def _verify_signature(payload,
signing_input,
header,
signature,
key='',
algorithms=None):
alg = header.get('alg')
if not alg:
raise JWSError('No algorithm was specified in the JWS header.')
if algorithms is not None and alg not in algorithms:
raise JWSError('The specified alg value is not allowed')
try:
alg_obj = get_algorithm_object(alg)
key = alg_obj.prepare_key(key)
if not alg_obj.verify(signing_input, key, signature):
raise JWSSignatureError()
except JWSSignatureError:
raise JWSError('Signature verification failed.')
except JWSError:
raise JWSError('Invalid or unsupported algorithm: %s' % alg)
def _sign_header_and_claims(encoded_header, encoded_claims, algorithm, key):
signing_input = b'.'.join([encoded_header, encoded_claims])
try:
alg_obj = get_algorithm_object(algorithm)
key = alg_obj.prepare_key(key)
signature = alg_obj.sign(signing_input, key)
except Exception as e:
raise JWSError(e)
encoded_signature = base64url_encode(signature)
encoded_string = b'.'.join([encoded_header, encoded_claims, encoded_signature])
return encoded_string.decode('utf-8')
def _sign_header_and_claims(encoded_header, encoded_claims, algorithm, key):
signing_input = b'.'.join([encoded_header, encoded_claims])
try:
alg_obj = get_algorithm_object(algorithm)
key = alg_obj.prepare_key(key)
signature = alg_obj.sign(signing_input, key)
except Exception as e:
raise JWSError(e)
encoded_signature = base64url_encode(signature)
encoded_string = b'.'.join(
[encoded_header, encoded_claims, encoded_signature])
return encoded_string.decode('utf-8')
def _verify_signature(payload, signing_input, header, signature, key='', algorithms=None):
alg = header.get('alg')
if not alg:
raise JWSError('No algorithm was specified in the JWS header.')
if algorithms is not None and alg not in algorithms:
raise JWSError('The specified alg value is not allowed')
try:
alg_obj = get_algorithm_object(alg)
key = alg_obj.prepare_key(key)
if not alg_obj.verify(signing_input, key, signature):
raise JWSSignatureError()
except JWSSignatureError:
raise JWSError('Signature verification failed.')
except JWSError:
raise JWSError('Invalid or unsupported algorithm: %s' % alg)
def test_get_algorithm(self):
with pytest.raises(Exception):
get_algorithm_object('SOMETHING')
def test_get_algorithm(self):
with pytest.raises(Exception):
get_algorithm_object('SOMETHING')