def test_validation_domain_name_ecdsa(self):
ec_key_secp384r1 = JWKEC(
key=test_util.load_ecdsa_private_key('ec_secp384r1_key.pem'))
self.assertIs(
self.msg.check_validation(
self.msg.gen_validation(ec_key_secp384r1, alg=jose.ES384),
ec_key_secp384r1.public_key()), True)
def setUp(self):
from josepy.jwk import JWKEC
self.jwk256 = JWKEC(key=EC_P256_KEY.public_key())
self.jwk384 = JWKEC(key=EC_P384_KEY.public_key())
self.jwk521 = JWKEC(key=EC_P521_KEY.public_key())
self.jwk256_not_comparable = JWKEC(key=EC_P256_KEY.public_key()._wrapped)
self.jwk256json = {
'kty': 'EC',
'crv': 'P-256',
'x': 'jjQtV-fA7J_tK8dPzYq7jRPNjF8r5p6LW2R25S2Gw5U',
'y': 'EPAw8_8z7PYKsHH6hlGSlsWxFoFl7-0vM0QRGbmnvCc',
}
self.jwk384json = {
'kty': 'EC',
'crv': 'P-384',
'x': 'tIhpNtEXkadUbrY84rYGgApFM1X_3l3EWQRuOP1IWtxlTftrZQwneJZF0k0eRn00',
'y': 'KW2Gp-TThDXmZ-9MJPnD8hv-X130SVvfZRl1a04HPVwIbvLe87mvA_iuOa-myUyv',
}
self.jwk521json = {
'kty': 'EC',
'crv': 'P-521',
'x': 'AFkdl6cKzBmP18U8fffpP4IZN2eED45hDcwRPl5ZeClwHcLtnMBMuWYFFO_Nzm6DL2MhpN0zI2bcMLJd95aY2tPs', # noqa
'y': 'AYvZq3wByjt7nQd8nYMqhFNCL3j_-U6GPWZet1hYBY_XZHrC4yIV0R4JnssRAY9eqc1EElpCc4hziis1jiV1iR4W', # noqa
}
self.private = JWKEC(key=EC_P256_KEY)
self.private_json = {
'd': 'xReNQBKqqTthG8oTmBdhp4EQYImSK1dVqfa2yyMn2rc',
'x': 'jjQtV-fA7J_tK8dPzYq7jRPNjF8r5p6LW2R25S2Gw5U',
'y': 'EPAw8_8z7PYKsHH6hlGSlsWxFoFl7-0vM0QRGbmnvCc',
'crv': 'P-256',
'kty': 'EC'}
self.jwk = self.private
def test_gen_check_validation(self):
ec_key_secp384r1 = JWKEC(
key=test_util.load_ecdsa_private_key('ec_secp384r1_key.pem'))
for key, alg in [(KEY, jose.RS256), (ec_key_secp384r1, jose.ES384)]:
with self.subTest(key=key, alg=alg):
self.assertTrue(
self.msg.check_validation(
self.msg.gen_validation(key, alg=alg),
key.public_key()))
def test_encode_y_leading_zero_p256(self):
import josepy
from josepy.jwk import JWK, JWKEC
data = b"""-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICZ7LCI99Na2KZ/Fq8JmJROakGJ5+J7rHiGSPoO36kOAoAoGCCqGSM49
AwEHoUQDQgAEGS5RvStca15z2FEanCM3juoX7tE/LB7iD44GWawGE40APAl/iZuH
31wQfst4glTZpxkpEI/MzNZHjiYnqrGeSw==
-----END EC PRIVATE KEY-----"""
key = JWKEC.load(data)
data = key.to_partial_json()
y = josepy.json_util.decode_b64jose(data['y'])
self.assertEqual(y[0], 0)
self.assertEqual(len(y), 32)
JWK.from_json(data)
def test_load(self):
from josepy.jwk import JWKEC
self.assertEqual(self.private,
JWKEC.load(test_util.load_vector('ec_p256_key.pem')))
def test_encode_param_zero(self):
from josepy.jwk import JWKEC
# pylint: disable=protected-access
# TODO: move encode/decode _param to separate class
self.assertEqual('AA', JWKEC._encode_param(0, 1))
class JWKECTest(unittest.TestCase, JWKTestBaseMixin):
"""Tests for josepy.jwk.JWKEC."""
# pylint: disable=too-many-instance-attributes
thumbprint = (b'\x06\xceL\x1b\xa8\x8d\x86\x1flF\x99J\x8b\xe0$\t\xbbj'
b'\xd8\xf6O\x1ed\xdeR\x8f\x97\xff\xf6\xa2\x86\xd3')
def setUp(self):
from josepy.jwk import JWKEC
self.jwk256 = JWKEC(key=EC_P256_KEY.public_key())
self.jwk384 = JWKEC(key=EC_P384_KEY.public_key())
self.jwk521 = JWKEC(key=EC_P521_KEY.public_key())
self.jwk256_not_comparable = JWKEC(
key=EC_P256_KEY.public_key()._wrapped)
self.jwk256json = {
'kty': 'EC',
'crv': 'P-256',
'x': 'jjQtV-fA7J_tK8dPzYq7jRPNjF8r5p6LW2R25S2Gw5U',
'y': 'EPAw8_8z7PYKsHH6hlGSlsWxFoFl7-0vM0QRGbmnvCc',
}
self.jwk384json = {
'kty':
'EC',
'crv':
'P-384',
'x':
'tIhpNtEXkadUbrY84rYGgApFM1X_3l3EWQRuOP1IWtxlTftrZQwneJZF0k0eRn00',
'y':
'KW2Gp-TThDXmZ-9MJPnD8hv-X130SVvfZRl1a04HPVwIbvLe87mvA_iuOa-myUyv',
}
self.jwk521json = {
'kty':
'EC',
'crv':
'P-521',
'x':
'AFkdl6cKzBmP18U8fffpP4IZN2eED45hDcwRPl5ZeClwHcLtnMBMuWYFFO_Nzm6DL2MhpN0zI2bcMLJd95aY2tPs', # noqa
'y':
'AYvZq3wByjt7nQd8nYMqhFNCL3j_-U6GPWZet1hYBY_XZHrC4yIV0R4JnssRAY9eqc1EElpCc4hziis1jiV1iR4W', # noqa
}
self.private = JWKEC(key=EC_P256_KEY)
self.private_json = {
'd': 'xReNQBKqqTthG8oTmBdhp4EQYImSK1dVqfa2yyMn2rc',
'x': 'jjQtV-fA7J_tK8dPzYq7jRPNjF8r5p6LW2R25S2Gw5U',
'y': 'EPAw8_8z7PYKsHH6hlGSlsWxFoFl7-0vM0QRGbmnvCc',
'crv': 'P-256',
'kty': 'EC'
}
self.jwk = self.private
def test_init_auto_comparable(self):
self.assertIsInstance(self.jwk256_not_comparable.key,
util.ComparableECKey)
self.assertEqual(self.jwk256, self.jwk256_not_comparable)
def test_encode_param_zero(self):
from josepy.jwk import JWKEC
# pylint: disable=protected-access
# TODO: move encode/decode _param to separate class
self.assertEqual('AA', JWKEC._encode_param(0, 1))
def test_equals(self):
self.assertEqual(self.jwk256, self.jwk256)
self.assertEqual(self.jwk384, self.jwk384)
self.assertEqual(self.jwk521, self.jwk521)
def test_not_equals(self):
self.assertNotEqual(self.jwk256, self.jwk384)
self.assertNotEqual(self.jwk256, self.jwk521)
self.assertNotEqual(self.jwk384, self.jwk256)
self.assertNotEqual(self.jwk384, self.jwk521)
self.assertNotEqual(self.jwk521, self.jwk256)
self.assertNotEqual(self.jwk521, self.jwk384)
def test_load(self):
from josepy.jwk import JWKEC
self.assertEqual(self.private,
JWKEC.load(test_util.load_vector('ec_p256_key.pem')))
def test_public_key(self):
self.assertEqual(self.jwk256, self.private.public_key())
def test_to_partial_json(self):
self.assertEqual(self.jwk256.to_partial_json(), self.jwk256json)
self.assertEqual(self.jwk384.to_partial_json(), self.jwk384json)
self.assertEqual(self.jwk521.to_partial_json(), self.jwk521json)
self.assertEqual(self.private.to_partial_json(), self.private_json)
def test_from_json(self):
from josepy.jwk import JWK
self.assertEqual(self.jwk256, JWK.from_json(self.jwk256json))
self.assertEqual(self.jwk384, JWK.from_json(self.jwk384json))
self.assertEqual(self.jwk521, JWK.from_json(self.jwk521json))
self.assertEqual(self.private, JWK.from_json(self.private_json))
def test_from_json_missing_x_coordinate(self):
from josepy.jwk import JWK
del self.private_json['x']
self.assertRaises(KeyError, JWK.from_json, self.private_json)
def test_from_json_missing_y_coordinate(self):
from josepy.jwk import JWK
del self.private_json['y']
self.assertRaises(KeyError, JWK.from_json, self.private_json)
def test_from_json_hashable(self):
from josepy.jwk import JWK
hash(JWK.from_json(self.jwk256json))
def test_from_json_non_schema_errors(self):
# valid against schema, but still failing
from josepy.jwk import JWK
self.assertRaises(
errors.DeserializationError, JWK.from_json, {
'kty': 'EC',
'crv': 'P-256',
'x': 'AQAB',
'y': 'm2Fylv-Uz7trgTW8EBHP3FQSMeZs2GNQ6VRo1sIVJEk'
})
self.assertRaises(
errors.DeserializationError, JWK.from_json, {
'kty': 'EC',
'crv': 'P-256',
'x': 'jjQtV-fA7J_tK8dPzYq7jRPNjF8r5p6LW2R25S2Gw5U',
'y': '1',
})
def test_unknown_crv_name(self):
from josepy.jwk import JWK
self.assertRaises(
errors.DeserializationError, JWK.from_json, {
'kty': 'EC',
'crv': 'P-255',
'x': 'jjQtV-fA7J_tK8dPzYq7jRPNjF8r5p6LW2R25S2Gw5U',
'y': 'EPAw8_8z7PYKsHH6hlGSlsWxFoFl7-0vM0QRGbmnvCc'
})
def test_encode_y_leading_zero_p256(self):
import josepy
from josepy.jwk import JWK, JWKEC
data = b"""-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICZ7LCI99Na2KZ/Fq8JmJROakGJ5+J7rHiGSPoO36kOAoAoGCCqGSM49
AwEHoUQDQgAEGS5RvStca15z2FEanCM3juoX7tE/LB7iD44GWawGE40APAl/iZuH
31wQfst4glTZpxkpEI/MzNZHjiYnqrGeSw==
-----END EC PRIVATE KEY-----"""
key = JWKEC.load(data)
data = key.to_partial_json()
y = josepy.json_util.decode_b64jose(data['y'])
self.assertEqual(y[0], 0)
self.assertEqual(len(y), 32)
JWK.from_json(data)