def from_jwk(self, jwk):
self.material = jwk.d and \
self.create_material(
jwk.crv.bits,
d=base64.long_from_b64(jwk.d)) or \
self.create_material(
jwk.crv.bits,
x=base64.long_from_b64(jwk.x),
y=base64.long_from_b64(jwk.y),)
def test_public(self):
n = [
'0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx',
'4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs',
'tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2',
'QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI',
'SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb',
'w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw',
]
e = "AQAB"
from jose.utils import base64
ln = base64.long_from_b64(''.join(n))
le = base64.long_from_b64(e)
from Crypto.PublicKey import RSA
pub = RSA.RSAImplementation().construct((ln, le,))
print(pub.exportKey('PEM'))
def _to_pub(km):
return (
int(re.search(r"P-(\d+)$", km['crv']).group(1)),
(base64.long_from_b64(km['x']),
base64.long_from_b64(km['y'])),
)
def test_jws_appendix_a4(self):
header_str = '{"alg":"ES512"}'
header_oct = [
123, 34, 97, 108, 103, 34,
58, 34, 69, 83, 53, 49, 50, 34, 125]
self.assertEqual(
[isinstance(i, int) and i or ord(i[:1]) for i in b(header_str)],
header_oct)
header_b64 = 'eyJhbGciOiJFUzUxMiJ9'
self.assertEqual(
base64.base64url_encode(header_str), b(header_b64))
payload_str = "Payload"
payload_oct = [
80, 97, 121, 108, 111, 97, 100,
]
self.assertEqual(
[isinstance(i, int) and i or ord(i[:1]) for i in b(payload_str)],
payload_oct)
payload_b64 = "UGF5bG9hZA"
self.assertEqual(
base64.base64url_encode(payload_str), b(payload_b64))
signing_input_b64 = ".".join([header_b64, payload_b64])
signing_input_oct = [
101, 121, 74, 104, 98, 71, 99,
105, 79, 105, 74, 70, 85, 122, 85,
120, 77, 105, 74, 57, 46, 85, 71,
70, 53, 98, 71, 57, 104, 90, 65]
self.assertEqual(_ilist(signing_input_b64), signing_input_oct)
jwk_str = '''
{"kty":"EC",
"crv":"P-521",
"x":"AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk",
"y":"ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2",
"d":"AY5pb7A0UFiB3RELSD64fTLOSV_jazdF7fLYyuTw8lOfRhWg6Y6rUrPAxerEzgdRhajnu0ferB0d53vM9mE15j2C"
}'''
from jose.jwk import Jwk
jwk = Jwk.from_json(jwk_str)
import hashlib
# Sign
pri = jwk.key.private_key_tuple
self.assertEqual(pri[0], 521)
self.assertEqual(
pri[1],
base64.long_from_b64(
'AY5pb7A0UFiB3RELSD64fTLOSV_jazdF7fLYyuTw8lOfRhWg6Y6rUrPAxerEzgdRhajnu0ferB0d53vM9mE15j2C') # NOQA
)
digest = int(hashlib.new('sha512',
b(signing_input_b64)).hexdigest(), 16)
signature = jwk.key.sign_longdigest(digest)
self.assertEqual(type(signature), tuple)
#: This signature changes everytime.
self.assertTrue(isinstance(signature, tuple))
self.assertEqual(len(signature), 2)
# Verify
pub = jwk.key.public_key_tuple
self.assertEqual(pub[0], 521)
self.assertEqual(pub[1],
base64.long_from_b64(
"AekpBQ8ST8a8VcfVOTNl353vSrDCLLJXmPk06wTjxrrjcBpXp5EOnYG_NjFZ6OvLFV1jSfS9tsz4qUxcWceqwQGk" # NOQA
)
)
self.assertEqual(pub[2],
base64.long_from_b64(
"ADSmRA43Z1DSNx_RvcLI87cdL07l6jQyyBXMoxVg_l2Th-x3S1WDhjDly79ajL4Kkd0AZMaZmh9ubmf63e3kyMj2" # NOQA
)
)
self.assertTrue(jwk.key.verify_longdigest(digest, signature))
sig_jws_oct = (
[1, 220, 12, 129, 231, 171, 194, 209, 232, 135, 233,
117, 247, 105, 122, 210, 26, 125, 192, 1, 217, 21, 82,
91, 45, 240, 255, 83, 19, 34, 239, 71, 48, 157, 147,
152, 105, 18, 53, 108, 163, 214, 68, 231, 62, 153, 150,
106, 194, 164, 246, 72, 143, 138, 24, 50, 129, 223, 133,
206, 209, 172, 63, 237, 119, 109],
[0, 111, 6, 105, 44, 5, 41, 208, 128, 61, 152, 40, 92,
61, 152, 4, 150, 66, 60, 69, 247, 196, 170, 81, 193,
199, 78, 59, 194, 169, 16, 124, 9, 143, 42, 142, 131,
48, 206, 238, 34, 175, 83, 203, 220, 159, 3, 107, 155,
22, 27, 73, 111, 68, 68, 21, 238, 144, 229, 232, 148,
188, 222, 59, 242, 103]
)
sig_jws_b64 = ''.join([
'AdwMgeerwtHoh-l192l60hp9wAHZFVJbLfD_UxMi70cwnZOYaRI1bKPWROc-mZZq',
'wqT2SI-KGDKB34XO0aw_7XdtAG8GaSwFKdCAPZgoXD2YBJZCPEX3xKpRwcdOO8Kp',
'EHwJjyqOgzDO7iKvU8vcnwNrmxYbSW9ERBXukOXolLzeO_Jn',
])
sig_jws_str = base64.base64url_decode(sig_jws_b64)
self.assertEqual(len(sig_jws_str), 66 * 2)
from Crypto.Util.number import bytes_to_long
sig_jws_tuple = (bytes_to_long(sig_jws_str[:66]),
bytes_to_long(sig_jws_str[66:]),)
self.assertTrue(jwk.key.verify_longdigest(digest, sig_jws_tuple))
