Add support for public keys in OpenSSH (RFC 4253) format.

Cryptography previously lacked support for ECDSA keys in RFC 4253 format. Now that they have support for those keys, we should take advantage of it and support them in PyJWT. Implements #243.
jpadilla · Mar 14, 2017 · 0d863b3 · 0d863b3
1 parent d925668
commit 0d863b3
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/jwt/algorithms.py b/jwt/algorithms.py
@@ -356,7 +356,10 @@ def prepare_key(self, key):
                 # a Signing Key or a Verifying Key, so we try
                 # the Verifying Key first.
                 try:
-                    key = load_pem_public_key(key, backend=default_backend())
+                    if key.startswith(b'ecdsa-sha2-'):
+                        key = load_ssh_public_key(key, backend=default_backend())
+                    else:
+                        key = load_pem_public_key(key, backend=default_backend())
                 except ValueError:
                     key = load_pem_private_key(key, password=None, backend=default_backend())