This section contains the generic implementation of RFC7516. Find how to use it in JWE Guide.
authlib.jose.
JsonWebEncryption
(algorithms=None, private_headers=None)¶REGISTERED_HEADER_PARAMETER_NAMES
= frozenset({'typ', 'enc', 'x5t#S256', 'x5c', 'x5t', 'zip', 'jku', 'kid', 'x5u', 'cty', 'jwk', 'crit', 'alg'})¶Registered Header Parameter Names defined by Section 4.1
register_algorithm
(algorithm)¶Register an algorithm for alg
or enc
or zip
of JWE.
serialize_compact
(protected, payload, key)¶Generate a JWE Compact Serialization. The JWE Compact Serialization represents encrypted content as a compact, URL-safe string. This string is:
BASE64URL(UTF8(JWE Protected Header)) || ‘.’ || BASE64URL(JWE Encrypted Key) || ‘.’ || BASE64URL(JWE Initialization Vector) || ‘.’ || BASE64URL(JWE Ciphertext) || ‘.’ || BASE64URL(JWE Authentication Tag)
Only one recipient is supported by the JWE Compact Serialization and it provides no syntax to represent JWE Shared Unprotected Header, JWE Per-Recipient Unprotected Header, or JWE AAD values.
Parameters: |
|
---|---|
Returns: | byte |
deserialize_compact
(s, key, decode=None)¶Exact JWS Compact Serialization, and validate with the given key.
Parameters: |
|
---|---|
Returns: | dict |
authlib.jose.
JWEAlgorithm
¶Interface for JWE algorithm. JWA specification (RFC7518) SHOULD implement the algorithms for JWE with this base implementation.
authlib.jose.
JWEEncAlgorithm
¶encrypt
(msg, aad, iv, key)¶Encrypt the given “msg” text.
Parameters: |
|
---|---|
Returns: | (ciphertext, iv, tag) |
decrypt
(ciphertext, aad, iv, tag, key)¶Decrypt the given cipher text.
Parameters: |
|
---|---|
Returns: | message |
authlib.jose.
JWEZipAlgorithm
¶