"""ACME-specific JWS.
The JWS implementation in josepy only implements the base JOSE standard. In
order to support the new header fields defined in ACME, this module defines some
ACME-specific classes that layer on top of josepy.
"""
import josepy as jose
class Header(jose.Header):
"""ACME-specific JOSE Header. Implements nonce, kid, and url.
"""
nonce = jose.Field('nonce', omitempty=True, encoder=jose.encode_b64jose)
kid = jose.Field('kid', omitempty=True)
url = jose.Field('url', omitempty=True)
@nonce.decoder
def nonce(value): # pylint: disable=missing-docstring,no-self-argument
try:
return jose.decode_b64jose(value)
except jose.DeserializationError as error:
# TODO: custom error
raise jose.DeserializationError("Invalid nonce: {0}".format(error))
class Signature(jose.Signature):
"""ACME-specific Signature. Uses ACME-specific Header for customer fields."""
__slots__ = jose.Signature._orig_slots # pylint: disable=no-member
# TODO: decoder/encoder should accept cls? Otherwise, subclassing
# JSONObjectWithFields is tricky...
header_cls = Header
header = jose.Field(
'header', omitempty=True, default=header_cls(),
decoder=header_cls.from_json)
# TODO: decoder should check that nonce is in the protected header
class JWS(jose.JWS):
"""ACME-specific JWS. Includes none, url, and kid in protected header."""
signature_cls = Signature
__slots__ = jose.JWS._orig_slots # pylint: disable=no-member
@classmethod
# pylint: disable=arguments-differ,too-many-arguments
def sign(cls, payload, key, alg, nonce, url=None, kid=None):
# Per ACME spec, jwk and kid are mutually exclusive, so only include a
# jwk field if kid is not provided.
include_jwk = kid is None
return super(JWS, cls).sign(payload, key=key, alg=alg,
protect=frozenset(['nonce', 'url', 'kid', 'jwk', 'alg']),
nonce=nonce, url=url, kid=kid,
include_jwk=include_jwk)
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| __pycache__ | Folder | 0755 |
|
|
| __init__.py | File | 727 B | 0644 |
|
| challenges.py | File | 19.8 KB | 0644 |
|
| challenges_test.py | File | 21.17 KB | 0644 |
|
| client.py | File | 46.26 KB | 0644 |
|
| client_test.py | File | 56.84 KB | 0644 |
|
| crypto_util.py | File | 10.99 KB | 0644 |
|
| crypto_util_test.py | File | 9.98 KB | 0644 |
|
| errors.py | File | 3.57 KB | 0644 |
|
| errors_test.py | File | 1.48 KB | 0644 |
|
| fields.py | File | 1.7 KB | 0644 |
|
| fields_test.py | File | 2.03 KB | 0644 |
|
| jose_test.py | File | 1.92 KB | 0644 |
|
| jws.py | File | 2.09 KB | 0644 |
|
| jws_test.py | File | 2.03 KB | 0644 |
|
| magic_typing.py | File | 534 B | 0644 |
|
| magic_typing_test.py | File | 1.42 KB | 0644 |
|
| messages.py | File | 19.11 KB | 0644 |
|
| messages_test.py | File | 16.25 KB | 0644 |
|
| standalone.py | File | 11.09 KB | 0644 |
|
| standalone_test.py | File | 10.54 KB | 0644 |
|
| test_util.py | File | 3.12 KB | 0644 |
|
| util.py | File | 166 B | 0644 |
|
| util_test.py | File | 456 B | 0644 |
|