def test1():
kj = KeyJar()
url = key_export("http://example.com/keys/", "outbound", "secret",
keyjar=kj, sig={"alg": "rsa", "format": ["x509", "jwk"]})
print url
assert url == "http://example.com/keys/outbound/jwks"
def test_key_export():
kj = KeyJar()
url = key_export(
"http://example.com/keys/",
"outbound",
"secret",
keyjar=kj,
sig={
"alg": "rsa",
"format": ["x509", "jwk"]
},
)
assert url == "http://example.com/keys/outbound/jwks"
# Now a jwks should reside in './keys/outbound/jwks'
kb = KeyBundle(source="file://./keys/outbound/jwks")
# One key
assert len(kb) == 1
# more specifically one RSA key
assert len(kb.get("RSA")) == 1
k = kb.get("RSA")[0]
# For signing
assert k.use == "sig"
def key_setup(self, local_path, vault="keys", sig=None, enc=None):
"""
my keys
:param local_path: The path to where the JWKs should be stored
:param vault: Where the private key will be stored
:param sig: Key for signature
:param enc: Key for encryption
:return: A URL the RP can use to download the key.
"""
self.jwks_uri = key_export(self.baseurl, local_path, vault, self.keyjar, fqdn=self.hostname, sig=sig, enc=enc)
def key_setup(self, local_path, vault="keys", sig=None, enc=None):
"""
my keys
:param local_path: The path to where the JWKs should be stored
:param vault: Where the private key will be stored
:param sig: Key for signature
:param enc: Key for encryption
:return: A URL the RP can use to download the key.
"""
self.jwks_uri = key_export(self.baseurl, local_path, vault, self.keyjar,
fqdn=self.hostname, sig=sig, enc=enc)
def test_key_export():
kj = KeyJar()
url = key_export("http://example.com/keys/",
"outbound",
"secret",
keyjar=kj,
sig={
"alg": "rsa",
"format": ["x509", "jwk"]
})
assert url == "http://example.com/keys/outbound/jwks"
def test_key_export():
kj = KeyJar()
url = key_export("http://example.com/keys/", "outbound", "secret",
keyjar=kj, sig={"alg": "rsa", "format": ["x509", "jwk"]})
assert url == "http://example.com/keys/outbound/jwks"
# Now a jwks should reside in './keys/outbound/jwks'
kb = KeyBundle(source='file://./keys/outbound/jwks')
# One key
assert len(kb) == 1
# more specifically one RSA key
assert len(kb.get('RSA')) == 1
k = kb.get('RSA')[0]
# For signing
assert k.use == 'sig'
def export(self):
# has to be there
self.trace.info("EXPORT")
#self.cconf["_base_url"] = server_url_pattern % (self.args.host,)
part, res = key_export(self.cconf["_base_url"], "exports", "vault",
self.client.keyjar, "example.com",
sig={"alg": "rsa", "create_if_missing": True,
"format": ["jwk", "x509"]})
for name, url in res.items():
self.cconf[name] = url
if self.args.internal_server:
self._pop = start_key_server(part)
self.environ["keyprovider"] = self._pop
self.trace.info("Started key provider")
time.sleep(1)
def test1():
kj = KeyJar()
part,res = key_export("http://example.com/keys/", "outbound", "secret",
keyjar=kj,
sig={"alg":"rsa", "format":["x509", "jwk"]})
print part
print res
cert = "keys/outbound/cert.pem"
jwk_def = "keys/outbound/jwk.json"
_ckey = x509_rsa_loads(open(cert).read())
_jkey = jwk.loads(open(jwk_def).read())[0][1]
print jwe.hd2ia(hexlify(_ckey.n))
print jwe.hd2ia(hexlify(_jkey.n))
assert _ckey.n == _jkey.n
def run_key_server(server_url, host, script_path="", wdir=""):
kj = KeyJar()
_ = key_export(server_url % host, keyjar=kj, **KEY_EXPORT_ARGS)
return start_key_server(server_url % host, wdir, script_path)
def run_key_server(server_url_pattern, host):
kj = KeyJar()
part, res = key_export(server_url_pattern % host, keyjar=kj,
**KEY_EXPORT_ARGS)
return start_key_server(part)
def run_key_server(server_url, host):
kj = KeyJar()
_ = key_export(server_url % host, keyjar=kj, **KEY_EXPORT_ARGS)
return start_key_server(server_url)
def run_key_server(server_url, host, script_path="", wdir=""):
kj = KeyJar()
_ = key_export(server_url % host, keyjar=kj, **KEY_EXPORT_ARGS)
return start_key_server(server_url % host, wdir, script_path)
