为什么我不能和我的JWK签署这些声明?

2024-04-20 13:42:13 发布

您现在位置:Python中文网/ 问答频道 /正文
8324 3

我正在编写这个python代码来创建RSA私钥和公钥。然后用JWK的私人签名创建一个JWK。在

#!/usr/bin/env python

import time
from jose import jwk
from jose import jws
from cryptography.hazmat.primitives import serialization as crypto_serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend as crypto_default_backend

key = rsa.generate_private_key(backend=crypto_default_backend(), public_exponent=65537, key_size=2048)
private_key = key.private_bytes(crypto_serialization.Encoding.PEM, crypto_serialization.PrivateFormat.PKCS8, crypto_serialization.NoEncryption())
public_key = key.public_key().public_bytes(crypto_serialization.Encoding.OpenSSH, crypto_serialization.PublicFormat.OpenSSH)
key = jwk.construct(private_key, 'RS256')
print 'key.to_dict() = {}'.format(key.to_dict())

claims = {
    'iss': 'https://e97b8a9d672e4ce4845ec6947cd66ef6-sb.baas.nintendo.com',
    'sub': 'fdfdc610f849726e',
    'aud': '20c875ad0d4bfc94',
    'iat': time.time() - 20,
    'exp': time.time() + 20,
    'jti': '807443d3-3b27-4bf9-8e3e-e3f90e1ea055',
    'typ': 'id_token'
}
print 'About to sign'
signed = jws.sign(claims, key, algorithm='RS256')

当我运行它时,它在签名步骤失败:

^{pr2}$

是什么导致了这个错误?我怎样才能使它工作??在


Tags: tokeyfromimportbackenddefaulttimeserialization
1条回答
网友
1楼 · 发布于 2024-04-20 13:42:13

使用RS256时,需要将私钥赋给jws.sign(),但不能使用JWK格式。在

因此,只需更换

signed = jws.sign(claims, key, algorithm='RS256')

通过

^{pr2}$

它会正常工作的。在

最后,整个来源是:

#!/usr/bin/env python

import time
from jose import jws
from cryptography.hazmat.primitives import serialization as crypto_serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend as crypto_default_backend

key = rsa.generate_private_key(backend=crypto_default_backend(), public_exponent=65537, key_size=2048)
private_key = key.private_bytes(crypto_serialization.Encoding.PEM, crypto_serialization.PrivateFormat.PKCS8, crypto_serialization.NoEncryption())

claims = {
        'iss': 'https://e97b8a9d672e4ce4845ec6947cd66ef6-sb.baas.nintendo.com',
        'sub': 'fdfdc610f849726e',
        'aud': '20c875ad0d4bfc94',
        'iat': time.time() - 20,
        'exp': time.time() + 20,
        'jti': '807443d3-3b27-4bf9-8e3e-e3f90e1ea055',
        'typ': 'id_token'
}

print 'About to sign'
signed = jws.sign(claims, private_key, algorithm='RS256')
print signed

结果如下:

About to sign
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJmZGZkYzYxMGY4NDk3MjZlIiwiaXNzIjoiaHR0cHM6Ly9lOTdiOGE5ZDY3MmU0Y2U0ODQ1ZWM2OTQ3Y2Q2NmVmNi1zYi5iYWFzLm5pbnRlbmRvLmNvbSIsImp0aSI6IjgwNzQ0M2QzLTNiMjctNGJmOS04ZTNlLWUzZjkwZTFlYTA1NSIsImV4cCI6MTU0NTkzNTQ1Mi4wMzAxMTUsImlhdCI6MTU0NTkzNTQxMi4wMzAxMTMsInR5cCI6ImlkX3Rva2VuIiwiYXVkIjoiMjBjODc1YWQwZDRiZmM5NCJ9.Qfmi607XTtq8bc4daJ-GxoYy1B761nRahWSok9ga0CB8dqbDXN0FhcM38dNj0LMFoi98hxB9o0EwY1mpBEMA3rNK9C6Bbg1hKhkYE5lRFXH5_lLk2tE6YrbK7p71S54hkTfEZgPGCvkv79HBjUo3PORv6bG-fdQp5UQo8ZMvd5lobmjbMna21JCBp1ITm3QSAPy4gdvfCyzxEziVyRcKwXU45ky3g7wFnyNxr9HtzX6yDJn1LlWdhChNR4uom05U5mbIDSChHAd52nWtzNb6dvdupIKCSR1XN_jF28y1Wu4aMbmVRXAn0X87Qok93KiHMoU_wydWuG5zl-ihqQ-1RA

相关问题 更多 >

    编程相关推荐