<a href="https://colab.research.google.com/github/ben854719/Arctic-BlueSense-AI-Powered-Ocean-Monitoring/blob/main/RS256_Encryption.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [1]:
!pip install cryptography



In [4]:
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.hazmat.backends import default_backend

# Generative a new private key.
private_key = rsa.generate_private_key(
    public_exponent=65537,
    key_size=2048,
    backend=default_backend()
)

# Get the public key.
public_key = private_key.public_key()

# Write with private key.
with open("private.pem", "wb") as f:
    f.write(private_key.private_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PrivateFormat.PKCS8,
        encryption_algorithm=serialization.NoEncryption()
    ))

# Write the public key with file.
with open("public.pem", "wb") as f:
    f.write(public_key.public_bytes(
        encoding=serialization.Encoding.PEM,
        format=serialization.PublicFormat.SubjectPublicKeyInfo
    ))

print("Dummy private and public key files created.")

Dummy private and public key files created.


In [5]:
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import padding
import base64
import json

def create_jwt(payload, private_key):
    """
    Generates an RS256 signed JWT.

    Args:
        payload (dict): The payload to include in the JWT.
        private_key: The private key object from the cryptography library.

    Returns:
        str: The generated JWT string.
    """
    header = {"alg": "RS256", "typ": "JWT"}

    encoded_header = base64.urlsafe_b64encode(json.dumps(header).encode()).decode().rstrip("=")
    encoded_payload = base64.urlsafe_b64encode(json.dumps(payload).encode()).decode().rstrip("=")

    message = f"{encoded_header}.{encoded_payload}"

    signature = private_key.sign(
        message.encode(),
        padding.PKCS1v15(),
        hashes.SHA256()
    )
    encoded_signature = base64.urlsafe_b64encode(signature).decode().rstrip("=")

    jwt_token = f"{encoded_header}.{encoded_payload}.{encoded_signature}"
    return jwt_token

# Usage of the key:
payload_data = {"userId": 1, "username": "Ben85!"}
jwt_string = create_jwt(payload_data, private_key)
print("Generated JWT:", jwt_string)

Generated JWT: eyJhbGciOiAiUlMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VySWQiOiAxLCAidXNlcm5hbWUiOiAiQmVuODUhIn0.H3LJrZXAHcgESjg0OeHBtvlv5BuwK7WJYD_WilxZhGxXG_vDLn0UWi0FYciL72jEwlinoz4xMgPw4EUw62KcC6uq-OmAtTGERSoaFszN3LFo-eiM9kaTVOw_YD2oYFlNaUme6S9mQHSEiR9Zv8P6oNob8ZCiWe3E4G-UIzLNNnjArAvvS4-vVi7h5VNJ1d3UaEaOj9uOn0ZmucIsDI8IisCMwzKH77c0-kztPYGseVdbdZKctisKsQWdfyHCAD0IeAWt4oB0BN82S2gHRnVJFkEbtuWF1ZPs2FSMG6oGyHEIFj_Y3poJoXRlg32KDPUgkihgwSHTm2aJuRzXtgzmQQ


In [7]:
from cryptography.exceptions import InvalidSignature
import base64
import json

def verify_jwt(jwt_string, public_key):
    """
    Verifies an RS256 signed JWT using the public key.

     Args:
     jwt_string (str): The JWT string to verify.
        public_key: The public key object from the cryptography library.

    Returns:
        dict: The decoded payload if verification is successful, otherwise None.
    """
    try:
        header, payload, signature = jwt_string.split('.')
        message = f"{header}.{payload}"

        # Base64 requires padding for lengths not divisible by 4
        signature_bytes = base64.urlsafe_b64decode(signature + '==='[:len(signature) % 4])
        public_key.verify(
            signature_bytes,
            message.encode(),
            padding.PKCS1v15(),
            hashes.SHA256()
        )

        # If verification succeeds, decode the payload.
        decoded_payload_bytes = base64.urlsafe_b64decode(payload + '==='[:len(payload) % 4])
        decoded_payload = json.loads(decoded_payload_bytes.decode())
        return decoded_payload
    except InvalidSignature:
        print("JWT verification failed: Invalid signature")
        return None
    except Exception as e:
        print(f"JWT verification failed: {e}")
        return None

# Usage of the key:
decoded_payload = verify_jwt(jwt_string, public_key)

if decoded_payload:
    print("JWT verified successfully! Decoded payload:", decoded_payload)
else:
  print("JWT verification failed.")

JWT verified successfully! Decoded payload: {'userId': 1, 'username': 'Ben85!'}


In [8]:
# 1. Call the create_jwt function to generate a JWT string and store it in a variable.
jwt_string = create_jwt(payload_data, private_key)

# 2. Call the verify_jwt function with the generated JWT string and the public_key to verify the JWT and store the result.
decoded_payload = verify_jwt(jwt_string, public_key)

# 3. Print the generated JWT string.
print("Generated JWT:", jwt_string)

# 4. Print a message indicating whether the verification was successful or not, and if successful, print the decoded payload.
if decoded_payload:
    print("JWT verification successful. Decoded payload:", decoded_payload)
else:
  print("JWT verification failed.")

Generated JWT: eyJhbGciOiAiUlMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VySWQiOiAxLCAidXNlcm5hbWUiOiAiQmVuODUhIn0.H3LJrZXAHcgESjg0OeHBtvlv5BuwK7WJYD_WilxZhGxXG_vDLn0UWi0FYciL72jEwlinoz4xMgPw4EUw62KcC6uq-OmAtTGERSoaFszN3LFo-eiM9kaTVOw_YD2oYFlNaUme6S9mQHSEiR9Zv8P6oNob8ZCiWe3E4G-UIzLNNnjArAvvS4-vVi7h5VNJ1d3UaEaOj9uOn0ZmucIsDI8IisCMwzKH77c0-kztPYGseVdbdZKctisKsQWdfyHCAD0IeAWt4oB0BN82S2gHRnVJFkEbtuWF1ZPs2FSMG6oGyHEIFj_Y3poJoXRlg32KDPUgkihgwSHTm2aJuRzXtgzmQQ
JWT verification successful. Decoded payload: {'userId': 1, 'username': 'Ben85!'}
