def test_get_key(): ec_key = generate_private_key(NIST2SEC['P-256'], default_backend()) asym_private_key = ECKey(priv_key=ec_key) asym_public_key = ECKey(pub_key=asym_private_key.pub_key) key = SYMKey(key='mekmitasdigoatfo', kid='xyzzy') assert asym_private_key.private_key() assert asym_private_key.public_key() assert asym_public_key.private_key() is None assert asym_private_key.public_key() assert key.key
def test_get_key(): ec_key = new_ec_key("P-256") asym_private_key = ECKey(priv_key=ec_key.priv_key) asym_public_key = ECKey(pub_key=asym_private_key.pub_key) key = SYMKey(key="mekmitasdigoatfo", kid="xyzzy") assert asym_private_key.private_key() assert asym_private_key.public_key() assert asym_public_key.private_key() is None assert asym_private_key.public_key() assert key.key
def test_verify_json_missing_key(): ec_key = ECKey().load_key(P256()) sym_key = SYMKey(key=b"My hollow echo chamber", alg="HS384") protected_headers_1 = {"foo": "bar", "alg": "ES256"} unprotected_headers_1 = {"abc": "xyz"} protected_headers_2 = {"foo": "bar", "alg": "HS384"} unprotected_headers_2 = {"abc": "zeb"} payload = "hello world" _jwt = JWS(msg=payload).sign_json( headers=[ (protected_headers_1, unprotected_headers_1), (protected_headers_2, unprotected_headers_2), ], keys=[ec_key, sym_key], ) # Only the EC key vkeys = [ECKey().load_key(ec_key.public_key())] with pytest.raises(NoSuitableSigningKeys): JWS().verify_json(_jwt, keys=vkeys) assert JWS().verify_json(_jwt, keys=vkeys, at_least_one=True) # Only the SYM key with pytest.raises(NoSuitableSigningKeys): JWS().verify_json(_jwt, keys=[sym_key]) assert JWS().verify_json(_jwt, keys=[sym_key], at_least_one=True) # With both assert JWS().verify_json(_jwt, keys=[vkeys[0], sym_key])
def test_verify_json_flattened_syntax(): key = ECKey().load_key(P256()) protected_headers = {"foo": "bar"} unprotected_headers = {"abc": "xyz"} payload = "hello world" _jwt = JWS(msg=payload, alg="ES256").sign_json(headers=[ (protected_headers, unprotected_headers) ], keys=[key], flatten=True) vkeys = [ECKey().load_key(key.public_key())] assert JWS().verify_json(_jwt, keys=vkeys)