def test_keyjar_remove_key():
ks = KeyJar()
ks[""] = KeyBundle({"hmac":"a1b2c3d4"}, usage=["sig", "ver"])
ks["http://www.example.org"] = [
KeyBundle({"hmac": "e5f6g7h8"}, usage=["sig", "ver"]),
KeyBundle({"rsa": "-rsa-key-"}, usage=["enc", "dec"])
]
ks["http://www.example.com"] = KeyBundle({"hmac": "i9j10k11l12"},
usage=["sig", "ver"])
coll = ks["http://www.example.org"]
# coll is list of KeyBundles
assert len(coll) == 2
key = ks.get_encrypt_key(type="rsa", owner="http://www.example.org")
assert key == {"rsa": ["-rsa-key-"]}
ks.remove_key("http://www.example.org", "rsa", "-rsa-key-")
coll = ks["http://www.example.org"]
assert len(coll) == 1 # Only one remaining key
key = ks.get_encrypt_key(type="rsa", owner="http://www.example.org")
assert key == {"rsa": []}
keys = ks.verify_keys("http://www.example.com")
assert keys == {'hmac': ['i9j10k11l12', 'a1b2c3d4']}
keys = ks.decrypt_keys("http://www.example.org")
assert keys == {}
def test_keyjar_remove_key():
ks = KeyJar()
ks[""] = KeyBundle([{"kty": "oct", "key": "a1b2c3d4", "use": "sig"},
{"kty": "oct", "key": "a1b2c3d4", "use": "ver"}])
ks["http://www.example.org"] = [
KeyBundle([
{"kty": "oct", "key": "e5f6g7h8", "use": "sig"},
{"kty": "oct", "key": "e5f6g7h8", "use": "ver"}]),
keybundle_from_local_file(RSAKEY, "rsa", ["enc", "dec"])
]
ks["http://www.example.com"] = keybundle_from_local_file(RSA0, "rsa",
["enc", "dec"])
coll = ks["http://www.example.org"]
# coll is list of KeyBundles
assert len(coll) == 2
keys = ks.get_encrypt_key(key_type="RSA", owner="http://www.example.org")
assert len(keys) == 1
_key = keys[0]
ks.remove_key("http://www.example.org", "RSA", _key)
coll = ks["http://www.example.org"]
assert len(coll) == 1 # Only one remaining key
keys = ks.get_encrypt_key(key_type="rsa", owner="http://www.example.org")
assert len(keys) == 0
keys = ks.verify_keys("http://www.example.com")
assert len(keys) == 1
assert len([k for k in keys if k.kty == "oct"]) == 1
keys = ks.decrypt_keys("http://www.example.org")
assert keys == []
def test_remove_key(self):
ks = KeyJar()
ks[""] = KeyBundle([{"kty": "oct", "key": "a1b2c3d4", "use": "sig"},
{"kty": "oct", "key": "a1b2c3d4", "use": "ver"}])
ks["http://www.example.org"] = [
KeyBundle([
{"kty": "oct", "key": "e5f6g7h8", "use": "sig"},
{"kty": "oct", "key": "e5f6g7h8", "use": "ver"}]),
keybundle_from_local_file(RSAKEY, "rsa", ["enc", "dec"])
]
ks["http://www.example.com"] = keybundle_from_local_file(RSA0, "rsa",
["enc", "dec"])
coll = ks["http://www.example.org"]
# coll is list of KeyBundles
assert len(coll) == 2
keys = ks.get_encrypt_key(key_type="RSA",
owner="http://www.example.org")
assert len(keys) == 1
_key = keys[0]
ks.remove_key("http://www.example.org", "RSA", _key)
coll = ks["http://www.example.org"]
assert len(coll) == 1 # Only one remaining key
keys = ks.get_encrypt_key(key_type="rsa",
owner="http://www.example.org")
assert len(keys) == 0
keys = ks.verify_keys("http://www.example.com")
assert len(keys) == 1
assert len([k for k in keys if k.kty == "oct"]) == 1
keys = ks.decrypt_keys("http://www.example.org")
assert keys == []
def test_enc_hmac():
payload = {
'nonce': 'CYeHPyA6Kmr_jy5HDHXykznu2BpDLm8ngbIJvhBoupI,',
'sub': 'diana',
'iss': 'https://xenosmilus2.umdc.umu.se:8091/',
'acr': '2',
'exp': 1401176001,
'iat': 1401096801,
'aud': ['ApB7TBoKV1tV']
}
_jwe = JWE(json.dumps(payload), alg="A128KW", enc="A128CBC-HS256")
kb = KeyBundle(JWK1["keys"])
kj = KeyJar()
kj.issuer_keys["abcdefgh"] = [kb]
keys = kj.get_encrypt_key(owner="abcdefgh")
_enctxt = _jwe.encrypt(keys, context="public")
assert _enctxt
# and now for decryption
msg, state = _jwe.decrypt(_enctxt, keys)
assert json.loads(msg) == payload
def test_enc_hmac():
payload = {'nonce': 'CYeHPyA6Kmr_jy5HDHXykznu2BpDLm8ngbIJvhBoupI,',
'sub': 'diana', 'iss': 'https://xenosmilus2.umdc.umu.se:8091/',
'acr': '2', 'exp': 1401176001, 'iat': 1401096801,
'aud': ['ApB7TBoKV1tV']}
_jwe = JWE(json.dumps(payload), alg="A128KW", enc="A128CBC-HS256")
kb = KeyBundle(JWK1["keys"])
kj = KeyJar()
kj.issuer_keys["abcdefgh"] = [kb]
keys = kj.get_encrypt_key(owner="abcdefgh")
_enctxt = _jwe.encrypt(keys, context="public")
assert _enctxt
# and now for decryption
msg, state = _jwe.decrypt(_enctxt, keys)
assert json.loads(msg) == payload
def test_no_use():
kb = KeyBundle(JWK0["keys"])
kj = KeyJar()
kj.issuer_keys["abcdefgh"] = [kb]
enc_key = kj.get_encrypt_key("RSA", "abcdefgh")
assert enc_key != []
def test_no_use(self):
kb = KeyBundle(JWK0["keys"])
kj = KeyJar()
kj.issuer_keys["abcdefgh"] = [kb]
enc_key = kj.get_encrypt_key("RSA", "abcdefgh")
assert enc_key != []
