Python `jwt_kms` library

This library is work in progress.

Isolating private asymmetric keys to AWS KMS helps improve security by making it next to impossible to make copies of them. This library aims to provide a simple interface to use KMS keys to sign payloads into JWS tokens and/or to encrypt payloads into JWE tokens.

Signing with RSA and EC keys is currently supported.

Keys

import boto3
from jwt_kms import jwk

client = boto3.client('kms')
key = jwk.JWK(client, 'some-key-id')

public_key_pem = key.public_key_pem

Signing

from jwt_kms import jws

payload = {
   'something': 'yes',
   'more_something': 'abc'
}

token = jws.JWS(payload).add_signature(key, 'RS256').serialize(compact=True)  # or compact=False

Encrypting

TODO.

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
.github/workflows		.github/workflows
jwt_kms		jwt_kms
tests		tests
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
poetry.lock		poetry.lock
pyproject.toml		pyproject.toml
scripts.py		scripts.py
tox.ini		tox.ini

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Python `jwt_kms` library

Keys

Signing

Encrypting

About

Releases 3

Packages

Languages

License

jmtapio/python-jwt-kms

Folders and files

Latest commit

History

Repository files navigation

Python jwt_kms library

Keys

Signing

Encrypting

About

Resources

License

Stars

Watchers

Forks

Releases 3

Packages 0

Languages

Python `jwt_kms` library

Packages