diff options
| author | Simo Sorce <simo@redhat.com> | 2015-03-24 10:33:47 -0400 |
|---|---|---|
| committer | Simo Sorce <simo@redhat.com> | 2015-03-24 10:33:47 -0400 |
| commit | 17a93d806f04e87f5bc2cb5063daeed7a500704d (patch) | |
| tree | d3d2321b6294a4dcfbafaf68683b0faf306891d3 /jwcrypto/jwe.py | |
| parent | 876fdab2f664822952350d00cab48bef9827a5bf (diff) | |
| download | jwcrypto-conformance.tar.gz jwcrypto-conformance.tar.xz jwcrypto-conformance.zip | |
Better validate that both alg and enc are presentconformance
JOSE headers must include the "alg" and "enc" options in order to be
able to actually process and encrypted token.
Return appropriate messages if either is missing.
Diffstat (limited to 'jwcrypto/jwe.py')
| -rw-r--r-- | jwcrypto/jwe.py | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/jwcrypto/jwe.py b/jwcrypto/jwe.py index eb48d94..978fc5e 100644 --- a/jwcrypto/jwe.py +++ b/jwcrypto/jwe.py @@ -440,6 +440,17 @@ class JWE(object): jh = self.merge_headers(jh, rh) return jh + def get_alg_enc_from_headers(self, jh): + algname = jh.get('alg', None) + if algname is None: + raise InvalidJWEData('Missing "alg" from headers') + alg = self._jwa(algname) + encname = jh.get('enc', None) + if encname is None: + raise InvalidJWEData('Missing "enc" from headers') + enc = self._jwa(encname) + return alg, enc + def add_recipient(self, key, header=None): """ Encrypt the provided payload with the given key. @@ -455,8 +466,7 @@ class JWE(object): raise ValueError('key is not a JWK object') jh = self.get_jose_header(header) - alg = self._jwa(jh.get('alg', None)) - enc = self._jwa(jh.get('enc', None)) + alg, enc = self.get_alg_enc_from_headers(jh) rec = dict() if header: |