Refactor JWK

Author: Michael Davis

jose/jwk.py

@@ -5,7 +5,7 @@
 
 from collections import Mapping
 
-from jose.jwk import get_algorithm_object
+from jose import jwk
 from jose.constants import ALGORITHMS
 from jose.exceptions import JWSError
 from jose.exceptions import JWSSignatureError
@@ -157,12 +157,15 @@ def _encode_payload(payload):
     return base64url_encode(payload)
 
 
-def _sign_header_and_claims(encoded_header, encoded_claims, algorithm, key):
+def _sign_header_and_claims(encoded_header, encoded_claims, algorithm, key_data):
     signing_input = b'.'.join([encoded_header, encoded_claims])
     try:
-        alg_obj = get_algorithm_object(algorithm)
-        key = alg_obj.prepare_key(key)
-        signature = alg_obj.sign(signing_input, key)
+        key = jwk.construct(key_data, algorithm)
+        signature = key.sign(signing_input)
+
+        # alg_obj = get_algorithm_object(algorithm)
+        # key = alg_obj.prepare_key(key)
+        # signature = alg_obj.sign(signing_input, key)
     except Exception as e:
         raise JWSError(e)
 
@@ -216,10 +219,9 @@ def _verify_signature(signing_input, header, signature, key='', algorithms=None)
             raise JWSError('The specified alg value is not allowed')
 
         try:
-            alg_obj = get_algorithm_object(alg)
-            key = alg_obj.prepare_key(key)
+            key = jwk.construct(key, alg)
 
-            if not alg_obj.verify(signing_input, key, signature):
+            if not key.verify(signing_input, signature):
                 raise JWSSignatureError()
 
         except JWSSignatureError:

jose/jws.py

@@ -5,11 +5,6 @@
 import ecdsa
 import pytest
 
-
-@pytest.fixture
-def alg():
-    return ECKey(ECKey.SHA256)
-
 private_key = """-----BEGIN EC PRIVATE KEY-----
 MHQCAQEEIIAK499svJugZZfsTsgL2tc7kH/CpzQbkr4g55CEWQyPoAcGBSuBBAAK
 oUQDQgAEsOnVqWVPfjte2nI0Ay3oTZVehCUtH66nJM8z6flUluHxhLG8ZTTCkJAZ
@@ -19,16 +14,16 @@ def alg():
 
 class TestECAlgorithm:
 
-    def test_EC_key(self, alg):
+    def test_EC_key(self):
         key = ecdsa.SigningKey.from_pem(private_key)
-        alg.prepare_key(key)
+        ECKey(key, ECKey.SHA256)
 
-    def test_string_secret(self, alg):
+    def test_string_secret(self):
         key = 'secret'
         with pytest.raises(JOSEError):
-            alg.prepare_key(key)
+            ECKey(key, ECKey.SHA256)
 
-    def test_object(self, alg):
+    def test_object(self):
         key = object()
         with pytest.raises(JOSEError):
-            alg.prepare_key(key)
+            ECKey(key, ECKey.SHA256)

tests/algorithms/test_EC.py

@@ -5,18 +5,21 @@
 import pytest
 
 
-@pytest.fixture
-def alg():
-    return HMACKey(HMACKey.SHA256)
-
-
 class TestHMACAlgorithm:
 
-    def test_non_string_key(self, alg):
+    def test_non_string_key(self):
         with pytest.raises(JOSEError):
-            alg.prepare_key(object())
+            HMACKey(object(), HMACKey.SHA256)
 
-    def test_RSA_key(self, alg):
+    def test_RSA_key(self):
         key = "-----BEGIN PUBLIC KEY-----"
         with pytest.raises(JOSEError):
-            alg.prepare_key(key)
+            HMACKey(key, HMACKey.SHA256)
+
+        key = "-----BEGIN CERTIFICATE-----"
+        with pytest.raises(JOSEError):
+            HMACKey(key, HMACKey.SHA256)
+
+        key = "ssh-rsa"
+        with pytest.raises(JOSEError):
+            HMACKey(key, HMACKey.SHA256)

tests/algorithms/test_HMAC.py

@@ -6,12 +6,6 @@
 
 import pytest
 
-
-@pytest.fixture
-def alg():
-    return RSAKey(RSAKey.SHA256)
-
-
 private_key = """-----BEGIN RSA PRIVATE KEY-----
 MIIJKwIBAAKCAgEAtSKfSeI0fukRIX38AHlKB1YPpX8PUYN2JdvfM+XjNmLfU1M7
 4N0VmdzIX95sneQGO9kC2xMIE+AIlt52Yf/KgBZggAlS9Y0Vx8DsSL2HvOjguAdX
@@ -67,16 +61,15 @@ def alg():
 
 class TestRSAAlgorithm:
 
-    def test_RSA_key(self, alg):
-        key = RSA.importKey(private_key)
-        alg.prepare_key(key)
+    def test_RSA_key(self):
+        RSAKey(private_key, RSAKey.SHA256)
 
-    def test_string_secret(self, alg):
+    def test_string_secret(self):
         key = 'secret'
         with pytest.raises(JOSEError):
-            alg.prepare_key(key)
+            RSAKey(key, RSAKey.SHA256)
 
-    def test_object(self, alg):
+    def test_object(self):
         key = object()
         with pytest.raises(JOSEError):
-            alg.prepare_key(key)
+            RSAKey(key, RSAKey.SHA256)

tests/algorithms/test_RSA.py

@@ -1,25 +1,25 @@
 
-from jose.jwk import Key
-from jose.exceptions import JOSEError
+# from jose.jwk import Key
+# from jose.exceptions import JOSEError
 
-import pytest
+# import pytest
 
 
-@pytest.fixture
-def alg():
-    return Key()
+# @pytest.fixture
+# def alg():
+#     return Key()
 
 
-class TestBaseAlgorithm:
+# class TestBaseAlgorithm:
 
-    def test_prepare_key_is_interface(self, alg):
-        with pytest.raises(JOSEError):
-            alg.prepare_key('secret')
+#     def test_prepare_key_is_interface(self, alg):
+#         with pytest.raises(JOSEError):
+#             alg.prepare_key('secret')
 
-    def test_sign_is_interface(self, alg):
-        with pytest.raises(JOSEError):
-            alg.sign('msg', 'secret')
+#     def test_sign_is_interface(self, alg):
+#         with pytest.raises(JOSEError):
+#             alg.sign('msg', 'secret')
 
-    def test_verify_is_interface(self, alg):
-        with pytest.raises(JOSEError):
-            alg.verify('msg', 'secret', 'sig')
+#     def test_verify_is_interface(self, alg):
+#         with pytest.raises(JOSEError):
+#             alg.verify('msg', 'secret', 'sig')