<a href="https://colab.research.google.com/github/ben854719/Threat-Detection-System/blob/main/RS256_Encryption.ipynb" target="_parent"><img src="https://colab.research.google.com/assets/colab-badge.svg" alt="Open In Colab"/></a>

In [22]:
!pip install cryptography



In [23]:
from cryptography.hazmat.primitives.serialization import load_pem_private_key, load_pem_public_key
from cryptography.hazmat.backends import default_backend

# Load the private key
with open("private.pem", "rb") as key_file:
    private_key = load_pem_private_key(
        key_file.read(),
        password=None,  # Assuming no password was set during key generation
        backend=default_backend()
    )

# Load the public key
with open("public.pem", "rb") as key_file:
    public_key = load_pem_public_key(
        key_file.read(),
        backend=default_backend()
    )

print("Private and public keys loaded successfully.")

Private and public keys loaded successfully.


In [24]:
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import padding
import base64
import json

def create_jwt(payload, private_key):
    """
    Generates an RS256 signed JWT.

    Args:
        payload (dict): The payload to include in the JWT.
        private_key: The private key object from the cryptography library.

    Returns:
        str: The generated JWT string.
    """
    header = {"alg": "RS256", "typ": "JWT"}

    encoded_header = base64.urlsafe_b64encode(json.dumps(header).encode()).decode().rstrip("=")
    encoded_payload = base64.urlsafe_b64encode(json.dumps(payload).encode()).decode().rstrip("=")

    message = f"{encoded_header}.{encoded_payload}"

    signature = private_key.sign(
        message.encode(),
        padding.PKCS1v15(),
        hashes.SHA256()
    )

    encoded_signature = base64.urlsafe_b64encode(signature).decode().rstrip("=")

    jwt_token = f"{encoded_header}.{encoded_payload}.{encoded_signature}"
    return jwt_token

# Example usage:
payload_data = {"userId": 1, "username": "benjamin"}
jwt_string = create_jwt(payload_data, private_key)
print("Generated JWT:", jwt_string)

Generated JWT: eyJhbGciOiAiUlMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VySWQiOiAxLCAidXNlcm5hbWUiOiAiYmVuamFtaW4ifQ.OPc7W0afX-YMu8XMVDHJZJs0V9Xw_4ofc8F0aPeyaUDie3NkdUzYQ2pXsa_4gGC-Ga86umxzhj3EUKGA-na5N1LzNXDY-1kGMgM2E2FU1AEVo2Sf4CV46OCCXeHM_ZvzOPEREsaOx6rVCtu5Wm6Wck6bx1VdUStbKxvbREdO4V8-OOTQ1X4pG8TUJrOPICEApqTq3GEtYfvh8R7VRvSjhY9775pshlpdlqLzaP-vSoReHyMxTbP9FQbawgEZmB3YpNWOO4vJgcLYswTJlUDrLvVPPGPXZmDGy8jb8_ycMP1TfP3Peh7i4EQpamK-u3180vbte5V391q1wRR9_2GS9A


In [25]:
from cryptography.exceptions import InvalidSignature
import base64
import json

def verify_jwt(jwt_string, public_key):
    """
    Verifies an RS256 signed JWT using the public key.

    Args:
        jwt_string (str): The JWT string to verify.
        public_key: The public key object from the cryptography library.

    Returns:
        dict: The decoded payload if verification is successful, otherwise None.
    """
    try:
        header, payload, signature = jwt_string.split('.')
        message = f"{header}.{payload}"

        # Add padding back before decoding if it was removed during encoding
        # Base64 requires padding for lengths not divisible by 4
        signature_bytes = base64.urlsafe_b64decode(signature + '==='[:len(signature) % 4])


        public_key.verify(
            signature_bytes,
            message.encode(),
            padding.PKCS1v15(),
            hashes.SHA256()
        )

        # If verification succeeds, decode the payload
        decoded_payload_bytes = base64.urlsafe_b64decode(payload + '==='[:len(payload) % 4])
        decoded_payload = json.loads(decoded_payload_bytes.decode())
        return decoded_payload

    except InvalidSignature:
        print("JWT verification failed: Invalid signature")
        return None
    except Exception as e:
        print(f"JWT verification failed: {e}")
        return None

# Example usage:
decoded_payload = verify_jwt(jwt_string, public_key)

if decoded_payload:
    print("JWT verified successfully! Decoded payload:", decoded_payload)
else:
    print("JWT verification failed.")

JWT verified successfully! Decoded payload: {'userId': 1, 'username': 'benjamin'}


In [27]:
# 1. Call the create_jwt function to generate a JWT string and store it in a variable.
jwt_string = create_jwt(payload_data, private_key)

# 2. Call the verify_jwt function with the generated JWT string and the public_key to verify the JWT and store the result.
decoded_payload = verify_jwt(jwt_string, public_key)

# 3. Print the generated JWT string.
print("Generated JWT:", jwt_string)

# 4. Print a message indicating whether the verification was successful or not, and if successful, print the decoded payload.
if decoded_payload:
    print("JWT verification successful. Decoded payload:", decoded_payload)
else:
    print("JWT verification failed.")

Generated JWT: eyJhbGciOiAiUlMyNTYiLCAidHlwIjogIkpXVCJ9.eyJ1c2VySWQiOiAxLCAidXNlcm5hbWUiOiAiYmVuamFtaW4ifQ.OPc7W0afX-YMu8XMVDHJZJs0V9Xw_4ofc8F0aPeyaUDie3NkdUzYQ2pXsa_4gGC-Ga86umxzhj3EUKGA-na5N1LzNXDY-1kGMgM2E2FU1AEVo2Sf4CV46OCCXeHM_ZvzOPEREsaOx6rVCtu5Wm6Wck6bx1VdUStbKxvbREdO4V8-OOTQ1X4pG8TUJrOPICEApqTq3GEtYfvh8R7VRvSjhY9775pshlpdlqLzaP-vSoReHyMxTbP9FQbawgEZmB3YpNWOO4vJgcLYswTJlUDrLvVPPGPXZmDGy8jb8_ycMP1TfP3Peh7i4EQpamK-u3180vbte5V391q1wRR9_2GS9A
JWT verification successful. Decoded payload: {'userId': 1, 'username': 'benjamin'}
