JSON Web Key

JSON Web Key.

class josepy.jwk.JWK(**kwargs: Any)[source]

JSON Web Key.

type_field_name: str = 'kty'

Field name used to distinguish different object types.

Subclasses will probably have to override this.

TYPES: Dict[str, Type[JWK]] = {'EC': <class 'josepy.jwk.JWKEC'>, 'RSA': <class 'josepy.jwk.JWKRSA'>, 'oct': <class 'josepy.jwk.JWKOct'>}: Types registered for JSON deserialization

cryptography_key_types: Tuple[Type[Any], ...] = (): Subclasses should override.

required: Sequence[str] = NotImplemented: Required members of public key’s representation as defined by JWK/JWA.

thumbprint(hash_function: ~typing.Callable[[], ~cryptography.hazmat.primitives.hashes.HashAlgorithm] = <class 'cryptography.hazmat.primitives.hashes.SHA256'>) → bytes[source]

Compute JWK Thumbprint.

https://tools.ietf.org/html/rfc7638

Returns:: bytes

abstract public_key() → JWK[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.

classmethod load(data: bytes, password: Optional[bytes] = None, backend: Optional[Any] = None) → JWK[source]

Load serialized key as JWK.

Parameters:

data (str) – Public or private key serialized as PEM or DER.
password (str) – Optional password.
backend – A PEMSerializationBackend and DERSerializationBackend provider.

Raises:

errors.Error – if unable to deserialize, or unsupported JWK algorithm

Returns:

JWK of an appropriate type.

Return type:

JWK

class josepy.jwk.JWKOct(**kwargs: Any)[source]

Symmetric JWK.

typ: str = 'oct': Type of the object. Subclasses must override.

required: Sequence[str] = ('k', 'kty'): Required members of public key’s representation as defined by JWK/JWA.

fields_to_partial_json() → Dict[str, str][source]: Serialize fields to JSON.

classmethod fields_from_json(jobj: Mapping[str, Any]) → JWKOct[source]: Deserialize fields from JSON.

public_key() → JWKOct[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.

class josepy.jwk.JWKRSA(*args: Any, **kwargs: Any)[source]

RSA JWK.

Variables:: key – RSAPrivateKey or RSAPublicKey wrapped in ComparableRSAKey

typ: str = 'RSA': Type of the object. Subclasses must override.

cryptography_key_types: Tuple[Type[Any], ...] = (<class 'cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey'>, <class 'cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey'>): Subclasses should override.

required: Sequence[str] = ('e', 'kty', 'n'): Required members of public key’s representation as defined by JWK/JWA.

public_key() → JWKRSA[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.

classmethod fields_from_json(jobj: Mapping[str, Any]) → JWKRSA[source]: Deserialize fields from JSON.

fields_to_partial_json() → Dict[str, Any][source]: Serialize fields to JSON.

class josepy.jwk.JWKEC(*args: Any, **kwargs: Any)[source]

EC JWK.

Variables:: key – EllipticCurvePrivateKey or EllipticCurvePublicKey wrapped in ComparableECKey

typ: str = 'EC': Type of the object. Subclasses must override.

cryptography_key_types: Tuple[Type[Any], ...] = (<class 'cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey'>, <class 'cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey'>): Subclasses should override.

required: Sequence[str] = ('crv', 'kty', 'x', 'y'): Required members of public key’s representation as defined by JWK/JWA.

fields_to_partial_json() → Dict[str, Any][source]: Serialize fields to JSON.

classmethod fields_from_json(jobj: Mapping[str, Any]) → JWKEC[source]: Deserialize fields from JSON.

public_key() → JWKEC[source]

Generate JWK with public key.

For symmetric cryptosystems, this would return self.