Generate a JWS JSON Serialization. The JWS JSON Serialization represents digitally signed or MACed content as a JSON object, per `Section 7.2`_. :param header_obj: A dict/list of header :param payload: A string/dict of payload :param key: Private key used to
(self, header_obj, payload, key)
| 117 | raise BadSignatureError(rv) |
| 118 | |
| 119 | def serialize_json(self, header_obj, payload, key): |
| 120 | """Generate a JWS JSON Serialization. The JWS JSON Serialization |
| 121 | represents digitally signed or MACed content as a JSON object, |
| 122 | per `Section 7.2`_. |
| 123 | |
| 124 | :param header_obj: A dict/list of header |
| 125 | :param payload: A string/dict of payload |
| 126 | :param key: Private key used to generate signature |
| 127 | :return: JWSObject |
| 128 | |
| 129 | Example ``header_obj`` of JWS JSON Serialization:: |
| 130 | |
| 131 | { |
| 132 | "protected: {"alg": "HS256"}, |
| 133 | "header": {"kid": "jose"} |
| 134 | } |
| 135 | |
| 136 | Pass a dict to generate flattened JSON Serialization, pass a list of |
| 137 | header dict to generate standard JSON Serialization. |
| 138 | """ |
| 139 | payload_segment = json_b64encode(payload) |
| 140 | |
| 141 | def _sign(jws_header): |
| 142 | self._validate_private_headers(jws_header) |
| 143 | # RFC 7515 §4.1.11: 'crit' MUST be integrity-protected. |
| 144 | # Reject if present in unprotected header, and validate only |
| 145 | # against the protected header parameters. |
| 146 | self._reject_unprotected_crit(jws_header.header) |
| 147 | self._validate_crit_headers(jws_header.protected) |
| 148 | _alg, _key = self._prepare_algorithm_key(jws_header, payload, key) |
| 149 | |
| 150 | protected_segment = json_b64encode(jws_header.protected) |
| 151 | signing_input = b".".join([protected_segment, payload_segment]) |
| 152 | signature = urlsafe_b64encode(_alg.sign(signing_input, _key)) |
| 153 | |
| 154 | rv = { |
| 155 | "protected": to_unicode(protected_segment), |
| 156 | "signature": to_unicode(signature), |
| 157 | } |
| 158 | if jws_header.header is not None: |
| 159 | rv["header"] = jws_header.header |
| 160 | return rv |
| 161 | |
| 162 | if isinstance(header_obj, dict): |
| 163 | data = _sign(JWSHeader.from_dict(header_obj)) |
| 164 | data["payload"] = to_unicode(payload_segment) |
| 165 | return data |
| 166 | |
| 167 | signatures = [_sign(JWSHeader.from_dict(h)) for h in header_obj] |
| 168 | return {"payload": to_unicode(payload_segment), "signatures": signatures} |
| 169 | |
| 170 | def deserialize_json(self, obj, key, decode=None): |
| 171 | """Exact JWS JSON Serialization, and validate with the given key. |