def test_serialize_rsa_pub_key(): rsakey = RSAKey( pub_key=import_public_rsa_key_from_file(full_path("rsa.pub"))) assert rsakey.d == "" d_rsakey = rsakey.serialize(private=True) restored_key = RSAKey(**d_rsakey) assert restored_key == rsakey
def test_kspec(): _ckey = import_rsa_key_from_cert_file(CERT) _key = RSAKey() _key.load_key(_ckey) jwk = _key.serialize() assert jwk["kty"] == "RSA" assert jwk["e"] == JWK_0["keys"][0]["e"] assert jwk["n"] == JWK_0["keys"][0]["n"] assert not _key.has_private_key()
def test_serialize_rsa_priv_key(): rsakey = RSAKey( priv_key=import_private_rsa_key_from_file(full_path("rsa.key"))) assert rsakey.d d_rsakey = rsakey.serialize(private=True) restored_key = RSAKey(**d_rsakey) assert restored_key == rsakey assert rsakey.has_private_key() assert restored_key.has_private_key()
def pem_to_jwk_dict(pem_data: str): """Read PEM certificate and return JWK dictionary""" public_key = import_public_key_from_pem_data(pem_data) if isinstance(public_key, rsa.RSAPublicKey): jwk = RSAKey().load_key(public_key) elif isinstance(public_key, ec.EllipticCurvePublicKey): jwk = ECKey().load_key(public_key) else: raise ValueError("Unknown key type") jwk_dict = jwk.serialize() cert = x509.load_pem_x509_certificate(pem_data.encode(), default_backend()) fp = cert.fingerprint(hashes.SHA256()) jwk_dict["kid"] = b64e(fp[:8]).decode() jwk_dict["x5t#S256"] = b64e(fp).decode() jwk_dict["x5a"] = { "subject": cert.subject.rfc4514_string(), "issuer": cert.issuer.rfc4514_string(), "serial": cert.serial_number, } return jwk_dict