Exemple #1
0
    def test_message(self):
        '''
        nose2 jose.tests.test_jwe.TestJweMessage.test_message
        '''
        jwe = Jwe(alg=KeyEncEnum.A128KW)
        jwe2 = Jwe.from_json(jwe.to_json(indent=2))
        self.assertEqual(jwe2.alg, jwe.alg)
        jwe3 = Jwe.from_b64u(jwe.to_b64u())
        self.assertEqual(jwe3.alg, jwe.alg)

        msg = Message(
            protected=Jwe(enc=EncEnum.A128CBC_HS256),
            unprotected=Jwe(zip='DEF'),
        )
        rec = Recipient(header=Jwe(alg=KeyEncEnum.A192KW))
        msg.recipients.append(rec)

        msg2 = Message.from_json(msg.to_json(indent=2))
        self.assertEqual(len(msg2.recipients), 1)
        self.assertEqual(msg2.recipients[0].header.alg, KeyEncEnum.A192KW)
        self.assertEqual(msg2.unprotected.zip, ZipEnum.DEF)

        header2 = msg2.header()
        self.assertEqual(header2.enc, EncEnum.A128CBC_HS256)
        self.assertEqual(header2.zip, ZipEnum.DEF)
        self.assertIsNone(header2.alg)

        header3 = msg2.header(0)
        self.assertEqual(header3.enc, EncEnum.A128CBC_HS256)
        self.assertEqual(header3.zip, ZipEnum.DEF)
        self.assertEqual(header3.alg, KeyEncEnum.A192KW)
Exemple #2
0
    def test_jwe_appendix2(self):
        '''
        nose2 jose.tests.test_jwe.TestJwe.test_jwe_appendix2
        '''

        jwemsg = Message.from_token(JWE_A2.jwe_token, None, None)

        self.assertEqual(jwemsg.protected, JWE_A2.jwe_header_b64u)
        self.assertEqual(jwemsg.tag, JWE_A2.auth_tag_b64u)
        self.assertEqual(jwemsg.ciphertext, JWE_A2.ciphert_b64u)
        self.assertEqual(jwemsg.iv, JWE_A2.iv_b64u)

        self.assertEqual(len(jwemsg.recipients), 1)
        self.assertEqual(jwemsg.recipients[0].encrypted_key,
                         JWE_A2.jwe_enc_key_b64u)
        self.assertEqual(jwemsg.recipients[0].header.alg,
                         KeyEncEnum.RSA1_5)
        self.assertEqual(jwemsg.recipients[0].header.enc,
                         EncEnum.A128CBC_HS256)

        jwk = Jwk(**JWE_A2.jwk_dict)
        print "Jwk", jwk.kty, jwk.length
        plaint = jwemsg.get_plaintext(jwk=jwk)

        self.assertEqual(jwemsg.plaintext, JWE_A2.plaint)
        self.assertEqual(jwemsg.cek, JWE_A2.cek)

        print plaint, jwemsg.to_json()
Exemple #3
0
    def test_multi(self):
        '''
        nose2 jose.tests.test_jwe.TestJweMessage.test_multi
        '''

        payload = "All you need is love."

        jku= "http://test.multi.com/jwkset",
        receiver =  TestEntity(
            identifier="http://test.multi.com", jku=jku, 
        )
        fake =  TestEntity(
            identifier="http://test.fake.com", jku=jku, 
        )

        enc = EncEnum.all()[0]

        for enc in EncEnum.all():
            message = Message(
                protected=Jwe(enc=enc, zip="DEF",),
                unprotected=Jwe(typ="text"),
                plaintext=_BE(payload)
            )

            for alg in KeyEncEnum.all():
                if alg.single:
                    continue

                recipient = Recipient(
                    header=Jwe(alg=alg, jku=jku,),
                    recipient=receiver
                )
                message.add_recipient(recipient)

            json_message = message.serialize_json(indent=2)

            receivers = [fake, receiver]
            for me in receivers:
                message2 = Message.from_token(
                    json_message, sender=None, receiver=me)

                self.assertEqual(
                    len(message.recipients), len(message2.recipients))
                try:
                    print _BD(message2.plaintext), enc, me
                except:
                    print traceback.format_exc()
Exemple #4
0
    def _alg_enc_test(self, alg, enc, receiver, jku, plaintext):
        print "============================================================"
        print " TEST for", alg, enc
        print "============================================================"
        #: Message
        message = Message(
            protected=Jwe(enc=enc, zip="DEF",),
            unprotected=Jwe(typ="text"),
            plaintext=_BE(plaintext)
        )

        recipient = Recipient(
            header=Jwe(alg=alg, jku=jku),
            recipient=receiver
        )
        message.add_recipient(recipient)

        texts = [
            message.serialize_json(indent=2),
            message.serialize_compact(),
        ]

        for t in texts:
            print "--------------------------\n", t
            m = Message.from_token(t, sender=None, receiver=receiver)
            m.get_plaintext()

            self.assertEqual(
                len(message.recipients), len(m.recipients))
            self.assertEqual(_BD(m.plaintext), plaintext)

        return message
Exemple #5
0
    def parse(cls, token, sender, recipient):
        from jose.jwe import Message as JweMessage, NotJweException
        from jose.jws import Message as JwsMessage

        parts = token.split('.')
        if len(parts) < 2:
            # TODO: Define exception
            raise Exception("not JWT")

        try:
            obj = JweMessage.parse_token(token, sender, recipient) 
        except NotJweException:
            obj = JwsMessage.parse_token(token, sender, recipient)

        if not obj:
            return None

        verified = obj.verify() 

        header = obj.header()
        if header.cty == 'JWT':
            return cls.parse(obj.text(), sender, recipient)

        return obj and cls.from_json(obj.text(), verified=verified) or None
Exemple #6
0
    def test_jwa_appendix_a4(self):
        '''
        nose2 jose.tests.test_jwe.TestJwe.test_jwa_appendix_a4
        '''
        import os
        json_file = os.path.join(
            os.path.dirname(os.path.abspath(__file__)),
            'jwe_appendix_a4.json')

        msg = Message.from_file(json_file)

        # A.4.1 - JWE Per-Recipient Unprotected Headers

        self.assertEqual(len(msg.recipients), 2)
        rec0, rec1 = msg.recipients

        self.assertEqual(rec0.header.alg, KeyEncEnum.RSA1_5)
#        self.assertEqual(rec0.header.kid, "2011-04-29")
        self.assertEqual(rec1.header.alg, KeyEncEnum.A128KW)
#        self.assertEqual(rec1.header.kid, "7")

        # A.4.2 - JWE Protected Header
        self.assertEqual(
            msg._protected.enc, EncEnum.A128CBC_HS256)

        # A.4.3 - JWE Unprotected Header
        self.assertEqual(
            msg.unprotected.jku,
            "https://server.example.com/keys.jwks")

        # A.4.4 - Complete JWE Header Values
        # kid is missing....
        dict0 = msg.header(0).to_dict()
        dict1 = msg.header(1).to_dict()
        self.assertEqual(dict0['alg'], "RSA1_5")
        self.assertEqual(dict0['enc'], "A128CBC-HS256")
        self.assertEqual(dict0["jku"], "https://server.example.com/keys.jwks")
        self.assertEqual(dict1['alg'], "A128KW")
        self.assertEqual(dict1['enc'], "A128CBC-HS256")
        self.assertEqual(dict1["jku"], "https://server.example.com/keys.jwks")

        # A.4.5 - Additional Authenticated Data
        aad_oct = [
            101, 121, 74, 108, 98, 109, 77,
            105, 79, 105, 74, 66, 77, 84, 73,
            52, 81, 48, 74, 68, 76, 85, 104, 84,
            77, 106, 85, 50, 73, 110, 48]
        aad = _S(aad_oct)
        self.assertEqual(aad, msg.auth_data)

        # A.4.6 - Content Encryption
        self.assertEqual(msg.iv, JWE_A3.iv_b64)
        tag_oct = [
            51, 63, 149, 60, 252, 148, 225,
            25, 92, 185, 139, 245, 35, 2, 47, 207]
        self.assertEqual(msg.tag, _BE(_S(tag_oct)))

        ciphert_oct = [
            40, 57, 83, 181, 119, 33,
            133, 148, 198, 185, 243, 24, 152, 230, 6,
            75, 129, 223, 127, 19, 210, 82, 183,
            230, 168, 33, 215, 104, 143,
            112, 56, 102]

        self.assertEqual(msg.ciphertext, _BE(_S(ciphert_oct)))
        self.assertIsNone(msg._plaintext)
        self.assertIsNone(msg.cek)
        self.assertEqual(msg.tag, "Mz-VPPyU4RlcuYv1IwIvzw")
        self.assertEqual(msg.iv, "AxY8DCtDaGlsbGljb3RoZQ")

        #: give CEK manually
        msg.cek = JWE_B.cek
        self.assertEqual(msg.plaintext, JWE_A3.plaint)

        #:
        print msg.to_json(indent=2)