def test_jws_appendix_a4(self): ''' nose2 jose.tests.test_jws.TestJws.test_jws_appendix_a4''' #: Data header_b64 = 'eyJhbGciOiJFUzUxMiJ9' payload_b64 = "UGF5bG9hZA" signature_b64 = ''.join([ 'AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZq', 'wqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8Kp', 'EHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn', ]) jws = Jws.from_b64u(header_b64) self.assertIsNotNone(jws) self.assertEqual(jws.alg, SigEnum.ES512) jwk_dict = { "kty": "EC", "crv": "P-521", "x": "".join([ "AekpBQ8ST8a8VcfVOTNl353vSrDCLL", "JXmPk06wTjxrrjcBpXp5EOnYG_NjFZ", "6OvLFV1jSfS9tsz4qUxcWceqwQGk", ]), "y": "".join([ "ADSmRA43Z1DSNx_RvcLI87cdL07l6j", "QyyBXMoxVg_l2Th-x3S1WDhjDly79a", "jL4Kkd0AZMaZmh9ubmf63e3kyMj2", ]), "d": "".join([ "AY5pb7A0UFiB3RELSD64fTLOSV_jaz", "dF7fLYyuTw8lOfRhWg6Y6rUrPAxerE", "zgdRhajnu0ferB0d53vM9mE15j2C" ])} from Crypto.Util.number import bytes_to_long #: Key jwk = Jwk(**jwk_dict) pub_jwk = jwk.public_jwk self.assertEqual( pub_jwk.key.public_key._pub[1], ( bytes_to_long(base64.base64url_decode(jwk_dict['x'])), bytes_to_long(base64.base64url_decode(jwk_dict['y'])), ) ) # Verify jws_token = ".".join([header_b64, payload_b64, signature_b64]) msg = Message.from_token(jws_token, sender=None, receiver=None) self.assertIsNotNone(msg) self.assertEqual(len(msg.signatures), 1) self.assertEqual(msg.signatures[0].signature, signature_b64) from jose.jwa.ec import EcdsaSigner sigbytes = base64.base64url_decode(msg.signatures[0].signature) self.assertEqual(len(sigbytes), 132) (r, s) = EcdsaSigner.decode_signature(sigbytes) R = [ 1, 220, 12, 129, 231, 171, 194, 209, 232, 135, 233, 117, 247, 105, 122, 210, 26, 125, 192, 1, 217, 21, 82, 91, 45, 240, 255, 83, 19, 34, 239, 71, 48, 157, 147, 152, 105, 18, 53, 108, 163, 214, 68, 231, 62, 153, 150, 106, 194, 164, 246, 72, 143, 138, 24, 50, 129, 223, 133, 206, 209, 172, 63, 237, 119, 109] S = [ 0, 111, 6, 105, 44, 5, 41, 208, 128, 61, 152, 40, 92, 61, 152, 4, 150, 66, 60, 69, 247, 196, 170, 81, 193, 199, 78, 59, 194, 169, 16, 124, 9, 143, 42, 142, 131, 48, 206, 238, 34, 175, 83, 203, 220, 159, 3, 107, 155, 22, 27, 73, 111, 68, 68, 21, 238, 144, 229, 232, 148, 188, 222, 59, 242, 103] self.assertEqual(r, bytes_to_long("".join(chr(i) for i in R))) self.assertEqual(s, bytes_to_long("".join(chr(i) for i in S))) print jwk.to_json(indent=2) self.assertTrue(msg.signatures[0].verify( msg.payload, jwk=jwk))
def test_jws_appendix_a1(self): ''' nose2 jose.tests.test_jws.TestJws.test_jws_appendix_a1''' '''{"typ":"JWT", "alg":"HS256"} {"iss":"joe", "exp":1300819380, "http://example.com/is_root":true} ''' jws_oct = [ 123, 34, 116, 121, 112, 34, 58, 34, 74, 87, 84, 34, 44, 13, 10, 32, 34, 97, 108, 103, 34, 58, 34, 72, 83, 50, 53, 54, 34, 125] jws_b64 = 'eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9' self.assertEqual( ''.join(chr(i) for i in jws_oct), base64.base64url_decode(jws_b64)) payload_oct = [ 123, 34, 105, 115, 115, 34, 58, 34, 106, 111, 101, 34, 44, 13, 10, 32, 34, 101, 120, 112, 34, 58, 49, 51, 48, 48, 56, 49, 57, 51, 56, 48, 44, 13, 10, 32, 34, 104, 116, 116, 112, 58, 47, 47, 101, 120, 97, 109, 112, 108, 101, 46, 99, 111, 109, 47, 105, 115, 95, 114, 111, 111, 116, 34, 58, 116, 114, 117, 101, 125] payload_b64 = ''.join([ 'eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA', '4MTkzODAsDQogImh0dHA6Ly9leGFt', 'cGxlLmNvbS9pc19yb290Ijp0cnVlfQ']) self.assertEqual( ''.join(chr(i) for i in payload_oct), base64.base64url_decode(payload_b64)) sinput_oct = [ 101, 121, 74, 48, 101, 88, 65, 105, 79, 105, 74, 75, 86, 49, 81, 105, 76, 65, 48, 75, 73, 67, 74, 104, 98, 71, 99, 105, 79, 105, 74, 73, 85, 122, 73, 49, 78, 105, 74, 57, 46, 101, 121, 74, 112, 99, 51, 77, 105, 79, 105, 74, 113, 98, 50, 85, 105, 76, 65, 48, 75, 73, 67, 74, 108, 101, 72, 65, 105, 79, 106, 69, 122, 77, 68, 65, 52, 77, 84, 107, 122, 79, 68, 65, 115, 68, 81, 111, 103, 73, 109, 104, 48, 100, 72, 65, 54, 76, 121, 57, 108, 101, 71, 70, 116, 99, 71, 120, 108, 76, 109, 78, 118, 98, 83, 57, 112, 99, 49, 57, 121, 98, 50, 57, 48, 73, 106, 112, 48, 99, 110, 86, 108, 102, 81] sinput = '.'.join([jws_b64, payload_b64]) self.assertEqual( ''.join(chr(i) for i in sinput_oct), sinput) jwk_dict = { "kty": "oct", "k": "".join([ "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75", "aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow"]) } jwk = Jwk(**jwk_dict) sig_b64 = "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk" jws = Jws.from_b64u(jws_b64) sig = jws.alg.signer.sign(jwk, sinput) self.assertEqual(sig_b64, base64.base64url_encode(sig)) self.assertTrue( jws.alg.signer.verify(jwk, sinput, sig))