LibJWT Dev
The C JSON Web Token Library +JWK +JWKS
jwt.h File Reference

The C JSON Web Token Library +JWK + JWKS. More...

#include <stdio.h>
#include <time.h>
Include dependency graph for jwt.h:

Go to the source code of this file.

Data Structures

struct  jwk_item_t
 Structural representation of a JWK. More...
 
struct  jwt_config_t
 Structure used to manage configuration state. More...
 

Macros

#define JWT_CONFIG_DECLARE(__name)
 Decleration of a jwt_config_t.
 

Typedefs

typedef struct jwt jwt_t
 <
 
typedef struct jwt_valid jwt_valid_t
 Opaque JWT Validation object.
 
typedef struct jwk_set jwk_set_t
 Opaque JWKS object.
 
typedef void *(* jwt_malloc_t) (size_t)
 Prototype for malloc(3)
 
typedef void *(* jwt_realloc_t) (void *, size_t)
 Prototype for realloc(3)
 
typedef void(* jwt_free_t) (void *)
 Prototype for free(3)
 
typedef int(* jwt_callback_t) (const jwt_t *, jwt_config_t *)
 Callback for operations involving verification of tokens.
 

Enumerations

enum  jwt_alg_t {
  JWT_ALG_NONE , JWT_ALG_HS256 , JWT_ALG_HS384 , JWT_ALG_HS512 ,
  JWT_ALG_RS256 , JWT_ALG_RS384 , JWT_ALG_RS512 , JWT_ALG_ES256 ,
  JWT_ALG_ES384 , JWT_ALG_ES512 , JWT_ALG_PS256 , JWT_ALG_PS384 ,
  JWT_ALG_PS512 , JWT_ALG_ES256K , JWT_ALG_EDDSA , JWT_ALG_INVAL
}
 JWT algorithm types. More...
 
enum  jwt_crypto_provider_t { JWT_CRYPTO_OPS_NONE , JWT_CRYPTO_OPS_OPENSSL , JWT_CRYPTO_OPS_GNUTLS , JWT_CRYPTO_OPS_MBEDTLS }
 Different providers for crypto operations. More...
 
enum  jwk_key_type_t { JWK_KEY_TYPE_NONE , JWK_KEY_TYPE_EC , JWK_KEY_TYPE_RSA , JWK_KEY_TYPE_OKP }
 JWK Key Types. More...
 
enum  jwk_pub_key_use_t { JWK_PUB_KEY_USE_NONE , JWK_PUB_KEY_USE_SIG , JWK_PUB_KEY_USE_ENC }
 Usage types for JWK public keys. More...
 
enum  jwk_key_op_t {
  JWK_KEY_OP_NONE , JWK_KEY_OP_SIGN , JWK_KEY_OP_VERIFY , JWK_KEY_OP_ENCRYPT ,
  JWK_KEY_OP_DECRYPT , JWK_KEY_OP_WRAP , JWK_KEY_OP_UNWRAP , JWK_KEY_OP_DERIVE_KEY ,
  JWK_KEY_OP_DERIVE_BITS , JWK_KEY_OP_INVALID
}
 Allowed key operations for JWK private keys. More...
 
enum  jwt_valid_exception_t {
  JWT_VALIDATION_SUCCESS , JWT_VALIDATION_ERROR , JWT_VALIDATION_ALG_MISMATCH , JWT_VALIDATION_EXPIRED ,
  JWT_VALIDATION_TOO_NEW , JWT_VALIDATION_ISS_MISMATCH , JWT_VALIDATION_SUB_MISMATCH , JWT_VALIDATION_AUD_MISMATCH ,
  JWT_VALIDATION_GRANT_MISSING , JWT_VALIDATION_GRANT_MISMATCH
}
 Validation exception types for jwt_t objects. More...
 

Functions

int jwt_new (jwt_t **jwt)
 Allocate a new, empty, JWT object.
 
void jwt_free (jwt_t *jwt)
 Free a JWT object and any other resources it is using.
 
jwt_tjwt_dup (jwt_t *jwt)
 Duplicate an existing JWT object.
 
void jwt_config_init (jwt_config_t *config)
 Intialize jwt_config_t to a clean state.
 
int jwt_verify (jwt_t **jwt, const char *token, jwt_config_t *config)
 Decode and verify a JWT.
 
int jwt_verify_wcb (jwt_t **jwt, const char *token, jwt_config_t *config, jwt_callback_t cb)
 Decode and verify a JWT, with user callback.
 
int jwt_decode (jwt_t **jwt, const char *token, const unsigned char *key, int key_len)
 Decode a JWT.
 
int jwt_decode_2 (jwt_t **jwt, const char *token, jwt_callback_t cb)
 Decode a JWT with a user provided callback.
 
const char * jwt_get_grant (jwt_t *jwt, const char *grant)
 Return the value of a string grant.
 
long jwt_get_grant_int (jwt_t *jwt, const char *grant)
 Return the value of an integer grant.
 
int jwt_get_grant_bool (jwt_t *jwt, const char *grant)
 Return the value of an boolean grant.
 
char * jwt_get_grants_json (jwt_t *jwt, const char *grant)
 Return the value of a grant as JSON encoded object string.
 
int jwt_add_grant (jwt_t *jwt, const char *grant, const char *val)
 Add a new string grant to this JWT object.
 
int jwt_add_grant_int (jwt_t *jwt, const char *grant, long val)
 Add a new integer grant to this JWT object.
 
int jwt_add_grant_bool (jwt_t *jwt, const char *grant, int val)
 Add a new boolean grant to this JWT object.
 
int jwt_add_grants_json (jwt_t *jwt, const char *json)
 Add grants from a JSON encoded object string.
 
int jwt_del_grants (jwt_t *jwt, const char *grant)
 Delete a grant from this JWT object.
 
const char * jwt_get_header (jwt_t *jwt, const char *header)
 Return the value of a string header.
 
long jwt_get_header_int (jwt_t *jwt, const char *header)
 Return the value of an integer header.
 
int jwt_get_header_bool (jwt_t *jwt, const char *header)
 Return the value of an boolean header.
 
char * jwt_get_headers_json (jwt_t *jwt, const char *header)
 Return the value of a header as JSON encoded object string.
 
int jwt_add_header (jwt_t *jwt, const char *header, const char *val)
 Add a new string header to this JWT object.
 
int jwt_add_header_int (jwt_t *jwt, const char *header, long val)
 Add a new integer header to this JWT object.
 
int jwt_add_header_bool (jwt_t *jwt, const char *header, int val)
 Add a new boolean header to this JWT object.
 
int jwt_add_headers_json (jwt_t *jwt, const char *json)
 Add headers from a JSON encoded object string.
 
int jwt_del_headers (jwt_t *jwt, const char *header)
 Delete a header from this JWT object.
 
int jwt_dump_fp (jwt_t *jwt, FILE *fp, int pretty)
 Output plain text representation to a FILE pointer.
 
char * jwt_dump_str (jwt_t *jwt, int pretty)
 Return plain text representation as a string.
 
char * jwt_dump_grants_str (jwt_t *jwt, int pretty)
 Return plain text representation of grants as a string.
 
int jwt_encode_fp (jwt_t *jwt, FILE *fp)
 Fully encode a JWT object and write it to FILE.
 
char * jwt_encode_str (jwt_t *jwt)
 Fully encode a JWT object and return as a string.
 
void jwt_free_str (char *str)
 Free a string returned from the library.
 
int jwt_set_alg (jwt_t *jwt, jwt_alg_t alg, const unsigned char *key, int len)
 Set an algorithm for a jwt_t object.
 
jwt_alg_t jwt_get_alg (const jwt_t *jwt)
 Get the jwt_alg_t set for this JWT object.
 
const char * jwt_alg_str (jwt_alg_t alg)
 Convert alg type to it's string representation.
 
jwt_alg_t jwt_str_alg (const char *alg)
 Convert alg string to type.
 
jwk_set_tjwks_create (const char *jwk_json_str)
 Create a new JWKS object for later use in validating JWTs.
 
int jwks_item_add (jwk_set_t *jwk_set, jwk_item_t *item)
 Add a jwk_item_t to an existing jwk_set_t.
 
int jwks_error (jwk_set_t *jwk_set)
 Check if there is an error within the jwk_set.
 
int jwks_error_any (jwk_set_t *jwk_set)
 Check if there is an error within the jwk_set and any of the jwk_item_t in the set.
 
const char * jwks_error_msg (jwk_set_t *jwk_set)
 Retrieve an error message from a jwk_set.
 
jwk_item_tjwks_item_get (jwk_set_t *jwk_set, size_t index)
 Return the index'th jwk_item in the jwk_set.
 
void jwks_free (jwk_set_t *jwk_set)
 Free all memory associated with a jwt_set_t, including any jwk_item_t in the set.
 
int jwks_item_free (jwk_set_t *jwk_set, size_t index)
 Free all memory associated with the nth jwt_item_t in a jwk_set.
 
int jwks_item_free_all (jwk_set_t *jwk_set)
 Free all memory associated with alljwt_item_t in a jwk_set.
 
jwt_valid_exception_t jwt_validate (jwt_t *jwt, jwt_valid_t *jwt_valid)
 Validate a JWT object with a validation object.
 
int jwt_valid_new (jwt_valid_t **jwt_valid, jwt_alg_t alg)
 Allocate a new, JWT validation object.
 
void jwt_valid_free (jwt_valid_t *jwt_valid)
 Free a JWT validation object and any other resources it is using.
 
jwt_valid_exception_t jwt_valid_get_status (jwt_valid_t *jwt_valid)
 Return the status string for the validation object.
 
time_t jwt_valid_get_nbf_leeway (jwt_valid_t *jwt_valid)
 Return the nbf_leeway value set.
 
time_t jwt_valid_get_exp_leeway (jwt_valid_t *jwt_valid)
 Return the exp_leeway value set.
 
int jwt_valid_add_grant (jwt_valid_t *jwt_valid, const char *grant, const char *val)
 Add a new string grant requirement to this JWT validation object.
 
const char * jwt_valid_get_grant (jwt_valid_t *jwt_valid, const char *grant)
 Return the value of a string required grant.
 
int jwt_valid_add_grant_int (jwt_valid_t *jwt_valid, const char *grant, long val)
 Add a new integer grant requirement to this JWT validation object.
 
long jwt_valid_get_grant_int (jwt_valid_t *jwt_valid, const char *grant)
 Return the value of an integer required grant.
 
int jwt_valid_add_grant_bool (jwt_valid_t *jwt_valid, const char *grant, int val)
 Add a new boolean required grant to this JWT validation object.
 
int jwt_valid_get_grant_bool (jwt_valid_t *jwt_valid, const char *grant)
 Return the value of an boolean required grant.
 
int jwt_valid_add_grants_json (jwt_valid_t *jwt_valid, const char *json)
 Add required grants from a JSON encoded object string.
 
char * jwt_valid_get_grants_json (jwt_valid_t *jwt_valid, const char *grant)
 Return the value of a grant as JSON encoded object string.
 
int jwt_valid_del_grants (jwt_valid_t *jwt_valid, const char *grant)
 Delete a grant from this JWT object.
 
int jwt_valid_set_now (jwt_valid_t *jwt_valid, const time_t now)
 Set the time for which expires and not-before claims should be evaluated.
 
int jwt_valid_set_nbf_leeway (jwt_valid_t *jwt_valid, const time_t nbf_leeway)
 Set the nbf_leeway value as defined in: https://www.rfc-editor.org/rfc/rfc7519#section-4.1.5.
 
int jwt_valid_set_exp_leeway (jwt_valid_t *jwt_valid, const time_t exp_leeway)
 Set the exp_leeway value as defined in: https://www.rfc-editor.org/rfc/rfc7519#section-4.1.4.
 
int jwt_valid_set_headers (jwt_valid_t *jwt_valid, int hdr)
 Set validation for replicated claims in headers.
 
char * jwt_exception_str (unsigned int exceptions)
 Parses exceptions and returns a comma delimited and human-readable string.
 
int jwt_set_alloc (jwt_malloc_t pmalloc, jwt_realloc_t prealloc, jwt_free_t pfree)
 Set functions to be used for allocating and freeing memory.
 
void jwt_get_alloc (jwt_malloc_t *pmalloc, jwt_realloc_t *prealloc, jwt_free_t *pfree)
 Get functions used for allocating and freeing memory.
 
const char * jwt_get_crypto_ops (void)
 Retrieve the name of the current crypto operations being used.
 
jwt_crypto_provider_t jwt_get_crypto_ops_t (void)
 Retrieve the type of the current crypto operations being used.
 
int jwt_set_crypto_ops (const char *opname)
 Set the crypto operations to the named set.
 
int jwt_set_crypto_ops_t (jwt_crypto_provider_t opname)
 Set the crypto operations to a jwt_crypto_provider_t type.
 
int jwt_crypto_ops_supports_jwk (void)
 Check if the current crypto operations support JWK usage.
 

Detailed Description

The C JSON Web Token Library +JWK + JWKS.

Definition in file jwt.h.