Esempio n. 1
0
    def serialize(self, flatten: bool = False) -> bytes:
        """
        Serializes the JWSSet into a JSON object via https://tools.ietf.org/html/rfc7515#section-3.2.

        Parameters:
            flatten (bool): Whether or not to flatten the structure if there's only one signature.
        
        Returns:
            bytes: JSON encoding as bytes.
        """
        json_set = {
            'payload':
            url_b64_encode(self.payload).decode(),
            'signatures': [{
                'protected': url_b64_encode(jws.header).decode(),
                'header': unprotected_header,
                'signature': url_b64_encode(jws.signature).decode()
            } for jws, unprotected_header in self.signatures]
        }

        if flatten and len(json_set['signatures']) == 1:
            json_set.update(json_set['signatures'][0])
            del json_set['signatures']

        return json.dumps(json_set, separators=(',', ':')).encode('utf-8')
Esempio n. 2
0
    def recompute_signature(self, key: object):
        """
        Recomputes the signature given a `key`.

        Parameters:
            key (object): Signing key. Object type depending on the JWASignatureAlg.
        """
        self.signature = JWA_ALG_MAP[self.alg].sign(
            key,
            url_b64_encode(self.header) + b'.' + url_b64_encode(self.body))
Esempio n. 3
0
    def verify(self, key: object) -> bool:
        """
        Verifies the signature on the JWS.

        Parameters:
            key (object): Verification key with object type depending on the JWASignatureAlg.
        
        Returns:
            bool: Whether or not it passed verification.
        """
        data = url_b64_encode(self.header) + b'.' + url_b64_encode(self.body)
        return JWA_ALG_MAP[self.alg].verify(key, data, self.signature)
Esempio n. 4
0
    def build_pub(rsa_key: object) -> dict:
        """
        Formats the public parameters of the key as a `dict`.

        Parameters:
            rsa_key (RSA): Key to format.
        
        Returns:
            dict: JWK dict with public parameters.
        """
        jwk = {
            'kty': 'RSA',
            'n': url_b64_encode(Bytes(rsa_key.n)).decode(),
            'e': url_b64_encode(Bytes(rsa_key.e)).decode(),
        }

        return jwk
Esempio n. 5
0
    def encrypt(self, kek: bytes, cek: bytes, header: dict) -> Bytes:
        rij = Rijndael(kek)
        gcm = GCM(rij)

        ct_and_tag = gcm.encrypt(url_b64_decode(header['iv'].encode('utf-8')),
                                 cek, b'')
        header['tag'] = url_b64_encode(ct_and_tag[-16:]).decode()

        return ct_and_tag[:-16]
Esempio n. 6
0
    def build_pub(ec_key: object) -> dict:
        """
        Formats the public parameters of the key as a `dict`.

        Parameters:
            ec_key (ECDSA): Key to format.
        
        Returns:
            dict: JWK dict with public parameters.
        """
        jwk = {
            'kty': 'EC',
            'crv': JWK_CURVE_NAME_LOOKUP[ec_key.G.curve],
            'x': url_b64_encode(Bytes(int(ec_key.Q.x))).decode(),
            'y': url_b64_encode(Bytes(int(ec_key.Q.y))).decode(),
        }

        return jwk
Esempio n. 7
0
    def serialize(self) -> Bytes:
        """
        Serialize the JWS into its compact representation.

        Returns:
            Bytes: BASE64-URL encoded JWS.
        """
        return Bytes(b'.'.join([
            url_b64_encode(part)
            for part in [self.header, self.body, self.signature]
        ]))
Esempio n. 8
0
    def encode(ec_key: object, **kwargs) -> str:
        """
        Encodes the key as a JWK JSON string.

        Parameters:
            ec_key (ECDSA): ECDSA key to encode.
        
        Returns:
            str: JWK JSON string.
        """
        jwk = JWKECPublicKey.build_pub(ec_key)
        jwk['d'] = url_b64_encode(Bytes(ec_key.d)).decode()

        return json.dumps(jwk).encode('utf-8')
Esempio n. 9
0
    def build_pub(eddsa_key: object) -> dict:
        """
        Formats the public parameters of the key as a `dict`.

        Parameters:
            eddsa_key (EdDSA): Key to format.
        
        Returns:
            dict: JWK dict with public parameters.
        """
        jwk = {
            'kty': 'OKP',
            'crv': JWK_CURVE_NAME_LOOKUP[eddsa_key.curve],
            'x': url_b64_encode(eddsa_key.get_pub_bytes()).decode()
        }

        return jwk
Esempio n. 10
0
    def encode(rsa_key: object, **kwargs) -> str:
        """
        Encodes the key as a JWK JSON string.

        Parameters:
            rsa_key (RSA): RSA key to encode.
        
        Returns:
            str: JWK JSON string.
        """
        jwk = JWKRSAPublicKey.build_pub(rsa_key)

        jwk['d'] = url_b64_encode(Bytes(rsa_key.alt_d)).decode()
        jwk['p'] = url_b64_encode(Bytes(rsa_key.p)).decode()
        jwk['q'] = url_b64_encode(Bytes(rsa_key.q)).decode()
        jwk['dp'] = url_b64_encode(Bytes(rsa_key.dP)).decode()
        jwk['dq'] = url_b64_encode(Bytes(rsa_key.dQ)).decode()
        jwk['qi'] = url_b64_encode(Bytes(rsa_key.Qi)).decode()

        return json.dumps(jwk).encode('utf-8')
Esempio n. 11
0
 def generate_encryption_params(self) -> dict:
     return {'p2s': url_b64_encode(Bytes.random(8)).decode(), 'p2c': 1000}
Esempio n. 12
0
 def generate_encryption_params(self) -> dict:
     return {'iv': url_b64_encode(Bytes.random(12)).decode()}