JWT在python中加密有效载荷? (JWE) [英] JWT encrypting payload in python? (JWE)

问题描述

根据 RFC 7516 ，应该可以加密称为JWE的有效负载/声明.

According to RFC 7516 it should be possible to encrypt the payload/claim, called JWE.

有没有支持该功能的python库?

Are there any python libraries out there that support that?

我已经检查了PyJWT，python-jose和jwcrypto，但它们都只提供了使用HS256(JWS)签名的示例.

I've checked PyJWT, python-jose and jwcrypto but they all just have examples for signing with HS256 (JWS).

很抱歉，如果这是完全显而易见的，但是当涉及到加密货币时，我要格外谨慎.

Sorry if this is totally obvious, but when it comes to things involving crypto I'm extra cautious.

推荐答案

Jose和jwcrypto库都可以执行JWE.

Both Jose and jwcrypto libraries can do JWE.

对于 jose :

claims = {
'iss': 'http://www.example.com',
'sub': 42,
}
pubKey = {'k':\
           '-----BEGIN PUBLIC KEY-----\n\
-----END PUBLIC KEY-----'
    }
# decrypt on the other end using the private key
privKey = {'k': 
    '-----BEGIN RSA PRIVATE KEY-----\n'+\
'-----END RSA PRIVATE KEY-----'
}

encJwt = jose.encrypt(claims, pubKey)
serJwt = jose.serialize_compact(encJwt)
decJwt = jose.decrypt(jose.deserialize_compact(serJwt), privKey)

---

对于 jwcrypto :

# algorithm to use
eprot = {'alg': "RSA-OAEP", 'enc': "A128CBC-HS256"}
stringPayload = u'attack at dawn'
E = jwe.JWE(stringPayload, json_encode(eprot))
E.add_recipient(pubKey)
encrypted_token = E.serialize(compact=True)
E = jwe.JWE()
E.deserialize(encrypted_token, key=privKey)
decrypted_payload = E.payload

这篇关于JWT在python中加密有效载荷? (JWE)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！