def from_jwk(self, jwk): self.material = jwk.d and \ self.create_material( jwk.crv.bits, d=base64.long_from_b64(jwk.d)) or \ self.create_material( jwk.crv.bits, x=base64.long_from_b64(jwk.x), y=base64.long_from_b64(jwk.y),)
def test_public(self): n = [ '0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx', '4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs', 'tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2', 'QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI', 'SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb', 'w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw', ] e = "AQAB" from jose.utils import base64 ln = base64.long_from_b64(''.join(n)) le = base64.long_from_b64(e) from Crypto.PublicKey import RSA pub = RSA.RSAImplementation().construct((ln, le,)) print(pub.exportKey('PEM'))
def _to_pub(km): return ( int(re.search(r"P-(\d+)$", km['crv']).group(1)), (base64.long_from_b64(km['x']), base64.long_from_b64(km['y'])), )
def test_jws_appendix_a4(self): header_str = '{"alg":"ES512"}' header_oct = [ 123, 34, 97, 108, 103, 34, 58, 34, 69, 83, 53, 49, 50, 34, 125] self.assertEqual( [isinstance(i, int) and i or ord(i[:1]) for i in b(header_str)], header_oct) header_b64 = 'eyJhbGciOiJFUzUxMiJ9' self.assertEqual( base64.base64url_encode(header_str), b(header_b64)) payload_str = "Payload" payload_oct = [ 80, 97, 121, 108, 111, 97, 100, ] self.assertEqual( [isinstance(i, int) and i or ord(i[:1]) for i in b(payload_str)], payload_oct) payload_b64 = "UGF5bG9hZA" self.assertEqual( base64.base64url_encode(payload_str), b(payload_b64)) signing_input_b64 = ".".join([header_b64, payload_b64]) signing_input_oct = [ 101, 121, 74, 104, 98, 71, 99, 105, 79, 105, 74, 70, 85, 122, 85, 120, 77, 105, 74, 57, 46, 85, 71, 70, 53, 98, 71, 57, 104, 90, 65] self.assertEqual(_ilist(signing_input_b64), signing_input_oct) jwk_str = ''' {"kty":"EC", "crv":"P-521", "x":"AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk", "y":"ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2", "d":"AY5pb7A0UFiB3RELSD64fTLOSV_jazdF7fLYyuTw8lOfRhWg6Y6rUrPAxerEzgdRhajnu0ferB0d53vM9mE15j2C" }''' from jose.jwk import Jwk jwk = Jwk.from_json(jwk_str) import hashlib # Sign pri = jwk.key.private_key_tuple self.assertEqual(pri[0], 521) self.assertEqual( pri[1], base64.long_from_b64( 'AY5pb7A0UFiB3RELSD64fTLOSV_jazdF7fLYyuTw8lOfRhWg6Y6rUrPAxerEzgdRhajnu0ferB0d53vM9mE15j2C') # NOQA ) digest = int(hashlib.new('sha512', b(signing_input_b64)).hexdigest(), 16) signature = jwk.key.sign_longdigest(digest) self.assertEqual(type(signature), tuple) #: This signature changes everytime. self.assertTrue(isinstance(signature, tuple)) self.assertEqual(len(signature), 2) # Verify pub = jwk.key.public_key_tuple self.assertEqual(pub[0], 521) self.assertEqual(pub[1], base64.long_from_b64( "AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk" # NOQA ) ) self.assertEqual(pub[2], base64.long_from_b64( "ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2" # NOQA ) ) self.assertTrue(jwk.key.verify_longdigest(digest, signature)) sig_jws_oct = ( [1, 220, 12, 129, 231, 171, 194, 209, 232, 135, 233, 117, 247, 105, 122, 210, 26, 125, 192, 1, 217, 21, 82, 91, 45, 240, 255, 83, 19, 34, 239, 71, 48, 157, 147, 152, 105, 18, 53, 108, 163, 214, 68, 231, 62, 153, 150, 106, 194, 164, 246, 72, 143, 138, 24, 50, 129, 223, 133, 206, 209, 172, 63, 237, 119, 109], [0, 111, 6, 105, 44, 5, 41, 208, 128, 61, 152, 40, 92, 61, 152, 4, 150, 66, 60, 69, 247, 196, 170, 81, 193, 199, 78, 59, 194, 169, 16, 124, 9, 143, 42, 142, 131, 48, 206, 238, 34, 175, 83, 203, 220, 159, 3, 107, 155, 22, 27, 73, 111, 68, 68, 21, 238, 144, 229, 232, 148, 188, 222, 59, 242, 103] ) sig_jws_b64 = ''.join([ 'AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZq', 'wqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8Kp', 'EHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn', ]) sig_jws_str = base64.base64url_decode(sig_jws_b64) self.assertEqual(len(sig_jws_str), 66 * 2) from Crypto.Util.number import bytes_to_long sig_jws_tuple = (bytes_to_long(sig_jws_str[:66]), bytes_to_long(sig_jws_str[66:]),) self.assertTrue(jwk.key.verify_longdigest(digest, sig_jws_tuple))