-
-
Notifications
You must be signed in to change notification settings - Fork 674
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add from_jwk to Ed25519Algorithm (Support kty: OKP). #623
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for taking the time to put this together, really appreciate it! Can you also update the CHANGELOG?
d = base64url_decode(obj.get("d")) | ||
return Ed25519PrivateKey.from_private_bytes(d) | ||
except ValueError as err: | ||
raise InvalidKeyError("Invalid key parameter") from err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TIL: raise... from...
is a thing!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, automatic exception chaining is a thing since 3.0.
There's only a subtle difference between automatic raise
and explicit raise from
.
Usually I'd argue for raise from None
, however in this case, perhaps, the details of the inner excption are useful, e.g.:
Traceback (most recent call last):
File "/.../pyjwt/jwt/algorithms.py", line 615, in from_jwk
return Ed25519PublicKey.from_public_bytes(x)
File "/.../pyjwt/env/lib/python3.9/site-packages/cryptography/hazmat/primitives/asymmetric/ed25519.py", line 27, in from_public_bytes
return backend.ed25519_load_public_bytes(data)
File "/.../pyjwt/env/lib/python3.9/site-packages/cryptography/hazmat/backends/openssl/backend.py", line 2344, in ed25519_load_public_bytes
raise ValueError("An Ed25519 public key is 32 bytes long")
ValueError: An Ed25519 public key is 32 bytes long
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/.../pyjwt/tests/test_algorithms.py", line 798, in test_ed25519_jwk_fails_on_invalid_json
algo.from_jwk(v)
File "/.../pyjwt/jwt/algorithms.py", line 619, in from_jwk
raise InvalidKeyError("Invalid key parameter") from err
jwt.exceptions.InvalidKeyError: Invalid key parameter
@jpadilla Thanks! This update is very useful for me. |
See #621.
I have implemented from_jwk() on Ed25519Algorithm to support JWK compliant with RFC8037 and I also added tests for that, achieving 100% test coverage.
I'd appreciate it if you can check and merge it.
Close #621