def test_cek_reuse_encryption_rsaes_rsa_oaep():
_rsa = JWE_RSA(plain, alg="RSA-OAEP", enc="A256GCM")
jwt = _rsa.encrypt(rsa)
dec = JWE_RSA()
msg = dec.decrypt(jwt, rsa)
assert msg == plain
_rsa2 = JWE_RSA(plain, alg="RSA-OAEP", enc="A256GCM")
jwt = _rsa2.encrypt(None, cek=dec["cek"])
dec2 = JWE_RSA()
msg = dec2.decrypt(jwt, None, cek=_rsa["cek"])
assert msg == plain
def test_cek_reuse_encryption_rsaes_rsa15():
_rsa = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt = _rsa.encrypt(rsa)
dec = JWE_RSA()
msg = dec.decrypt(jwt, rsa)
assert msg == plain
_rsa2 = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt = _rsa2.encrypt(None, cek=dec["cek"])
dec2 = JWE_RSA()
msg = dec2.decrypt(jwt, None, cek=_rsa["cek"])
assert msg == plain
def test_cek_reuse_encryption_rsaes_rsa_oaep():
_rsa = JWE_RSA(plain, alg="RSA-OAEP", enc="A256GCM")
jwt = _rsa.encrypt(rsa)
dec = JWE_RSA()
msg = dec.decrypt(jwt, rsa)
assert msg == plain
_rsa2 = JWE_RSA(plain, alg="RSA-OAEP", enc="A256GCM")
jwt = _rsa2.encrypt(None, cek=dec["cek"])
dec2 = JWE_RSA()
msg = dec2.decrypt(jwt, None, cek=_rsa["cek"])
assert msg == plain
def test_cek_reuse_encryption_rsaes_rsa15():
_rsa = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt = _rsa.encrypt(rsa)
dec = JWE_RSA()
msg = dec.decrypt(jwt, rsa)
assert msg == plain
_rsa2 = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt = _rsa2.encrypt(None, cek=dec["cek"])
dec2 = JWE_RSA()
msg = dec2.decrypt(jwt, None, cek=_rsa["cek"])
assert msg == plain
def test_rsa_encrypt_decrypt_rsa_cbc():
_rsa = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt = _rsa.encrypt(rsa)
dec = JWE_RSA()
msg = dec.decrypt(jwt, rsa)
assert msg == plain
def test_rsa_encrypt_decrypt_rsa_cbc():
_rsa = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt = _rsa.encrypt(rsa)
dec = JWE_RSA()
msg = dec.decrypt(jwt, rsa)
assert msg == plain
plain = "Now is the time for all good men to come to the aid of their country."
# use one set of encryption algorithms.
# 'alg' is the cryptographic algorithm used
# to encrypt or determine the value of the Content Encryption Key.
# 'enc' is the content encryption algorithm used to perform authenticated
# encryption on the Plaintext to produce the Ciphertext and the Authentication
# Tag.
# If the instance is going to be used to encrypt the message has to be
# available at initialization.
# If you want you can give the message when initiating the class but it
# can also be done later (just-in-time).
_rsa15_jwe = JWE_RSA(msg=plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt1 = _rsa15_jwe.encrypt(rsa)
print("Parts of the encrypted JWT (RSA1_5+A128CBC-HS256)")
for p in jwt1.split('.'):
print("-", p)
# You don't have to instanciate a new JWE_RSA class when you want to do
# decryption. Using the one you already have is OK.
msg = _rsa15_jwe.decrypt(jwt1, rsa)
print()
print("After decryption (RSA 1.5+A128CBC-HS256): {}".format(msg))
print(60*'=')
# Test using other algorithms
jwt2 = JWE_RSA(plain, alg="RSA-OAEP", enc="A256GCM").encrypt(rsa)
# A JSON web token encrypted (JWE) can e used to encrypt a message so that it can be read only with a specific key.
# The example will provide two different examples of how to encrypt (and decrypt) a token.
# A JWE can be created as follow:
# - create a JWE_RSA object with the message, the encryption algorithm and the encoding to be used
# - call the encrypt method on this oject passing as an argument the key to be used
# - the example will show the various part of the JWT, which are non decodable with b64, since they're encrypted
#
# A JWE can then be decrypted as follow:
# - create a JWE_RSA object
# - call the decrypt method passing the JWE and the key to be used for decription
rsa = RSA.generate(4096)
plain = "Now is the time for all good men to come to the aid of their country."
_rsa15_enc = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256")
jwt1 = _rsa15_enc.encrypt(rsa)
print "(1)"
for p in jwt1.split('.'):
print "-", p
_rsa15_dec = JWE_RSA()
msg = _rsa15_dec.decrypt(jwt1, rsa)
print
print msg
###############################################
_rsaoaep_enc = JWE_RSA(plain, alg="RSA-OAEP", enc="A256GCM")
jwt2 = _rsaoaep_enc.encrypt(rsa)
