[PATCH 0/3] crypto: add JSON Web Token (JWT) support

Sascha Hauer sha at pengutronix.de
Wed Nov 1 02:10:24 PDT 2023 

On Mon, Oct 23, 2023 at 04:31:20PM +0200, Ahmad Fatoum wrote:
> JSON Web Token is a proposed Internet standard for creating tokens with
> optional signature and/or optional encryption whose payload holds JSON that
> asserts some number of claims. The tokens are signed either using a private
> secret or a public/private key.
> 
> In the context of barebox, a JSON Web Token can be used as unlock token
> for a system: By default, the system would be locked and only boot
> signed payloads, but when a valid unlock token is provided, board code
> can selectively allow access to disallowed features, such as booting
> unsigned payloads or provide access to the console and shell.
> 
> This series adds first support for JSON Web Tokens on top of the already
> existing JSON support. RS256 is the only currently supported format, but
> more may be added in future. In lieu of upstreaming board code making
> use of this, a selftest is added that decodes a JSON Web token after
> verifying it and asserts that the claim contained inside are as expected.
> 
> Ahmad Fatoum (3):
>   lib: base64: add support for base64url
>   crypto: add JSON Web Token (JWT) support
>   test: self: add JSON Web Token tests
> 
>  crypto/Kconfig                   |   6 +
>  crypto/Makefile                  |   2 +
>  crypto/jwt.c                     | 241 +++++++++++++++++++++++++++++++
>  include/base64.h                 |   1 +
>  include/crypto/jwt.h             |  55 +++++++
>  lib/base64.c                     |  60 +++++++-
>  test/self/Kconfig                |   7 +
>  test/self/Makefile               |  11 +-
>  test/self/jwt.c                  | 157 ++++++++++++++++++++
>  test/self/jwt_test.pem           |  37 +++++
>  test/self/jwt_test.pem.c_shipped |  49 +++++++
>  11 files changed, 620 insertions(+), 6 deletions(-)
>  create mode 100644 crypto/jwt.c
>  create mode 100644 include/crypto/jwt.h
>  create mode 100644 test/self/jwt.c
>  create mode 100644 test/self/jwt_test.pem
>  create mode 100644 test/self/jwt_test.pem.c_shipped

Applied, thanks

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

More information about the barebox mailing list