JSON Web Key

JSON Web Key.

class josepy.jwk.JWK(**kwargs: Any)[source]

JSON Web Key.

type_field_name: str = 'kty'

Field name used to distinguish different object types.

Subclasses will probably have to override this.

TYPES: Dict[str, Type[JWK]] = {'EC': <class 'josepy.jwk.JWKEC'>, 'RSA': <class 'josepy.jwk.JWKRSA'>, 'oct': <class 'josepy.jwk.JWKOct'>}

Types registered for JSON deserialization

cryptography_key_types: Tuple[Type[Any], ...] = ()

Subclasses should override.

required: Sequence[str] = NotImplemented

Required members of public key’s representation as defined by JWK/JWA.

thumbprint(hash_function: ~typing.Callable[[], ~cryptography.hazmat.primitives.hashes.HashAlgorithm] = <class 'cryptography.hazmat.primitives.hashes.SHA256'>) bytes[source]

Compute JWK Thumbprint.

https://tools.ietf.org/html/rfc7638

Returns:

bytes

abstract public_key() JWK[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.

classmethod load(data: bytes, password: bytes | None = None, backend: Any | None = None) JWK[source]

Load serialized key as JWK.

Parameters:
  • data (str) – Public or private key serialized as PEM or DER.

  • password (str) – Optional password.

  • backend – A PEMSerializationBackend and DERSerializationBackend provider.

Raises:

errors.Error – if unable to deserialize, or unsupported JWK algorithm

Returns:

JWK of an appropriate type.

Return type:

JWK

class josepy.jwk.JWKOct(**kwargs: Any)[source]

Symmetric JWK.

typ: str = 'oct'

Type of the object. Subclasses must override.

required: Sequence[str] = ('k', 'kty')

Required members of public key’s representation as defined by JWK/JWA.

fields_to_partial_json() Dict[str, str][source]

Serialize fields to JSON.

classmethod fields_from_json(jobj: Mapping[str, Any]) JWKOct[source]

Deserialize fields from JSON.

public_key() JWKOct[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.

class josepy.jwk.JWKRSA(*args: Any, **kwargs: Any)[source]

RSA JWK.

Variables:

keyRSAPrivateKey or RSAPublicKey wrapped in ComparableRSAKey

typ: str = 'RSA'

Type of the object. Subclasses must override.

cryptography_key_types: Tuple[Type[Any], ...] = (<class 'cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey'>, <class 'cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey'>)

Subclasses should override.

required: Sequence[str] = ('e', 'kty', 'n')

Required members of public key’s representation as defined by JWK/JWA.

public_key() JWKRSA[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.

classmethod fields_from_json(jobj: Mapping[str, Any]) JWKRSA[source]

Deserialize fields from JSON.

fields_to_partial_json() Dict[str, Any][source]

Serialize fields to JSON.

class josepy.jwk.JWKEC(*args: Any, **kwargs: Any)[source]

EC JWK.

Variables:

keyEllipticCurvePrivateKey or EllipticCurvePublicKey wrapped in ComparableECKey

typ: str = 'EC'

Type of the object. Subclasses must override.

cryptography_key_types: Tuple[Type[Any], ...] = (<class 'cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey'>, <class 'cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey'>)

Subclasses should override.

required: Sequence[str] = ('crv', 'kty', 'x', 'y')

Required members of public key’s representation as defined by JWK/JWA.

fields_to_partial_json() Dict[str, Any][source]

Serialize fields to JSON.

classmethod fields_from_json(jobj: Mapping[str, Any]) JWKEC[source]

Deserialize fields from JSON.

public_key() JWKEC[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.