def test_verify_protected_headers(): payload = "Please take a moment to register today" eck = ec.generate_private_key(ec.SECP256R1(), default_backend()) _key = ECKey().load_key(eck) keys = [_key] _jws = JWS(payload, alg="ES256") protected = dict(header1=u"header1 is protected", header2="header2 is protected too", a=1) _jwt = _jws.sign_compact(keys, protected=protected) protectedHeader, enc_payload, sig = _jwt.split(".") data = dict( payload=enc_payload, signatures=[ dict( header=dict(alg=u"ES256", jwk=_key.serialize()), protected=protectedHeader, signature=sig, ) ], ) # _pub_key = ECKey().load_key(eck.public_key()) _jws = JWS() assert _jws.verify_json(json.dumps(data)) == payload
def test_key_from_jwk_dict_ec(): key = ECKey().load(full_path("570-ec-sect571r1-keypair.pem")) assert key.has_private_key() jwk = key.serialize(private=True) _key = key_from_jwk_dict(jwk) assert isinstance(_key, ECKey) assert _key.has_private_key()
def read_cosekey(filename: str, private: bool = True) -> CoseKey: """Read key and return CoseKey""" if filename.endswith(".json"): with open(filename, "rt") as jwk_file: jwk_dict = json.load(jwk_file) elif filename.endswith(".key"): key = import_private_key_from_pem_file(filename) jwk = ECKey() jwk.load_key(key) jwk_dict = jwk.serialize(private=private) elif filename.endswith(".crt"): if private: raise ValueError("No private keys in certificates") key = import_public_key_from_cert_file(filename) jwk = ECKey() jwk.load_key(key) jwk_dict = jwk.serialize(private=private) else: raise ValueError("Unknown key format") return cosekey_from_jwk_dict(jwk_dict, private)
def test_create_eckey(): ec_key = generate_private_key(NIST2SEC['P-256'], default_backend()) ec = ECKey(priv_key=ec_key) exp_key = ec.serialize() assert _eq(list(exp_key.keys()), ["y", "x", "crv", "kty"])