Commit e0b3d9d2 authored by Simo Sorce's avatar Simo Sorce

Allow to pass a default reciepient to a JWE

Resolves #53
Signed-off-by: 's avatarSimo Sorce <simo@redhat.com>
Reviewed-by: 's avatarHanno Schlichting <hanno@hannosch.eu>
Closes #56
parent 7c452b96
......@@ -842,7 +842,7 @@ class JWE(object):
}
def __init__(self, plaintext=None, protected=None, unprotected=None,
aad=None, algs=None):
aad=None, algs=None, recipient=None, header=None):
"""Creates a JWE token.
:param plaintext(bytes): An arbitrary plaintext to be encrypted.
......@@ -850,6 +850,8 @@ class JWE(object):
:param unprotected: A JSON string with the shared unprotected header.
:param aad(bytes): Arbitrary additional authenticated data
:param algs: An optional list of allowed algorithms
:param recipient: An optional, default recipient key
:param header: An optional header for the default recipient
"""
self._allowed_algs = None
self.objects = dict()
......@@ -878,6 +880,11 @@ class JWE(object):
if algs:
self.allowed_algs = algs
if recipient:
self.add_recipient(recipient, header=header)
elif header:
raise ValueError('Header is allowed only with default recipient')
def _jwa(self, name):
try:
cls = self.jwas[name]
......
......@@ -907,3 +907,12 @@ class ConformanceTests(unittest.TestCase):
self.assertEqual(check.payload, b'message')
self.assertEqual(
json_decode(check.objects['header'])['kid'], key.thumbprint())
def test_jwe_default_recipient(self):
key = jwk.JWK(kty='oct', k=base64url_encode(b'A' * (128 // 8)))
enc = jwe.JWE(plaintext='plain',
protected='{"alg":"A128KW","enc":"A128GCM"}',
recipient=key).serialize()
check = jwe.JWE()
check.deserialize(enc, key)
self.assertEqual(b'plain', check.payload)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment