| 23 | |
| 24 | |
| 25 | class JsonWebEncryption: |
| 26 | #: Registered Header Parameter Names defined by Section 4.1 |
| 27 | REGISTERED_HEADER_PARAMETER_NAMES = frozenset( |
| 28 | [ |
| 29 | "alg", |
| 30 | "enc", |
| 31 | "zip", |
| 32 | "jku", |
| 33 | "jwk", |
| 34 | "kid", |
| 35 | "x5u", |
| 36 | "x5c", |
| 37 | "x5t", |
| 38 | "x5t#S256", |
| 39 | "typ", |
| 40 | "cty", |
| 41 | "crit", |
| 42 | ] |
| 43 | ) |
| 44 | |
| 45 | ALG_REGISTRY = {} |
| 46 | ENC_REGISTRY = {} |
| 47 | ZIP_REGISTRY = {} |
| 48 | |
| 49 | def __init__(self, algorithms=None, private_headers=None): |
| 50 | self._algorithms = algorithms |
| 51 | self._private_headers = private_headers |
| 52 | |
| 53 | @classmethod |
| 54 | def register_algorithm(cls, algorithm): |
| 55 | """Register an algorithm for ``alg`` or ``enc`` or ``zip`` of JWE.""" |
| 56 | if not algorithm or algorithm.algorithm_type != "JWE": |
| 57 | raise ValueError(f"Invalid algorithm for JWE, {algorithm!r}") |
| 58 | |
| 59 | if algorithm.algorithm_location == "alg": |
| 60 | cls.ALG_REGISTRY[algorithm.name] = algorithm |
| 61 | elif algorithm.algorithm_location == "enc": |
| 62 | cls.ENC_REGISTRY[algorithm.name] = algorithm |
| 63 | elif algorithm.algorithm_location == "zip": |
| 64 | cls.ZIP_REGISTRY[algorithm.name] = algorithm |
| 65 | |
| 66 | def serialize_compact(self, protected, payload, key, sender_key=None): |
| 67 | """Generate a JWE Compact Serialization. |
| 68 | |
| 69 | The JWE Compact Serialization represents encrypted content as a compact, |
| 70 | URL-safe string. This string is:: |
| 71 | |
| 72 | BASE64URL(UTF8(JWE Protected Header)) || '.' || |
| 73 | BASE64URL(JWE Encrypted Key) || '.' || |
| 74 | BASE64URL(JWE Initialization Vector) || '.' || |
| 75 | BASE64URL(JWE Ciphertext) || '.' || |
| 76 | BASE64URL(JWE Authentication Tag) |
| 77 | |
| 78 | Only one recipient is supported by the JWE Compact Serialization and |
| 79 | it provides no syntax to represent JWE Shared Unprotected Header, JWE |
| 80 | Per-Recipient Unprotected Header, or JWE AAD values. |
| 81 | |
| 82 | :param protected: A dict of protected header |
no outgoing calls
searching dependent graphs…