diff options
| author | José Padilla <jpadilla@webapplicate.com> | 2020-06-19 11:54:56 -0400 |
|---|---|---|
| committer | José Padilla <jpadilla@webapplicate.com> | 2020-08-24 10:24:57 -0400 |
| commit | 87c46130e90fe0b5fa752450d1b22a7db8752cc3 (patch) | |
| tree | 7083d6a99276559fe1c25e3722c50855225c4ab3 | |
| parent | 703b274cece91a79e89f14b62058949252d5c9a3 (diff) | |
| download | pyjwt-cleanup-pr305.tar.gz | |
Fix failing lintingcleanup-pr305
| -rw-r--r-- | jwt/algorithms.py | 44 | ||||
| -rw-r--r-- | tests/keys/__init__.py | 8 | ||||
| -rw-r--r-- | tests/keys/jwk_ec_key_P-256.json | 2 | ||||
| -rw-r--r-- | tests/keys/jwk_ec_key_P-384.json | 2 | ||||
| -rw-r--r-- | tests/keys/jwk_ec_pub_P-256.json | 2 | ||||
| -rw-r--r-- | tests/keys/jwk_ec_pub_P-384.json | 2 | ||||
| -rw-r--r-- | tests/test_algorithms.py | 61 |
7 files changed, 72 insertions, 49 deletions
diff --git a/jwt/algorithms.py b/jwt/algorithms.py index 45bb3ee..e555265 100644 --- a/jwt/algorithms.py +++ b/jwt/algorithms.py @@ -446,51 +446,59 @@ if has_crypto: # noqa: C901 try: obj = json.loads(jwk) except ValueError: - raise InvalidKeyError('Key is not valid JSON') + raise InvalidKeyError("Key is not valid JSON") - if obj.get('kty') != 'EC': - raise InvalidKeyError('Not an Elliptic curve key') + if obj.get("kty") != "EC": + raise InvalidKeyError("Not an Elliptic curve key") - if 'x' not in obj or 'y' not in obj: - raise InvalidKeyError('Not an Elliptic curve key') + if "x" not in obj or "y" not in obj: + raise InvalidKeyError("Not an Elliptic curve key") - x = base64url_decode(force_bytes(obj.get('x'))) - y = base64url_decode(force_bytes(obj.get('y'))) + x = base64url_decode(force_bytes(obj.get("x"))) + y = base64url_decode(force_bytes(obj.get("y"))) - curve = obj.get('crv') - if curve == 'P-256': + curve = obj.get("crv") + if curve == "P-256": if len(x) == len(y) == 32: curve_obj = ec.SECP256R1() else: - raise InvalidKeyError("Coords should be 32 bytes for curve P-256") - elif curve == 'P-384': + raise InvalidKeyError( + "Coords should be 32 bytes for curve P-256" + ) + elif curve == "P-384": if len(x) == len(y) == 48: curve_obj = ec.SECP384R1() else: - raise InvalidKeyError("Coords should be 48 bytes for curve P-384") - elif curve == 'P-521': + raise InvalidKeyError( + "Coords should be 48 bytes for curve P-384" + ) + elif curve == "P-521": if len(x) == len(y) == 66: curve_obj = ec.SECP521R1() else: - raise InvalidKeyError("Coords should be 66 bytes for curve P-521") + raise InvalidKeyError( + "Coords should be 66 bytes for curve P-521" + ) else: raise InvalidKeyError("Invalid curve: {}".format(curve)) public_numbers = ec.EllipticCurvePublicNumbers( - x=int_from_bytes(x, 'big'), y=int_from_bytes(y, 'big'), curve=curve_obj + x=int_from_bytes(x, "big"), + y=int_from_bytes(y, "big"), + curve=curve_obj, ) - if 'd' not in obj: + if "d" not in obj: return public_numbers.public_key(default_backend()) - d = base64url_decode(force_bytes(obj.get('d'))) + d = base64url_decode(force_bytes(obj.get("d"))) if len(d) != len(x): raise InvalidKeyError( "D should be {} bytes for curve {}", len(x), curve ) return ec.EllipticCurvePrivateNumbers( - int_from_bytes(d, 'big'), public_numbers + int_from_bytes(d, "big"), public_numbers ).private_key(default_backend()) class RSAPSSAlgorithm(RSAAlgorithm): diff --git a/tests/keys/__init__.py b/tests/keys/__init__.py index 347be0d..c54ac3f 100644 --- a/tests/keys/__init__.py +++ b/tests/keys/__init__.py @@ -43,12 +43,14 @@ if has_crypto: keyobj = json.load(infile) return ec.EllipticCurvePrivateNumbers( - private_value=decode_value(keyobj['d']), - public_numbers=load_ec_pub_key_p_521().public_numbers() + private_value=decode_value(keyobj["d"]), + public_numbers=load_ec_pub_key_p_521().public_numbers(), ) def load_ec_pub_key_p_521(): - with open(os.path.join(BASE_PATH, 'jwk_ec_pub_P-521.json'), 'r') as infile: + with open( + os.path.join(BASE_PATH, "jwk_ec_pub_P-521.json"), "r" + ) as infile: keyobj = json.load(infile) return ec.EllipticCurvePublicNumbers( diff --git a/tests/keys/jwk_ec_key_P-256.json b/tests/keys/jwk_ec_key_P-256.json index 2befdf2..7c67b24 100644 --- a/tests/keys/jwk_ec_key_P-256.json +++ b/tests/keys/jwk_ec_key_P-256.json @@ -5,4 +5,4 @@ "x": "PTTjIY84aLtaZCxLTrG_d8I0G6YKCV7lg8M4xkKfwQ4=", "y": "ank6KA34vv24HZLXlChVs85NEGlpg2sbqNmR_BcgyJU=", "d": "9GJquUJf57a9sev-u8-PoYlIezIPqI_vGpIaiu4zyZk=" -}
\ No newline at end of file +} diff --git a/tests/keys/jwk_ec_key_P-384.json b/tests/keys/jwk_ec_key_P-384.json index db19c6f..ff1a9b5 100644 --- a/tests/keys/jwk_ec_key_P-384.json +++ b/tests/keys/jwk_ec_key_P-384.json @@ -5,4 +5,4 @@ "x": "IDC-5s6FERlbC4Nc_4JhKW8sd51AhixtMdNUtPxhRFP323QY6cwWeIA3leyZhz-J", "y": "eovmN9ocANS8IJxDAGSuC1FehTq5ZFLJU7XSPg36zHpv4H2byKGEcCBiwT4sFJsy", "d": "xKPj5IXjiHpQpLOgyMGo6lg_DUp738SuXkiugCFMxbGNKTyTprYPfJz42wTOXbtd" -}
\ No newline at end of file +} diff --git a/tests/keys/jwk_ec_pub_P-256.json b/tests/keys/jwk_ec_pub_P-256.json index eac918e..13db2b3 100644 --- a/tests/keys/jwk_ec_pub_P-256.json +++ b/tests/keys/jwk_ec_pub_P-256.json @@ -4,4 +4,4 @@ "crv": "P-256", "x": "PTTjIY84aLtaZCxLTrG_d8I0G6YKCV7lg8M4xkKfwQ4=", "y": "ank6KA34vv24HZLXlChVs85NEGlpg2sbqNmR_BcgyJU=" -}
\ No newline at end of file +} diff --git a/tests/keys/jwk_ec_pub_P-384.json b/tests/keys/jwk_ec_pub_P-384.json index 69b298d..0428a51 100644 --- a/tests/keys/jwk_ec_pub_P-384.json +++ b/tests/keys/jwk_ec_pub_P-384.json @@ -4,4 +4,4 @@ "crv": "P-384", "x": "IDC-5s6FERlbC4Nc_4JhKW8sd51AhixtMdNUtPxhRFP323QY6cwWeIA3leyZhz-J", "y": "eovmN9ocANS8IJxDAGSuC1FehTq5ZFLJU7XSPg36zHpv4H2byKGEcCBiwT4sFJsy" -}
\ No newline at end of file +} diff --git a/tests/test_algorithms.py b/tests/test_algorithms.py index 3ff7788..f6a2635 100644 --- a/tests/test_algorithms.py +++ b/tests/test_algorithms.py @@ -18,6 +18,7 @@ try: Ed25519Algorithm, ) from .keys import load_rsa_pub_key, load_ec_pub_key_p_521 + has_crypto = True except ImportError: has_crypto = False @@ -194,47 +195,55 @@ class TestAlgorithms: result = algo.verify(message, pub_key, sig) assert not result - @pytest.mark.skipif(not has_crypto, reason='Not supported without cryptography library') + @pytest.mark.skipif( + not has_crypto, reason="Not supported without cryptography library" + ) def test_ec_jwk_public_and_private_keys_should_parse_and_verify(self): tests = { - 'P-256': ECAlgorithm.SHA256, - 'P-384': ECAlgorithm.SHA384, - 'P-521': ECAlgorithm.SHA512 + "P-256": ECAlgorithm.SHA256, + "P-384": ECAlgorithm.SHA384, + "P-521": ECAlgorithm.SHA512, } for (curve, hash) in tests.items(): algo = ECAlgorithm(hash) - with open(key_path('jwk_ec_pub_{}.json'.format(curve)), 'r') as keyfile: + with open( + key_path("jwk_ec_pub_{}.json".format(curve)), "r" + ) as keyfile: pub_key = algo.from_jwk(keyfile.read()) - with open(key_path('jwk_ec_key_{}.json'.format(curve)), 'r') as keyfile: + with open( + key_path("jwk_ec_key_{}.json".format(curve)), "r" + ) as keyfile: priv_key = algo.from_jwk(keyfile.read()) - signature = algo.sign(force_bytes('Hello World!'), priv_key) - assert algo.verify(force_bytes('Hello World!'), pub_key, signature) + signature = algo.sign(force_bytes("Hello World!"), priv_key) + assert algo.verify(force_bytes("Hello World!"), pub_key, signature) - @pytest.mark.skipif(not has_crypto, reason='Not supported without cryptography library') + @pytest.mark.skipif( + not has_crypto, reason="Not supported without cryptography library" + ) def test_ec_jwk_fails_on_invalid_json(self): algo = ECAlgorithm(ECAlgorithm.SHA512) valid_points = { - 'P-256': { - 'x': 'PTTjIY84aLtaZCxLTrG_d8I0G6YKCV7lg8M4xkKfwQ4=', - 'y': 'ank6KA34vv24HZLXlChVs85NEGlpg2sbqNmR_BcgyJU=' + "P-256": { + "x": "PTTjIY84aLtaZCxLTrG_d8I0G6YKCV7lg8M4xkKfwQ4=", + "y": "ank6KA34vv24HZLXlChVs85NEGlpg2sbqNmR_BcgyJU=", + }, + "P-384": { + "x": "IDC-5s6FERlbC4Nc_4JhKW8sd51AhixtMdNUtPxhRFP323QY6cwWeIA3leyZhz-J", + "y": "eovmN9ocANS8IJxDAGSuC1FehTq5ZFLJU7XSPg36zHpv4H2byKGEcCBiwT4sFJsy", }, - 'P-384': { - 'x': 'IDC-5s6FERlbC4Nc_4JhKW8sd51AhixtMdNUtPxhRFP323QY6cwWeIA3leyZhz-J', - 'y': 'eovmN9ocANS8IJxDAGSuC1FehTq5ZFLJU7XSPg36zHpv4H2byKGEcCBiwT4sFJsy' + "P-521": { + "x": "AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt", + "y": "AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1", }, - 'P-521': { - 'x': 'AHKZLLOsCOzz5cY97ewNUajB957y-C-U88c3v13nmGZx6sYl_oJXu9A5RkTKqjqvjyekWF-7ytDyRXYgCF5cj0Kt', - 'y': 'AdymlHvOiLxXkEhayXQnNCvDX4h9htZaCJN34kfmC6pV5OhQHiraVySsUdaQkAgDPrwQrJmbnX9cwlGfP-HqHZR1' - } } # Invalid JSON with pytest.raises(InvalidKeyError): - algo.from_jwk('<this isn\'t json>') + algo.from_jwk("<this isn't json>") # Bad key type with pytest.raises(InvalidKeyError): @@ -254,10 +263,12 @@ class TestAlgorithms: # EC coordinates not equally long with pytest.raises(InvalidKeyError): - algo.from_jwk('{"kty": "EC", "x": "dGVzdHRlc3Q=", "y": "dGVzdA=="}') + algo.from_jwk( + '{"kty": "EC", "x": "dGVzdHRlc3Q=", "y": "dGVzdA=="}' + ) # EC coordinates length invalid - for curve in ('P-256', 'P-384', 'P-521'): + for curve in ("P-256", "P-384", "P-521"): with pytest.raises(InvalidKeyError): algo.from_jwk( '{{"kty": "EC", "crv": "{}", "x": "dGVzdA==", ' @@ -269,10 +280,12 @@ class TestAlgorithms: with pytest.raises(InvalidKeyError): algo.from_jwk( '{{"kty": "EC", "crv": "{}", "x": "{}", "y": "{}", ' - '"d": "dGVzdA=="}}'.format(curve, point['x'], point['y']) + '"d": "dGVzdA=="}}'.format(curve, point["x"], point["y"]) ) - @pytest.mark.skipif(not has_crypto, reason='Not supported without cryptography library') + @pytest.mark.skipif( + not has_crypto, reason="Not supported without cryptography library" + ) def test_rsa_jwk_public_and_private_keys_should_parse_and_verify(self): algo = RSAAlgorithm(RSAAlgorithm.SHA256) |