypt_payload (jwe_t *jwe)
 
int r_jwe_decrypt_payload (jwe_t *jwe)
 
int r_jwe_encrypt_key (jwe_t *jwe, jwk_t *jwk_pubkey, int x5u_flags)
 
int r_jwe_decrypt_key (jwe_t *jwe, jwk_t *jwk_privkey, int x5u_flags)
 
int r_jwe_parse (jwe_t *jwe, const char *jwe_str, int x5u_flags)
 
int r_jwe_parsen (jwe_t *jwe, const char *jwe_str, size_t jwe_str_len, int x5u_flags)
 
int r_jwe_advanced_parse (jwe_t *jwe, const char *jwe_str, uint32_t parse_flags, int x5u_flags)
 
int r_jwe_advanced_parsen (jwe_t *jwe, const char *jwe_str, size_t jwe_str_len, uint32_t parse_flags, int x5u_flags)
 
int r_jwe_compact_parse (jwe_t *jwe, const char *jwe_str, int x5u_flags)
 
int r_jwe_compact_parsen (jwe_t *jwe, const char *jwe_str, size_t jwe_str_len, int x5u_flags)
 
int r_jwe_advanced_compact_parse (jwe_t *jwe, const char *jwe_str, uint32_t parse_flags, int x5u_flags)
 
int r_jwe_advanced_compact_parsen (jwe_t *jwe, const char *jwe_str, size_t jwe_str_len, uint32_t parse_flags, int x5u_flags)
 
int r_jwe_parse_json_str (jwe_t *jwe, const char *jwe_json_str, int x5u_flags)
 
int r_jwe_parsen_json_str (jwe_t *jwe, const char *jwe_json_str, size_t jwe_json_str_len, int x5u_flags)
 
int r_jwe_parse_json_t (jwe_t *jwe, json_t *jwe_json, int x5u_flags)
 
int r_jwe_advanced_parse_json_str (jwe_t *jwe, const char *jwe_json_str, uint32_t parse_flags, int x5u_flags)
 
int r_jwe_advanced_parsen_json_str (jwe_t *jwe, const char *jwe_json_str, size_t jwe_json_str_len, uint32_t parse_flags, int x5u_flags)
 
int r_jwe_advanced_parse_json_t (jwe_t *jwe, json_t *jwe_json, uint32_t parse_flags, int x5u_flags)
 
jwe_tr_jwe_quick_parse (const char *jwe_str, uint32_t parse_flags, int x5u_flags)
 
jwe_tr_jwe_quick_parsen (const char *jwe_str, size_t jwe_str_len, uint32_t parse_flags, int x5u_flags)
 
int r_jwe_decrypt (jwe_t *jwe, jwk_t *jwk_privkey, int x5u_flags)
 
char * r_jwe_serialize (jwe_t *jwe, jwk_t *jwk_pubkey, int x5u_flags)
 
char * r_jwe_serialize_json_str (jwe_t *jwe, jwks_t *jwks_pubkey, int x5u_flags, int mode)
 
json_t * r_jwe_serialize_json_t (jwe_t *jwe, jwks_t *jwks_pubkey, int x5u_flags, int mode)
 

Detailed Description

Manage JSON Web Encryption

Function Documentation

◆ r_jwe_add_jwks()

int r_jwe_add_jwks ( jwe_t jwe,
jwks_t jwks_privkey,
jwks_t jwks_pubkey 
)

Adds private and/or public keys sets for the cypher key encryption and decryption

Parameters
jwethe jwe_t to update
jwks_privkeythe private key set in jwks_t * format, can be NULL
jwks_pubkeythe public key set in jwks_t * format, can be NULL
Returns
RHN_OK on success, an error value on error

◆ r_jwe_add_key_symmetric()

int r_jwe_add_key_symmetric ( jwe_t jwe,
const unsigned char *  key,
size_t  key_len 
)

Add symmetric key by value to perform encryption ot decryption

Parameters
jwethe jwe_t to update
keythe raw key value
key_lenthe length of the key
Returns
RHN_OK on success, an error value on error

◆ r_jwe_add_keys()

int r_jwe_add_keys ( jwe_t jwe,
jwk_t jwk_privkey,
jwk_t jwk_pubkey 
)

Adds private and/or public keys for the cypher key encryption and decryption

Parameters
jwethe jwe_t to update
jwk_privkeythe private key in jwk_t * format, can be NULL
jwk_pubkeythe public key in jwk_t * format, can be NULL
Returns
RHN_OK on success, an error value on error

◆ r_jwe_add_keys_gnutls()

int r_jwe_add_keys_gnutls ( jwe_t jwe,
gnutls_privkey_t  privkey,
gnutls_pubkey_t  pubkey 
)

Add keys to perform encryption ot decryption keys must be gnutls key structures

Parameters
jwethe jwe_t to update
privkeythe private key to enc the
pubkeythe public key to verify the encature
Returns
RHN_OK on success, an error value on error

◆ r_jwe_add_keys_json_str()

int r_jwe_add_keys_json_str ( jwe_t jwe,
const char *  privkey,
const char *  pubkey 
)

Add keys to perform encryption ot decryption keys must be a JWK stringified

Parameters
jwethe jwe_t to update
privkeythe private key to enc the
pubkeythe public key to verify the encature
Returns
RHN_OK on success, an error value on error

◆ r_jwe_add_keys_json_t()

int r_jwe_add_keys_json_t ( jwe_t jwe,
json_t *  privkey,
json_t *  pubkey 
)

Add keys to perform encryption ot decryption keys must be a JWK in json_t * format

Parameters
jwethe jwe_t to update
privkeythe private key to enc the
pubkeythe public key to verify the encature
Returns
RHN_OK on success, an error value on error

◆ r_jwe_add_keys_pem_der()

int r_jwe_add_keys_pem_der ( jwe_t jwe,
int  format,
const unsigned char *  privkey,
size_t  privkey_len,
const unsigned char *  pubkey,
size_t  pubkey_len 
)

Add keys to perform encryption ot decryption keys must be in PEM or DER format

Parameters
jwethe jwe_t to update
formatthe format of the input, values available are R_FORMAT_PEM or R_FORMAT_DER
privkeythe private key to sign the
privkey_lenlength of privkey
pubkeythe public key to verify the signature
pubkey_lenlength of pubkey
Returns
RHN_OK on success, an error value on error

◆ r_jwe_advanced_compact_parse()

int r_jwe_advanced_compact_parse ( jwe_t jwe,
const char *  jwe_str,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the JWE in compact mode (xxx.yyy.zzz.aaa.bbb)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse, must end with a NULL string terminator
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_advanced_compact_parsen()

int r_jwe_advanced_compact_parsen ( jwe_t jwe,
const char *  jwe_str,
size_t  jwe_str_len,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the JWE in compact mode (xxx.yyy.zzz.aaa.bbb)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse
jwe_str_lenthe length of jwe_str
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_advanced_parse()

int r_jwe_advanced_parse ( jwe_t jwe,
const char *  jwe_str,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the JWE in all modes (compact, flattened or general)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse, must end with a NULL string terminator
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_advanced_parse_json_str()

int r_jwe_advanced_parse_json_str ( jwe_t jwe,
const char *  jwe_json_str,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the serialized JWE in JSON mode, general or flattened

Parameters
jwethe jwe_t to update
jwe_json_strthe serialized JWE to parse in char * format, must end with a NULL string terminator
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_advanced_parse_json_t()

int r_jwe_advanced_parse_json_t ( jwe_t jwe,
json_t *  jwe_json,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the serialized JWE in JSON mode, general or flattened

Parameters
jwethe jwe_t to update
jwe_jsonthe serialized JWE to parse in json_t * format
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_advanced_parsen()

int r_jwe_advanced_parsen ( jwe_t jwe,
const char *  jwe_str,
size_t  jwe_str_len,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the JWE in all modes (compact, flattened or general)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse
jwe_str_lenthe length of jwe_str
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_advanced_parsen_json_str()

int r_jwe_advanced_parsen_json_str ( jwe_t jwe,
const char *  jwe_json_str,
size_t  jwe_json_str_len,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the serialized JWE in JSON mode, general or flattened

Parameters
jwethe jwe_t to update
jwe_json_strthe serialized JWE to parse in char * format
jwe_json_str_lenthe length of jwe_json_str
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_compact_parse()

int r_jwe_compact_parse ( jwe_t jwe,
const char *  jwe_str,
int  x5u_flags 
)

Parses the JWE in compact mode (xxx.yyy.zzz.aaa.bbb)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse, must end with a NULL string terminator
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_compact_parsen()

int r_jwe_compact_parsen ( jwe_t jwe,
const char *  jwe_str,
size_t  jwe_str_len,
int  x5u_flags 
)

Parses the JWE in compact mode (xxx.yyy.zzz.aaa.bbb)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse
jwe_str_lenthe length of jwe_str
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_copy()

jwe_t * r_jwe_copy ( jwe_t jwe)

Return a copy of the JWE

Parameters
jwethe jwe_t to duplicate
Returns
a copy of jwe

◆ r_jwe_decrypt()

int r_jwe_decrypt ( jwe_t jwe,
jwk_t jwk_privkey,
int  x5u_flags 
)

Decrypts the payload of the JWE

Parameters
jwethe jwe_t to update
jwk_privkeythe private key to decrypt cypher key, can be NULL if jwe already contains a private key
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_decrypt_key()

int r_jwe_decrypt_key ( jwe_t jwe,
jwk_t jwk_privkey,
int  x5u_flags 
)

Decrypts the key

Parameters
jwethe jwe_t to update
jwk_privkeythe jwk to decrypt the key, may be NULL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_decrypt_payload()

int r_jwe_decrypt_payload ( jwe_t jwe)

Decrypts the payload using its key and iv

Parameters
jwethe jwe_t to update
Returns
RHN_OK on success, an error value on error

◆ r_jwe_encrypt_key()

int r_jwe_encrypt_key ( jwe_t jwe,
jwk_t jwk_pubkey,
int  x5u_flags 
)

Encrypts the key

Parameters
jwethe jwe_t to update
jwk_pubkeythe jwk to encrypt the key, may be NULL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_encrypt_payload()

int r_jwe_encrypt_payload ( jwe_t jwe)

Encrypts the payload using its key and iv

Parameters
jwethe jwe_t to update
Returns
RHN_OK on success, an error value on error

◆ r_jwe_generate_cypher_key()

int r_jwe_generate_cypher_key ( jwe_t jwe)

Generates a random cypher key

Parameters
jwethe jwe_t to update
Returns
RHN_OK on success, an error value on error

◆ r_jwe_generate_iv()

int r_jwe_generate_iv ( jwe_t jwe)

Generates a random Initialization Vector (iv)

Parameters
jwethe jwe_t to update
Returns
RHN_OK on success, an error value on error

◆ r_jwe_get_aad()

const unsigned char * r_jwe_get_aad ( jwe_t jwe,
size_t *  aad_len 
)

Gets the Additional Authenticated Data (aad)

Parameters
jwethe jwe_t to get the value
aad_lenset the size of the aad, may be NULL
Returns
the aad

◆ r_jwe_get_alg()

jwa_alg r_jwe_get_alg ( jwe_t jwe)

Get the JWE alg used for key encryption

Parameters
jwethe jwe_t to update
Returns
the algorithm used

◆ r_jwe_get_cypher_key()

const unsigned char * r_jwe_get_cypher_key ( jwe_t jwe,
size_t *  key_len 
)

Gets the cypher key to encrypt or decrypt the payload

Parameters
jwethe jwe_t to get the value
key_lenset the size of the key, may be NULL
Returns
the key to encrypt or decrypt the payload

◆ r_jwe_get_enc()

jwa_enc r_jwe_get_enc ( jwe_t jwe)

Get the JWE enc used for payload encryption

Parameters
jwethe jwe_t to update
Returns
the encorithm used

◆ r_jwe_get_full_header_json_t()

json_t * r_jwe_get_full_header_json_t ( jwe_t jwe)

Return the full JWE header in JSON format

Parameters
jwethe jwe_t to get the value
Returns
a json_t * value

◆ r_jwe_get_full_header_str()

char * r_jwe_get_full_header_str ( jwe_t jwe)

Return the full JWE header in char *

Parameters
jwethe jwe_t to get the value
Returns
a char * value, must be r_free'd after use

◆ r_jwe_get_full_unprotected_header_json_t()

json_t * r_jwe_get_full_unprotected_header_json_t ( jwe_t jwe)

Return the full JWS unprotected header in JSON format

Parameters
jwethe jwe_t to get the value
Returns
a json_t * value

◆ r_jwe_get_full_unprotected_header_str()

char * r_jwe_get_full_unprotected_header_str ( jwe_t jwe)

Return the full JWS unprotected header in char *

Parameters
jwethe jwe_t to get the value
Returns
a char * value, must be r_free'd after use

◆ r_jwe_get_header_int_value()

rhn_int_t r_jwe_get_header_int_value ( jwe_t jwe,
const char *  key 
)

Gets an integer value from the JWE header

Parameters
jwethe jwe_t to get the value
keythe key to retreive the value
Returns
an rhn_int_t value, 0 if not present

◆ r_jwe_get_header_json_t_value()

json_t * r_jwe_get_header_json_t_value ( jwe_t jwe,
const char *  key 
)

Gets a JSON value from the JWE header

Parameters
jwethe jwe_t to get the value
keythe key to retreive the value
Returns
a json_t * value, NULL if not present

◆ r_jwe_get_header_str_value()

const char * r_jwe_get_header_str_value ( jwe_t jwe,
const char *  key 
)

Gets a string value from the JWE header

Parameters
jwethe jwe_t to get the value
keythe key to retreive the value
Returns
a string value, NULL if not present

◆ r_jwe_get_iv()

const unsigned char * r_jwe_get_iv ( jwe_t jwe,
size_t *  iv_len 
)

Gets the Initialization Vector (iv)

Parameters
jwethe jwe_t to get the value
iv_lenset the size of the iv, may be NULL
Returns
the iv

◆ r_jwe_get_jwks_privkey()

jwks_t * r_jwe_get_jwks_privkey ( jwe_t jwe)

Get private keys set for the cypher key decryption

Parameters
jwethe jwe_t to get the value
Returns
the private key set in jwks_t * format

◆ r_jwe_get_jwks_pubkey()

jwks_t * r_jwe_get_jwks_pubkey ( jwe_t jwe)

Get public keys set for the cypher key encryption

Parameters
jwethe jwe_t to get the value
Returns
the public key set in jwks_t * format

◆ r_jwe_get_kid()

const char * r_jwe_get_kid ( jwe_t jwe)

Get the KID specified in the header for payload encryption

Parameters
jwethe jwe_t to update
Returns
the KID

◆ r_jwe_get_payload()

const unsigned char * r_jwe_get_payload ( jwe_t jwe,
size_t *  payload_len 
)

Get the JWE payload

Parameters
jwethe jwe_t to get the payload from
payload_lenthe length of the JWE payload, may be NULL
Returns
a pointer to the JWE payload

◆ r_jwe_parse()

int r_jwe_parse ( jwe_t jwe,
const char *  jwe_str,
int  x5u_flags 
)

Parses the JWE in all modes (compact, flattened or general)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse, must end with a NULL string terminator
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_parse_json_str()

int r_jwe_parse_json_str ( jwe_t jwe,
const char *  jwe_json_str,
int  x5u_flags 
)

Parses the serialized JWE in JSON mode, general or flattened

Parameters
jwethe jwe_t to update
jwe_json_strthe serialized JWE to parse in char * format, must end with a NULL string terminator
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_parse_json_t()

int r_jwe_parse_json_t ( jwe_t jwe,
json_t *  jwe_json,
int  x5u_flags 
)

Parses the serialized JWE in JSON mode, general or flattened

Parameters
jwethe jwe_t to update
jwe_jsonthe serialized JWE to parse in json_t * format
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_parsen()

int r_jwe_parsen ( jwe_t jwe,
const char *  jwe_str,
size_t  jwe_str_len,
int  x5u_flags 
)

Parses the JWE in all modes (compact, flattened or general)

Parameters
jwethe jwe_t to update
jwe_strthe jwe serialized to parse
jwe_str_lenthe length of jwe_str
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_parsen_json_str()

int r_jwe_parsen_json_str ( jwe_t jwe,
const char *  jwe_json_str,
size_t  jwe_json_str_len,
int  x5u_flags 
)

Parses the serialized JWE in JSON mode, general or flattened

Parameters
jwethe jwe_t to update
jwe_json_strthe serialized JWE to parse in char * format
jwe_json_str_lenthe length of jwe_json_str
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
RHN_OK on success, an error value on error

◆ r_jwe_quick_parse()

jwe_t * r_jwe_quick_parse ( const char *  jwe_str,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the JWE in all modes (compact, flattened or general)

Parameters
jwe_strthe jwe serialized to parse
x5u_flagsFlags to retrieve x5u certificates
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
a new jwe_t * on success, NULL on error

◆ r_jwe_quick_parsen()

jwe_t * r_jwe_quick_parsen ( const char *  jwe_str,
size_t  jwe_str_len,
uint32_t  parse_flags,
int  x5u_flags 
)

Parses the JWE in all modes (compact, flattened or general)

Parameters
jwe_strthe jwe serialized to parse
jwe_str_lenthe length of jwe_str
parse_flagsFlags to set or unset options Flags available are
  • R_PARSE_NONE
  • R_PARSE_HEADER_JWK
  • R_PARSE_HEADER_JKU
  • R_PARSE_HEADER_X5C
  • R_PARSE_HEADER_X5U
  • R_PARSE_HEADER_ALL
  • R_PARSE_UNSIGNED
  • R_PARSE_ALL
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
a new jwe_t * on success, NULL on error

◆ r_jwe_serialize()

char * r_jwe_serialize ( jwe_t jwe,
jwk_t jwk_pubkey,
int  x5u_flags 
)

Serialize a JWE into its string format (aaa.bbb.ccc.xxx.yyy.zzz)

Parameters
jwethe JWE to serialize
jwk_pubkeythe public key to encrypt the cypher key, can be NULL if jwe already contains a public key
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
Returns
the JWE in serialized format, returned value must be r_free'd after use

◆ r_jwe_serialize_json_str()

char * r_jwe_serialize_json_str ( jwe_t jwe,
jwks_t jwks_pubkey,
int  x5u_flags,
int  mode 
)

Serialize a JWE into its JSON format (general or flattened) Mode general: Multiple encryptions are generated. You can use the jwe pubkeys or specify the public keys Every jwk used to encrypt the key must have a property 'alg' to specify the encryption algorithm It is recommended, but not mandatory, to use JWKs with kid property

Parameters
jwethe JWE to serialize
jwks_pubkeythe public keys to use to sign the JWE can be NULL if jwe already contains a public key set
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
modeJSON serialization mode Values available are
Returns
the JWE in char * format, returned value must be r_free'd after use

◆ r_jwe_serialize_json_t()

json_t * r_jwe_serialize_json_t ( jwe_t jwe,
jwks_t jwks_pubkey,
int  x5u_flags,
int  mode 
)

Serialize a JWE into its JSON format (general or flattened) Mode general: Multiple encryptions are generated. You can use the jwe pubkeys or specify the public keys Every jwk used to encrypt the key must have a property 'alg' to specify the encryption algorithm It is recommended, but not mandatory, to use JWKs with kid property

Parameters
jwethe JWE to serialize
jwks_pubkeythe public keys to use to sign the JWE can be NULL if jwe already contains a public key set
x5u_flagsFlags to retrieve x5u certificates pointed by x5u if necessary, could be 0 if not needed Flags available are
  • R_FLAG_IGNORE_SERVER_CERTIFICATE: ignrore if web server certificate is invalid
  • R_FLAG_FOLLOW_REDIRECT: follow redirections if necessary
  • R_FLAG_IGNORE_REMOTE: do not download remote key, but the function may return an error
modeJSON serialization mode Values available are
Returns
the JWE in json_t * format, returned value must be json_decref'd after use

◆ r_jwe_set_aad()

int r_jwe_set_aad ( jwe_t jwe,
const unsigned char *  aad,
size_t  aad_len 
)

Sets the Additional Authenticated Data (aad)

Parameters
jwethe jwe_t to update
aadthe aad to set
aad_lenthe size of the aad
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_alg()

int r_jwe_set_alg ( jwe_t jwe,
jwa_alg  alg 
)

Set the JWE alg to use for key encryption

Parameters
jwethe jwe_t to update
algthe algorithm to use
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_cypher_key()

int r_jwe_set_cypher_key ( jwe_t jwe,
const unsigned char *  key,
size_t  key_len 
)

Sets the cypher key to encrypt or decrypt the payload

Parameters
jwethe jwe_t to update
keythe key to encrypt or decrypt the payload
key_lenthe size of the key
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_enc()

int r_jwe_set_enc ( jwe_t jwe,
jwa_enc  enc 
)

Set the JWE enc to use for payload encryption

Parameters
jwethe jwe_t to update
encthe encorithm to use
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_full_header_json_str()

int r_jwe_set_full_header_json_str ( jwe_t jwe,
const char *  str_header 
)

Sets the entire header with the stringified JSON value specified

Parameters
jwethe jwe_t to update
str_headerthe header to set, must be a stringified JSON object
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_full_header_json_t()

int r_jwe_set_full_header_json_t ( jwe_t jwe,
json_t *  j_header 
)

Sets the entire header with the JSON value specified

Parameters
jwethe jwe_t to update
j_headerthe header to set, must be a JSON object
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_full_unprotected_header_json_str()

int r_jwe_set_full_unprotected_header_json_str ( jwe_t jwe,
const char *  str_unprotected_header 
)

Sets the entire unprotected header with the stringified JSON value specified The unprotected header is useful when serializing in JSON format

Parameters
jwethe jwe_t to update
str_unprotected_headerthe unprotected header to set, must be a stringified JSON object
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_full_unprotected_header_json_t()

int r_jwe_set_full_unprotected_header_json_t ( jwe_t jwe,
json_t *  j_unprotected_header 
)

Sets the entire unprotected header with the JSON value specified The unprotected header is useful when serializing in JSON format

Parameters
jwethe jwe_t to update
j_unprotected_headerthe unprotected header to set, must be a JSON object
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_header_int_value()

int r_jwe_set_header_int_value ( jwe_t jwe,
const char *  key,
rhn_int_t  i_value 
)

Adds an integer value to the JWE header

Parameters
jwethe jwe_t to update
keythe key to set to the JWE header
i_valuethe value to set
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_header_json_t_value()

int r_jwe_set_header_json_t_value ( jwe_t jwe,
const char *  key,
json_t *  j_value 
)

Adds a JSON value to the JWE header

Parameters
jwethe jwe_t to update
keythe key to set to the JWE header
j_valuethe value to set
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_header_str_value()

int r_jwe_set_header_str_value ( jwe_t jwe,
const char *  key,
const char *  str_value 
)

Adds a string value to the JWE header

Parameters
jwethe jwe_t to update
keythe key to set to the JWE header
str_valuethe value to set
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_iv()

int r_jwe_set_iv ( jwe_t jwe,
const unsigned char *  iv,
size_t  iv_len 
)

Sets the Initialization Vector (iv)

Parameters
jwethe jwe_t to update
ivthe iv to set
iv_lenthe size of the iv
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_payload()

int r_jwe_set_payload ( jwe_t jwe,
const unsigned char *  payload,
size_t  payload_len 
)

Set the payload of the jwe

Parameters
jwethe jwe_t to update
payloadthe payload to set
payload_lenthe size of the payload
Returns
RHN_OK on success, an error value on error

◆ r_jwe_set_properties()

int r_jwe_set_properties ( jwe_t jwe,
  ... 
)

Add multiple properties to the jwe_t *

Parameters
jwethe jwe_t to set values
...set of values using a rhn_opt and following values