Try importing RSAKey and ECKey at top of jwk module, where they're currently expected to be (for compatibility), but pass if it fails. Maybe user just needs one of them, which works, or HMACKey. Function jwk.get_key will still try to import RSAKey or ECKey if needed, and throw an ImportError if unsuccessful.

Author: Gasper Zejn

jose/backends/pycrypto_backend.py

@@ -117,5 +117,7 @@ def to_pem(self):
         begin = b'-----BEGIN RSA PUBLIC KEY-----'
         end = b'-----END RSA PUBLIC KEY-----'
         if pem.startswith(begin) and pem.strip().endswith(end):
-            pem = b'-----BEGIN PUBLIC KEY-----' + pem.strip()[len(begin):-len(end)] + b'-----END PUBLIC KEY-----\n'
+            pem = b'-----BEGIN PUBLIC KEY-----' + pem.strip()[len(begin):-len(end)] + b'-----END PUBLIC KEY-----'
+        if not pem.endswith(b'\n'):
+            pem = pem + b'\n'
         return pem

jose/jwk.py

@@ -8,7 +8,16 @@
 from jose.utils import base64url_decode
 from jose.utils import constant_time_string_compare
 from jose.backends.base import Key
-from jose.backends import RSAKey, ECKey
+
+try:
+    from jose.backends import RSAKey
+except ImportError:
+    pass
+
+try:
+    from jose.backends import ECKey
+except ImportError:
+    pass
 
 
 def get_key(algorithm):
@@ -17,8 +26,10 @@ def get_key(algorithm):
     elif algorithm in ALGORITHMS.HMAC:
         return HMACKey
     elif algorithm in ALGORITHMS.RSA:
+        from jose.backends import RSAKey
         return RSAKey
     elif algorithm in ALGORITHMS.EC:
+        from jose.backends import ECKey
         return ECKey
     return None
 

tests/algorithms/test_RSA.py

@@ -1,7 +1,7 @@
 
 import sys
 
-from jose.jwk import RSAKey
+from jose.backends.pycrypto_backend import RSAKey
 from jose.backends.cryptography_backend import CryptographyRSAKey
 from jose.constants import ALGORITHMS
 from jose.exceptions import JOSEError
@@ -135,11 +135,13 @@ def test_bad_cert(self):
 
     def test_signing_parity(self):
         key1 = RSAKey(private_key, ALGORITHMS.RS256)
-        public_key = key1.public_key().to_pem().decode('utf-8')
+        public_key = key1.public_key().to_pem()
         vkey1 = RSAKey(public_key, ALGORITHMS.RS256)
         key2 = CryptographyRSAKey(private_key, ALGORITHMS.RS256)
         vkey2 = CryptographyRSAKey(public_key, ALGORITHMS.RS256)
 
+        assert key2.public_key().to_pem() == public_key
+
         msg = b'test'
         sig1 = key1.sign(msg)
         sig2 = key2.sign(msg)

tests/test_jwk.py

@@ -1,6 +1,8 @@
 from jose import jwk
 from jose.exceptions import JWKError
-from jose.backends.cryptography_backend import CryptographyECKey
+from jose.backends.base import Key
+from jose.backends.pycrypto_backend import RSAKey
+from jose.backends.cryptography_backend import CryptographyECKey, CryptographyRSAKey
 from jose.backends.ecdsa_backend import ECDSAECKey
 
 import pytest
@@ -48,21 +50,21 @@ def test_invalid_hash_alg(self):
             key = jwk.HMACKey(hmac_key, 'RS512')
 
         with pytest.raises(JWKError):
-            key = jwk.RSAKey(rsa_key, 'HS512')
+            key = RSAKey(rsa_key, 'HS512')
 
         with pytest.raises(JWKError):
-            key = jwk.ECKey(ec_key, 'RS512')
+            key = ECDSAECKey(ec_key, 'RS512')
 
     def test_invalid_jwk(self):
 
         with pytest.raises(JWKError):
             key = jwk.HMACKey(rsa_key, 'HS256')
 
         with pytest.raises(JWKError):
-            key = jwk.RSAKey(hmac_key, 'RS256')
+            key = RSAKey(hmac_key, 'RS256')
 
         with pytest.raises(JWKError):
-            key = jwk.ECKey(rsa_key, 'ES256')
+            key = ECDSAECKey(rsa_key, 'ES256')
 
     def test_RSAKey_errors(self):
 
@@ -75,7 +77,7 @@ def test_RSAKey_errors(self):
         }
 
         with pytest.raises(JWKError):
-            key = jwk.RSAKey(rsa_key, 'HS256')
+            key = RSAKey(rsa_key, 'HS256')
 
         rsa_key = {
             "kty": "oct",
@@ -86,7 +88,7 @@ def test_RSAKey_errors(self):
         }
 
         with pytest.raises(JWKError):
-            key = jwk.RSAKey(rsa_key, 'RS256')
+            key = RSAKey(rsa_key, 'RS256')
 
     def test_construct_from_jwk(self):
 
@@ -123,9 +125,11 @@ def test_construct_from_jwk_missing_alg(self):
             key = jwk.construct("key", algorithm="NONEXISTENT")
 
     def test_get_key(self):
-        assert jwk.get_key("HS256") == jwk.HMACKey
-        assert jwk.get_key("RS256") == jwk.RSAKey
-        assert jwk.get_key("ES256") == jwk.ECKey
+        hs_key = jwk.get_key("HS256")
+        assert hs_key == jwk.HMACKey
+        assert issubclass(hs_key, Key)
+        assert issubclass(jwk.get_key("RS256"), Key)
+        assert issubclass(jwk.get_key("ES256"), Key)
 
         assert jwk.get_key("NONEXISTENT") == None