Authlib
Authlib
This section contains the generic implementation of RFC7516. Find how to use it in JWE Guide.
authlib.jose.rfc7516.JWE(algorithms, private_headers=None)¶REGISTERED_HEADER_PARAMETER_NAMES = frozenset({'jwk', 'alg', 'zip', 'typ', 'x5c', 'x5u', 'enc', 'kid', 'x5t#S256', 'jku', 'crit', 'x5t', 'cty'})¶Registered Header Parameter Names defined by Section 4.1
register_algorithm(algorithm)¶Register an algorithm for alg or enc or zip of JWE.
serialize_compact(protected, payload, key)¶Generate a JWE Compact Serialization. The JWE Compact Serialization represents encrypted content as a compact, URL-safe string. This string is:
BASE64URL(UTF8(JWE Protected Header)) || ‘.’ || BASE64URL(JWE Encrypted Key) || ‘.’ || BASE64URL(JWE Initialization Vector) || ‘.’ || BASE64URL(JWE Ciphertext) || ‘.’ || BASE64URL(JWE Authentication Tag)
Only one recipient is supported by the JWE Compact Serialization and it provides no syntax to represent JWE Shared Unprotected Header, JWE Per-Recipient Unprotected Header, or JWE AAD values.
| Parameters: |
|
|---|---|
| Returns: | byte |
deserialize_compact(s, key, decode=None)¶Exact JWS Compact Serialization, and validate with the given key.
| Parameters: |
|
|---|---|
| Returns: | dict |
authlib.jose.rfc7516.JWEAlgorithm(name)¶Interface for JWE algorithm. JWA specification (RFC7518) SHOULD implement the algorithms for JWE with this base implementation.
authlib.jose.rfc7516.JWEEncAlgorithm¶encrypt(msg, aad, iv, key)¶Encrypt the given “msg” text.
| Parameters: |
|
|---|---|
| Returns: | (ciphertext, iv, tag) |
decrypt(ciphertext, aad, iv, tag, key)¶Decrypt the given cipher text.
| Parameters: |
|
|---|---|
| Returns: | message |
authlib.jose.rfc7516.JWEZipAlgorithm¶