def test_dj_usage(): pkey = import_private_rsa_key_from_file(full_path("./size2048.key")) payload = "Please take a moment to register today" keys = [RSAKey(key=pkey)] _jws = JWS(payload, alg='RS256') sjwt = _jws.sign_compact(keys) _jwt = factory(sjwt) assert _jwt.jwt.headers['alg'] == 'RS256'
def test_pick_alg_dont_get_alg_from_single_key_if_already_specified(): expected_alg = "RS512" _pkey = import_private_rsa_key_from_file(PRIV_KEY) #keys = [RSAKey(key=_pkey, alg="RS256")] vkeys = [RSAKey(key=_pkey.public_key())] alg = JWS(alg=expected_alg)._pick_alg(vkeys) assert alg == expected_alg
def test_import_rsa_key(): _ckey = import_private_rsa_key_from_file(full_path(KEY)) assert isinstance(_ckey, rsa.RSAPrivateKey) djwk = jwk_wrap(_ckey).to_dict() assert _eq(djwk.keys(), ["kty", "e", "n", "p", "q", "d"]) assert djwk[ "n"] == '5zbNbHIYIkGGJ3RGdRKkYmF4gOorv5eDuUKTVtuu3VvxrpOWvwnFV-NY0LgqkQSMMyVzodJE3SUuwQTUHPXXY5784vnkFqzPRx6bHgPxKz7XfwQjEBTafQTMmOeYI8wFIOIHY5i0RWR-gxDbh_D5TXuUqScOOqR47vSpIbUH-nc' assert djwk['e'] == 'AQAB'
def test_serialize_rsa_priv_key(): rsakey = RSAKey(key=import_private_rsa_key_from_file(full_path("rsa.key"))) assert rsakey.d d_rsakey = rsakey.serialize(private=True) restored_key = RSAKey(**d_rsakey) assert restored_key == rsakey assert rsakey.is_private_key() assert restored_key.is_private_key()
def test_signer_ps384(): payload = "Please take a moment to register today" _pkey = import_private_rsa_key_from_file(PRIV_KEY) keys = [RSAKey(key=_pkey)] # keys[0]._keytype = "private" _jws = JWS(payload, alg="PS384") _jwt = _jws.sign_compact(keys) vkeys = [RSAKey(key=_pkey.public_key())] _rj = JWS() info = _rj.verify_compact(_jwt, vkeys) assert info == payload
def test_signer_ps512(): payload = "Please take a moment to register today" # Key has to be big enough > 512+512+2 _pkey = import_private_rsa_key_from_file(full_path("./size2048.key")) keys = [RSAKey(key=_pkey)] # keys[0]._keytype = "private" _jws = JWS(payload, alg="PS512") _jwt = _jws.sign_compact(keys) vkeys = [RSAKey(key=_pkey.public_key())] _rj = factory(_jwt) info = _rj.verify_compact(_jwt, vkeys) assert info == payload
def test_signer_ps256_fail(): payload = "Please take a moment to register today" _pkey = import_private_rsa_key_from_file(PRIV_KEY) keys = [RSAKey(key=_pkey)] # keys[0]._keytype = "private" _jws = JWS(payload, alg="PS256") _jwt = _jws.sign_compact(keys)[:-5] + 'abcde' vkeys = [RSAKey(key=_pkey.public_key())] _rj = JWS() try: _rj.verify_compact(_jwt, vkeys) except cryptojwt.exception.BadSignature: pass else: assert False
def test_rs256_rm_signature(): payload = "Please take a moment to register today" _pkey = import_private_rsa_key_from_file(PRIV_KEY) keys = [RSAKey(key=_pkey)] # keys[0]._keytype = "private" _jws = JWS(payload, alg="RS256") _jwt = _jws.sign_compact(keys) p = _jwt.split('.') _jwt = '.'.join(p[:-1]) vkeys = [RSAKey(key=_pkey.public_key())] _rj = JWS() try: _ = _rj.verify_compact(_jwt, vkeys) except WrongNumberOfParts: pass else: assert False
# enc_cipher_text = b64e(ctxt) # assert enc_cipher_text == b'KDlTtXchhZTGufMYmOYGS4HffxPSUrfmqCHXaI9wOGY' # # enc_authn_tag = b64e(tag) # assert enc_authn_tag == b'U0m_YmjN04DJvceFICbCVQ' BASEDIR = os.path.abspath(os.path.dirname(__file__)) def full_path(local_file): return os.path.join(BASEDIR, local_file) KEY = full_path("rsa.key") priv_key = import_private_rsa_key_from_file(KEY) pub_key = priv_key.public_key() plain = b'Now is the time for all good men to come to the aid of their country.' def test_cek_reuse_encryption_rsaes_rsa15(): _rsa = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256") jwt = _rsa.encrypt(pub_key) dec = JWE_RSA() msg = dec.decrypt(jwt, priv_key) assert msg == plain _rsa2 = JWE_RSA(plain, alg="RSA1_5", enc="A128CBC-HS256") jwt = _rsa2.encrypt(None, cek=dec["cek"]) dec2 = JWE_RSA()
from cryptojwt.jwk import import_private_rsa_key_from_file, SYMKey from cryptojwt.jwk import RSAKey from cryptojwt.jwt import JWT __author__ = 'Roland Hedberg' ALICE = 'https://example.org/alice' BOB = 'https://example.com/bob' BASEDIR = os.path.abspath(os.path.dirname(__file__)) def full_path(local_file): return os.path.join(BASEDIR, local_file) k1 = import_private_rsa_key_from_file(full_path('rsa.key')) k2 = import_private_rsa_key_from_file(full_path('size2048.key')) ALICE_KEYS = [ RSAKey(use='sig', kid='1').load_key(k1), RSAKey(use='enc', kid='2').load_key(k2) ] ALICE_PUB_KEYS = [ RSAKey(use='sig', kid='1').load_key(k1.public_key()), RSAKey(use='enc', kid='2').load_key(k2.public_key()) ] k3 = import_private_rsa_key_from_file(full_path('server.key')) BOB_KEYS = [RSAKey(use='enc', kid='3').load_key(k3)] BOB_PUB_KEYS = [RSAKey(use='enc', kid='3').load_key(k3.public_key())]