This section contains the generic implementation of RFC7516. Find how to use it in JWE Guide.
authlib.jose.
JsonWebEncryption
(algorithms, private_headers=None)¶REGISTERED_HEADER_PARAMETER_NAMES
= frozenset({'jku', 'jwk', 'alg', 'x5u', 'crit', 'typ', 'cty', 'enc', 'x5c', 'x5t', 'x5t#S256', 'zip', 'kid'})¶Registered Header Parameter Names defined by Section 4.1
JWE_AVAILABLE_ALGORITHMS
= {'A128CBC-HS256': <authlib.jose.rfc7518._backends._jwe_enc_cryptography.CBCHS2EncAlgorithm object>, 'A128GCM': <authlib.jose.rfc7518._backends._jwe_enc_cryptography.GCMEncAlgorithm object>, 'A128GCMKW': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.AESGCMAlgorithm object>, 'A128KW': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.AESAlgorithm object>, 'A192CBC-HS384': <authlib.jose.rfc7518._backends._jwe_enc_cryptography.CBCHS2EncAlgorithm object>, 'A192GCM': <authlib.jose.rfc7518._backends._jwe_enc_cryptography.GCMEncAlgorithm object>, 'A192GCMKW': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.AESGCMAlgorithm object>, 'A192KW': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.AESAlgorithm object>, 'A256CBC-HS512': <authlib.jose.rfc7518._backends._jwe_enc_cryptography.CBCHS2EncAlgorithm object>, 'A256GCM': <authlib.jose.rfc7518._backends._jwe_enc_cryptography.GCMEncAlgorithm object>, 'A256GCMKW': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.AESGCMAlgorithm object>, 'A256KW': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.AESAlgorithm object>, 'DEF': <authlib.jose.rfc7518.jwe_algorithms.DeflateZipAlgorithm object>, 'RSA-OAEP': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.RSAAlgorithm object>, 'RSA-OAEP-256': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.RSAAlgorithm object>, 'RSA1_5': <authlib.jose.rfc7518._backends._jwe_alg_cryptography.RSAAlgorithm object>}¶Defined available JWS algorithms
register_algorithm
(algorithm)¶Register an algorithm for alg
or enc
or zip
of JWE.
serialize_compact
(protected, payload, key)¶Generate a JWE Compact Serialization. The JWE Compact Serialization represents encrypted content as a compact, URL-safe string. This string is:
BASE64URL(UTF8(JWE Protected Header)) || ‘.’ || BASE64URL(JWE Encrypted Key) || ‘.’ || BASE64URL(JWE Initialization Vector) || ‘.’ || BASE64URL(JWE Ciphertext) || ‘.’ || BASE64URL(JWE Authentication Tag)
Only one recipient is supported by the JWE Compact Serialization and it provides no syntax to represent JWE Shared Unprotected Header, JWE Per-Recipient Unprotected Header, or JWE AAD values.
Parameters: |
|
---|---|
Returns: | byte |
deserialize_compact
(s, key, decode=None)¶Exact JWS Compact Serialization, and validate with the given key.
Parameters: |
|
---|---|
Returns: | dict |
authlib.jose.
JWEAlgorithm
¶Interface for JWE algorithm. JWA specification (RFC7518) SHOULD implement the algorithms for JWE with this base implementation.
authlib.jose.
JWEEncAlgorithm
¶encrypt
(msg, aad, iv, key)¶Encrypt the given “msg” text.
Parameters: |
|
---|---|
Returns: | (ciphertext, iv, tag) |
decrypt
(ciphertext, aad, iv, tag, key)¶Decrypt the given cipher text.
Parameters: |
|
---|---|
Returns: | message |
authlib.jose.
JWEZipAlgorithm
¶