def serialize(self, flatten: bool = False) -> bytes: """ Serializes the JWSSet into a JSON object via https://tools.ietf.org/html/rfc7515#section-3.2. Parameters: flatten (bool): Whether or not to flatten the structure if there's only one signature. Returns: bytes: JSON encoding as bytes. """ json_set = { 'payload': url_b64_encode(self.payload).decode(), 'signatures': [{ 'protected': url_b64_encode(jws.header).decode(), 'header': unprotected_header, 'signature': url_b64_encode(jws.signature).decode() } for jws, unprotected_header in self.signatures] } if flatten and len(json_set['signatures']) == 1: json_set.update(json_set['signatures'][0]) del json_set['signatures'] return json.dumps(json_set, separators=(',', ':')).encode('utf-8')
def recompute_signature(self, key: object): """ Recomputes the signature given a `key`. Parameters: key (object): Signing key. Object type depending on the JWASignatureAlg. """ self.signature = JWA_ALG_MAP[self.alg].sign( key, url_b64_encode(self.header) + b'.' + url_b64_encode(self.body))
def verify(self, key: object) -> bool: """ Verifies the signature on the JWS. Parameters: key (object): Verification key with object type depending on the JWASignatureAlg. Returns: bool: Whether or not it passed verification. """ data = url_b64_encode(self.header) + b'.' + url_b64_encode(self.body) return JWA_ALG_MAP[self.alg].verify(key, data, self.signature)
def build_pub(rsa_key: object) -> dict: """ Formats the public parameters of the key as a `dict`. Parameters: rsa_key (RSA): Key to format. Returns: dict: JWK dict with public parameters. """ jwk = { 'kty': 'RSA', 'n': url_b64_encode(Bytes(rsa_key.n)).decode(), 'e': url_b64_encode(Bytes(rsa_key.e)).decode(), } return jwk
def encrypt(self, kek: bytes, cek: bytes, header: dict) -> Bytes: rij = Rijndael(kek) gcm = GCM(rij) ct_and_tag = gcm.encrypt(url_b64_decode(header['iv'].encode('utf-8')), cek, b'') header['tag'] = url_b64_encode(ct_and_tag[-16:]).decode() return ct_and_tag[:-16]
def build_pub(ec_key: object) -> dict: """ Formats the public parameters of the key as a `dict`. Parameters: ec_key (ECDSA): Key to format. Returns: dict: JWK dict with public parameters. """ jwk = { 'kty': 'EC', 'crv': JWK_CURVE_NAME_LOOKUP[ec_key.G.curve], 'x': url_b64_encode(Bytes(int(ec_key.Q.x))).decode(), 'y': url_b64_encode(Bytes(int(ec_key.Q.y))).decode(), } return jwk
def serialize(self) -> Bytes: """ Serialize the JWS into its compact representation. Returns: Bytes: BASE64-URL encoded JWS. """ return Bytes(b'.'.join([ url_b64_encode(part) for part in [self.header, self.body, self.signature] ]))
def encode(ec_key: object, **kwargs) -> str: """ Encodes the key as a JWK JSON string. Parameters: ec_key (ECDSA): ECDSA key to encode. Returns: str: JWK JSON string. """ jwk = JWKECPublicKey.build_pub(ec_key) jwk['d'] = url_b64_encode(Bytes(ec_key.d)).decode() return json.dumps(jwk).encode('utf-8')
def build_pub(eddsa_key: object) -> dict: """ Formats the public parameters of the key as a `dict`. Parameters: eddsa_key (EdDSA): Key to format. Returns: dict: JWK dict with public parameters. """ jwk = { 'kty': 'OKP', 'crv': JWK_CURVE_NAME_LOOKUP[eddsa_key.curve], 'x': url_b64_encode(eddsa_key.get_pub_bytes()).decode() } return jwk
def encode(rsa_key: object, **kwargs) -> str: """ Encodes the key as a JWK JSON string. Parameters: rsa_key (RSA): RSA key to encode. Returns: str: JWK JSON string. """ jwk = JWKRSAPublicKey.build_pub(rsa_key) jwk['d'] = url_b64_encode(Bytes(rsa_key.alt_d)).decode() jwk['p'] = url_b64_encode(Bytes(rsa_key.p)).decode() jwk['q'] = url_b64_encode(Bytes(rsa_key.q)).decode() jwk['dp'] = url_b64_encode(Bytes(rsa_key.dP)).decode() jwk['dq'] = url_b64_encode(Bytes(rsa_key.dQ)).decode() jwk['qi'] = url_b64_encode(Bytes(rsa_key.Qi)).decode() return json.dumps(jwk).encode('utf-8')
def generate_encryption_params(self) -> dict: return {'p2s': url_b64_encode(Bytes.random(8)).decode(), 'p2c': 1000}
def generate_encryption_params(self) -> dict: return {'iv': url_b64_encode(Bytes.random(12)).decode()}