Commit 31079736 authored by Simo Sorce's avatar Simo Sorce Committed by Simo Sorce

Add function to get a public only JWK

This makes it simpler to get a JWK that contains excluively a pulic
key from an existing JWK. It fails if no public key is available in
the source JWK.
Only known public elements are returned. "Unknown" attributes are
not copied over.
Signed-off-by: 's avatarSimo Sorce <>
Resolves #99
parent 8e438cbe
......@@ -405,6 +405,10 @@ class JWK(object):
It fails if one is not available like when this function
is called on a symmetric key.
pub = self._public_params()
return json_encode(pub)
def _public_params(self):
if not self.has_public:
raise InvalidJWKType("No public key available")
pub = {}
......@@ -417,7 +421,7 @@ class JWK(object):
for param in reg:
if reg[param][1] == 'Public':
pub[param] = self._key[param]
return json_encode(pub)
return pub
def _export_all(self):
d = dict()
......@@ -439,6 +443,10 @@ class JWK(object):
return self._export_all()
raise InvalidJWKType("Not a symmetric key")
def public(self):
pub = self._public_params()
return JWK(**pub)
def has_public(self):
"""Whether this JWK has an asymmetric Public key."""
......@@ -377,6 +377,21 @@ class TestJWK(unittest.TestCase):
self.assertEqual(prikey.key_id, pubkey.key_id)
def test_public(self):
key = jwk.JWK.from_pem(RSAPrivatePEM, password=RSAPrivatePassword)
pubkey = key.public()
# finally check public works
e = jwe.JWE('plaintext', '{"alg":"RSA-OAEP","enc":"A256GCM"}')
enc = e.serialize()
d = jwe.JWE()
d.deserialize(enc, key)
self.assertEqual(d.payload, b'plaintext')
# RFC 7515 - A.1
A1_protected = \
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment