Skip to content

Commit

Permalink
Merge pull request #107 from mpdavis/cryptography-x509-certificate-su…
Browse files Browse the repository at this point in the history
…pport

Support X509 certificates with cryptography
  • Loading branch information
mpdavis authored Aug 30, 2018
2 parents e70b625 + d3e6f73 commit 97da28c
Showing 1 changed file with 11 additions and 3 deletions.
14 changes: 11 additions & 3 deletions jose/backends/cryptography_backend.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import ec, rsa, padding
from cryptography.hazmat.primitives.serialization import load_pem_private_key, load_pem_public_key
from cryptography.x509 import load_pem_x509_certificate


class CryptographyECKey(Key):
Expand Down Expand Up @@ -195,11 +196,14 @@ def __init__(self, key, algorithm, cryptography_backend=default_backend):

if isinstance(key, six.binary_type):
try:
if key.startswith(b'-----BEGIN CERTIFICATE-----'):
self._process_cert(key)
return

try:
key = load_pem_public_key(key, self.cryptography_backend())
self.prepared_key = load_pem_public_key(key, self.cryptography_backend())
except ValueError:
key = load_pem_private_key(key, password=None, backend=self.cryptography_backend())
self.prepared_key = key
self.prepared_key = load_pem_private_key(key, password=None, backend=self.cryptography_backend())
except Exception as e:
raise JWKError(e)
return
Expand Down Expand Up @@ -247,6 +251,10 @@ def _process_jwk(self, jwk_dict):

return private.private_key(self.cryptography_backend())

def _process_cert(self, key):
key = load_pem_x509_certificate(key, self.cryptography_backend())
self.prepared_key = key.public_key()

def sign(self, msg):
try:
signature = self.prepared_key.sign(
Expand Down

0 comments on commit 97da28c

Please sign in to comment.