def encrypt(self, key, iv="", cek=""):
"""
:param key: Shared symmetric key
:param iv:
:param cek:
:return:
"""
_msg = self.msg
b64_header = self._encoded_header()
# content master key 256 bit
if not cek:
cek = os.urandom(32)
jek = aes_wrap_key(intarr2str(key), cek)
auth_data = b64_header
_enc = self["enc"]
if _enc == "A256GCM":
if not iv:
iv = os.urandom(12) # 96 bits
ctxt, tag = gcm_encrypt(cek, iv, _msg, auth_data)
elif _enc.startswith("A128CBC-") or _enc.startswith("A256CBC-"):
assert _enc in SUPPORTED["enc"]
ealg, hashf = _enc.split("-")
if not iv:
if ealg == "A128CBC":
iv = os.urandom(16) # 128 bits
else: # ealg == "A256CBC"
iv = os.urandom(32) # 256 bits
ctxt, tag = ciphertext_and_authentication_tag(cek, _msg, auth_data, iv, algo="A128CBC-HS256")
else:
raise NotSupportedAlgorithm(_enc)
res = b".".join([b64_header, b64e(jek), b64e(iv), b64e(ctxt), b64e(tag)])
return res
def test_jwe_09_a1():
# RSAES OAEP and AES GCM
msg = "The true sign of intelligence is not knowledge but imagination."
# A.1.1
header = '{"alg":"RSA-OAEP","enc":"A256GCM"}'
b64_header = b64e(header)
# A.1.2
assert b64_header == "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ"
# A.1.3
cek = intarr2str([177, 161, 244, 128, 84, 143, 225, 115, 63, 180, 3, 255,
107, 154, 212, 246, 138, 7, 110, 91, 112, 46, 34, 105, 47,
130, 203, 46, 122, 234, 64, 252])
# A.1.4 Key Encryption
enc_key = [
56, 163, 154, 192, 58, 53, 222, 4, 105, 218, 136, 218, 29, 94, 203,
22, 150, 92, 129, 94, 211, 232, 53, 89, 41, 60, 138, 56, 196, 216,
82, 98, 168, 76, 37, 73, 70, 7, 36, 8, 191, 100, 136, 196, 244, 220,
145, 158, 138, 155, 4, 117, 141, 230, 199, 247, 173, 45, 182, 214,
74, 177, 107, 211, 153, 11, 205, 196, 171, 226, 162, 128, 171, 182,
13, 237, 239, 99, 193, 4, 91, 219, 121, 223, 107, 167, 61, 119, 228,
173, 156, 137, 134, 200, 80, 219, 74, 253, 56, 185, 91, 177, 34, 158,
89, 154, 205, 96, 55, 18, 138, 43, 96, 218, 215, 128, 124, 75, 138,
243, 85, 25, 109, 117, 140, 26, 155, 249, 67, 167, 149, 231, 100, 6,
41, 65, 214, 251, 232, 87, 72, 40, 182, 149, 154, 168, 31, 193, 126,
215, 89, 28, 111, 219, 125, 182, 139, 235, 195, 197, 23, 234, 55, 58,
63, 180, 68, 202, 206, 149, 75, 205, 248, 176, 67, 39, 178, 60, 98,
193, 32, 238, 122, 96, 158, 222, 57, 183, 111, 210, 55, 188, 215,
206, 180, 166, 150, 166, 106, 250, 55, 229, 72, 40, 69, 214, 216,
104, 23, 40, 135, 212, 28, 127, 41, 80, 175, 174, 168, 115, 171, 197,
89, 116, 92, 103, 246, 83, 216, 182, 176, 84, 37, 147, 35, 45, 219,
172, 99, 226, 233, 73, 37, 124, 42, 72, 49, 242, 35, 127, 184, 134,
117, 114, 135, 206]
b64_ejek = "ApfOLCaDbqs_JXPYy2I937v_xmrzj-Iss1mG6NAHmeJViM6j2l0MHvfseIdHVyU2BIoGVu9ohvkkWiRq5DL2jYZTPA9TAdwq3FUIVyoH-Pedf6elHIVFi2KGDEspYMtQARMMSBcS7pslx6flh1Cfh3GBKysztVMEhZ_maFkm4PYVCsJsvq6Ct3fg2CJPOs0X1DHuxZKoIGIqcbeK4XEO5a0h5TAuJObKdfO0dKwfNSSbpu5sFrpRFwV2FTTYoqF4zI46N9-_hMIznlEpftRXhScEJuZ9HG8C8CHB1WRZ_J48PleqdhF4o7fB5J1wFqUXBtbtuGJ_A2Xe6AEhrlzCOw"
iv = intarr2str([227, 197, 117, 252, 2, 219, 233, 68, 180, 225, 77, 219])
aadp = b64_header + b'.' + b64_ejek
ctxt, tag = gcm_encrypt(cek, iv, msg, aadp)
_va = [ord(c) for c in ctxt]
assert _va == [229, 236, 166, 241, 53, 191, 115, 196, 174, 43, 73, 109, 39,
122, 233, 96, 140, 206, 120, 52, 51, 237, 48, 11, 190, 219,
186, 80, 111, 104, 50, 142, 47, 167, 59, 61, 181, 127, 196,
21, 40, 82, 242, 32, 123, 143, 168, 226, 73, 216, 176, 144,
138, 247, 106, 60, 16, 205, 160, 109, 64, 63, 192]
assert [ord(c) for c in tag] == [130, 17, 32, 198, 120, 167, 144, 113, 0,
50, 158, 49, 102, 208, 118, 152]
res = b".".join([b64_header, b64_ejek, b64e(iv), b64e(ctxt), b64e(tag)])
assert res == "".join([
"eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.",
"ApfOLCaDbqs_JXPYy2I937v_xmrzj-Iss1mG6NAHmeJViM6j2l0MHvfseIdHVyU2",
"BIoGVu9ohvkkWiRq5DL2jYZTPA9TAdwq3FUIVyoH-Pedf6elHIVFi2KGDEspYMtQ",
"ARMMSBcS7pslx6flh1Cfh3GBKysztVMEhZ_maFkm4PYVCsJsvq6Ct3fg2CJPOs0X",
"1DHuxZKoIGIqcbeK4XEO5a0h5TAuJObKdfO0dKwfNSSbpu5sFrpRFwV2FTTYoqF4",
"zI46N9-_hMIznlEpftRXhScEJuZ9HG8C8CHB1WRZ_J48PleqdhF4o7fB5J1wFqUX",
"BtbtuGJ_A2Xe6AEhrlzCOw.",
"48V1_ALb6US04U3b.",
"5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6ji",
"SdiwkIr3ajwQzaBtQD_A.",
"ghEgxninkHEAMp4xZtB2mA"])
def encrypt(self, key, context="public", iv="", cek="", **kwargs):
"""
Produces a JWE using RSA algorithms
:param key: RSA key
:param context:
:param iv:
:param cek:
:return: A jwe
"""
_msg = self.msg
if "zip" in self:
if self["zip"] == "DEF":
_msg = zlib.compress(_msg)
else:
raise ParameterError("Zip has unknown value: %s" % self["zip"])
# content master key 256 bit
if not cek:
cek = os.urandom(32)
if context == "private":
_encrypt = RSAEncrypter().private_encrypt
else:
_encrypt = RSAEncrypter().public_encrypt
_alg = self["alg"]
if _alg == "RSA-OAEP":
jwe_enc_key = _encrypt(cek, key, "pkcs1_oaep_padding")
elif _alg == "RSA1_5":
jwe_enc_key = _encrypt(cek, key)
else:
raise NotSupportedAlgorithm(_alg)
# if debug:
# print >> sys.stderr, "enc_key:", hd2ia(hexlify(jwe_enc_key))
enc_header = self._encoded_header()
auth_data = enc_header
_enc = self["enc"]
if _enc == "A256GCM":
if not iv:
iv = os.urandom(12) # 96 bits
ctxt, tag = gcm_encrypt(cek, iv, _msg, auth_data)
elif _enc.startswith("A128CBC-") or _enc.startswith("A256CBC-"):
assert _enc in SUPPORTED["enc"]
ealg, hashf = _enc.split("-")
if not iv:
if ealg == "A128CBC":
iv = os.urandom(16) # 128 bits
else: # ealg == "A256CBC"
iv = os.urandom(32) # 256 bits
ctxt, tag = ciphertext_and_authentication_tag(_msg, cek, auth_data, iv, algo=_enc)
else:
raise NotSupportedAlgorithm(_enc)
res = b".".join([enc_header, b64e(jwe_enc_key), b64e(iv), b64e(ctxt), b64e(tag)])
return res
def test_jwe_09_a1():
# RSAES OAEP and AES GCM
msg = "The true sign of intelligence is not knowledge but imagination."
# A.1.1
header = '{"alg":"RSA-OAEP","enc":"A256GCM"}'
b64_header = b64e(header)
# A.1.2
assert b64_header == "eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ"
# A.1.3
cek = intarr2str([
177, 161, 244, 128, 84, 143, 225, 115, 63, 180, 3, 255, 107, 154, 212,
246, 138, 7, 110, 91, 112, 46, 34, 105, 47, 130, 203, 46, 122, 234, 64,
252
])
# A.1.4 Key Encryption
enc_key = [
56, 163, 154, 192, 58, 53, 222, 4, 105, 218, 136, 218, 29, 94, 203, 22,
150, 92, 129, 94, 211, 232, 53, 89, 41, 60, 138, 56, 196, 216, 82, 98,
168, 76, 37, 73, 70, 7, 36, 8, 191, 100, 136, 196, 244, 220, 145, 158,
138, 155, 4, 117, 141, 230, 199, 247, 173, 45, 182, 214, 74, 177, 107,
211, 153, 11, 205, 196, 171, 226, 162, 128, 171, 182, 13, 237, 239, 99,
193, 4, 91, 219, 121, 223, 107, 167, 61, 119, 228, 173, 156, 137, 134,
200, 80, 219, 74, 253, 56, 185, 91, 177, 34, 158, 89, 154, 205, 96, 55,
18, 138, 43, 96, 218, 215, 128, 124, 75, 138, 243, 85, 25, 109, 117,
140, 26, 155, 249, 67, 167, 149, 231, 100, 6, 41, 65, 214, 251, 232,
87, 72, 40, 182, 149, 154, 168, 31, 193, 126, 215, 89, 28, 111, 219,
125, 182, 139, 235, 195, 197, 23, 234, 55, 58, 63, 180, 68, 202, 206,
149, 75, 205, 248, 176, 67, 39, 178, 60, 98, 193, 32, 238, 122, 96,
158, 222, 57, 183, 111, 210, 55, 188, 215, 206, 180, 166, 150, 166,
106, 250, 55, 229, 72, 40, 69, 214, 216, 104, 23, 40, 135, 212, 28,
127, 41, 80, 175, 174, 168, 115, 171, 197, 89, 116, 92, 103, 246, 83,
216, 182, 176, 84, 37, 147, 35, 45, 219, 172, 99, 226, 233, 73, 37,
124, 42, 72, 49, 242, 35, 127, 184, 134, 117, 114, 135, 206
]
b64_ejek = "ApfOLCaDbqs_JXPYy2I937v_xmrzj-Iss1mG6NAHmeJViM6j2l0MHvfseIdHVyU2BIoGVu9ohvkkWiRq5DL2jYZTPA9TAdwq3FUIVyoH-Pedf6elHIVFi2KGDEspYMtQARMMSBcS7pslx6flh1Cfh3GBKysztVMEhZ_maFkm4PYVCsJsvq6Ct3fg2CJPOs0X1DHuxZKoIGIqcbeK4XEO5a0h5TAuJObKdfO0dKwfNSSbpu5sFrpRFwV2FTTYoqF4zI46N9-_hMIznlEpftRXhScEJuZ9HG8C8CHB1WRZ_J48PleqdhF4o7fB5J1wFqUXBtbtuGJ_A2Xe6AEhrlzCOw"
iv = intarr2str([227, 197, 117, 252, 2, 219, 233, 68, 180, 225, 77, 219])
aadp = b64_header + b'.' + b64_ejek
ctxt, tag = gcm_encrypt(cek, iv, msg, aadp)
_va = [ord(c) for c in ctxt]
assert _va == [
229, 236, 166, 241, 53, 191, 115, 196, 174, 43, 73, 109, 39, 122, 233,
96, 140, 206, 120, 52, 51, 237, 48, 11, 190, 219, 186, 80, 111, 104,
50, 142, 47, 167, 59, 61, 181, 127, 196, 21, 40, 82, 242, 32, 123, 143,
168, 226, 73, 216, 176, 144, 138, 247, 106, 60, 16, 205, 160, 109, 64,
63, 192
]
assert [ord(c) for c in tag] == [
130, 17, 32, 198, 120, 167, 144, 113, 0, 50, 158, 49, 102, 208, 118,
152
]
res = b".".join([b64_header, b64_ejek, b64e(iv), b64e(ctxt), b64e(tag)])
assert res == "".join([
"eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.",
"ApfOLCaDbqs_JXPYy2I937v_xmrzj-Iss1mG6NAHmeJViM6j2l0MHvfseIdHVyU2",
"BIoGVu9ohvkkWiRq5DL2jYZTPA9TAdwq3FUIVyoH-Pedf6elHIVFi2KGDEspYMtQ",
"ARMMSBcS7pslx6flh1Cfh3GBKysztVMEhZ_maFkm4PYVCsJsvq6Ct3fg2CJPOs0X",
"1DHuxZKoIGIqcbeK4XEO5a0h5TAuJObKdfO0dKwfNSSbpu5sFrpRFwV2FTTYoqF4",
"zI46N9-_hMIznlEpftRXhScEJuZ9HG8C8CHB1WRZ_J48PleqdhF4o7fB5J1wFqUX",
"BtbtuGJ_A2Xe6AEhrlzCOw.", "48V1_ALb6US04U3b.",
"5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6ji",
"SdiwkIr3ajwQzaBtQD_A.", "ghEgxninkHEAMp4xZtB2mA"
])
