oneid.jwes

Provides useful functions for dealing with JWEs

Based on the JSON Web Encryption (JWE), and JSON Web Algorithms (JWA), IETF RFCs.

oneid.jwes.make_jwe(raw_claims, sender_keypair, recipient_keypairs, jsonify=True, json_encoder=<function dumps>)[source]

Convert claims into a JWE with General JWE JSON Serialization syntax

Parameters:
  • raw_claims (dict) – payload data that will be converted to json
  • recipient_keypairs (list or Keypair) – Keypairs to encrypt the claims for
  • jsonify (bool) – If True (default), return JSON, otherwise keep as dict
  • json_encoder (function) – encodes a dict into JSON. Defaults to json.dumps
Returns:

JWE

Return_type:

str or dict

oneid.jwes.decrypt_jwe(jwe, recipient_keypair, json_decoder=<function loads>)[source]

Decrypt the claims in a JWE for a given recipient

Parameters:
  • jwe (str) – JWE to verify and convert
  • recipient_keypair (Keypair) – Keypair to use to decrypt.
  • json_encoder – a function to encode a dict into JSON. Defaults to json.dumps
Returns:

claims

Return type:

dict

Raises:

InvalidFormatError: if not a valid JWE