diff options
author | Åsmund Ødegård <mandus@gmail.com> | 2013-10-10 14:39:28 -0700 |
---|---|---|
committer | Åsmund Ødegård <mandus@gmail.com> | 2013-10-10 14:39:28 -0700 |
commit | 189220f50db1e045ea87c1e1072d986edc279b8b (patch) | |
tree | 894d2af882f8e660d86d1f00fdf944535d0fe194 | |
parent | 2b5dd54dabe599676f3fa5b4f4c90b59856e908f (diff) | |
parent | 8ec3e0e1c69451f1e1371e6b7586c1a705c2b161 (diff) | |
download | pyjwt-189220f50db1e045ea87c1e1072d986edc279b8b.tar.gz |
Merge pull request #1 from mandus/rsa
First attempt on adding rsa support
-rw-r--r-- | jwt/__init__.py | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/jwt/__init__.py b/jwt/__init__.py index 88aa56c..7f010db 100644 --- a/jwt/__init__.py +++ b/jwt/__init__.py @@ -11,6 +11,9 @@ from datetime import datetime from calendar import timegm from collections import Mapping +from Crypto.Signature import PKCS1_v1_5 +from Crypto.Hash import SHA256 + try: import json except ImportError: @@ -31,7 +34,15 @@ signing_methods = { 'HS256': lambda msg, key: hmac.new(key, msg, hashlib.sha256).digest(), 'HS384': lambda msg, key: hmac.new(key, msg, hashlib.sha384).digest(), 'HS512': lambda msg, key: hmac.new(key, msg, hashlib.sha512).digest(), -} + 'RS256': lambda msg, key: PKCS1_v1_5.new(key).sign(SHA256.new(msg)), + } + +verify_methods = { + 'HS256': lambda msg, key: hmac.new(key, msg, hashlib.sha256).digest(), + 'HS384': lambda msg, key: hmac.new(key, msg, hashlib.sha384).digest(), + 'HS512': lambda msg, key: hmac.new(key, msg, hashlib.sha512).digest(), + 'RS256': lambda msg, key: PKCS1_v1_5.new(key).verify(SHA256.new(msg)), + } def constant_time_compare(val1, val2): @@ -126,7 +137,7 @@ def decode(jwt, key='', verify=True, verify_expiration=True, leeway=0): try: if isinstance(key, unicode): key = key.encode('utf-8') - expected = signing_methods[header['alg']](signing_input, key) + expected = verify_methods[header['alg']](signing_input, key) if not constant_time_compare(signature, expected): raise DecodeError("Signature verification failed") except KeyError: |