add tests

Author: jschlyter

src/cryptojwt/tools/keyconv.py

@@ -25,7 +25,7 @@ def jwk_from_file(filename: str, private: bool = True) -> JWK:
     return key_from_jwk_dict(jwk_dict, private=private)
 
 
-def pem2rsa(filename: str, kid: str = None, private: bool = False, passphrase: str = None) -> JWK:
+def pem2rsa(filename: str, kid: Optional[str] = None, private: bool = False, passphrase: Optional[str] = None) -> JWK:
     """Convert RSA key from PEM to JWK"""
     if private:
         key = import_private_rsa_key_from_file(filename, passphrase)
@@ -36,7 +36,7 @@ def pem2rsa(filename: str, kid: str = None, private: bool = False, passphrase: s
     return jwk
 
 
-def pem2ec(filename: str, kid: str = None, private: bool = False, passphrase: str = None) -> JWK:
+def pem2ec(filename: str, kid: Optional[str] = None, private: bool = False, passphrase: Optional[str] = None) -> JWK:
     """Convert EC key from PEM to JWK"""
     if private:
         key = import_private_key_from_file(filename, passphrase)
@@ -54,14 +54,15 @@ def bin2jwk(filename: str, kid: str) -> bytes:
     return SYMKey(kid=kid, key=content)
 
 
-def pem2jwk(filename: str, kid: str, kty: Optional[str] = None, private: bool = False) -> JWK:
+def pem2jwk(filename: str, kid: Optional[str] = None, kty: Optional[str] = None, private: bool = False, passphrase: Optional[str] = None) -> JWK:
     """Read PEM from filename and return JWK"""
     with open(filename, 'rt') as file:
         content = file.readlines()
     header = content[0]
 
     if private:
-        passphrase = getpass('Private key passphrase: ')
+        if passphrase is None:
+            passphrase = getpass('Private key passphrase: ')
         if len(passphrase) == 0:
             passphrase = None
     else:
@@ -74,6 +75,13 @@ def pem2jwk(filename: str, kid: str, kty: Optional[str] = None, private: bool =
             jwk = pem2rsa(filename, kid, private=False)
         else:
             raise ValueError("Unknown key type")
+    elif 'BEGIN PRIVATE KEY' in header:
+        if kty is not None and kty == 'EC':
+            jwk = pem2ec(filename, kid, private=True, passphrase=passphrase)
+        elif kty is not None and kty == 'RSA':
+            jwk = pem2rsa(filename, kid, private=True, passphrase=passphrase)
+        else:
+            raise ValueError("Unknown key type")
     elif 'BEGIN EC PRIVATE KEY' in header:
         jwk = pem2ec(filename, kid, private=True, passphrase=passphrase)
     elif 'BEGIN EC PUBLIC KEY' in header:
@@ -88,15 +96,16 @@ def pem2jwk(filename: str, kid: str, kty: Optional[str] = None, private: bool =
     return jwk
 
 
-def export_jwk(jwk: JWK, private: bool = False, encrypt: bool = False) -> bytes:
+def export_jwk(jwk: JWK, private: bool = False, encrypt: bool = False, passphrase: Optional[str] = None) -> bytes:
     """Export JWK as PEM/bin"""
 
     if jwk.kty == 'oct':
         return jwk.key
 
     if private:
         if encrypt:
-            passphrase = getpass('Private key passphrase: ')
+            if passphrase is None:
+                passphrase = getpass('Private key passphrase: ')
         else:
             passphrase = None
         if passphrase:

tests/test_30_tools.py

@@ -0,0 +1,58 @@
+import uuid
+import os
+import pytest
+import json
+
+from cryptojwt.jwk import JWK
+from cryptojwt.jwk.rsa import import_private_rsa_key_from_file, import_public_rsa_key_from_file
+from cryptojwt.jwk.ec import import_private_key_from_file, import_public_key_from_file
+import cryptojwt.tools.keyconv as keyconv
+from cryptojwt.jwx import key_from_jwk_dict
+
+
+BASEDIR = os.path.abspath(os.path.dirname(__file__))
+
+import test_vector
+
+
+
+def jwk_from_file(filename: str, private: bool = True) -> JWK:
+    """Read JWK from file"""
+    with open(filename, mode='rt') as input_file:
+        jwk_dict = json.loads(input_file.read())
+    return key_from_jwk_dict(jwk_dict, private=private)
+
+
+def convert_rsa_pem2jwt(filename_jwk: str, filename_pem: str, private: bool):
+    k1 = jwk_from_file(filename=filename_jwk, private=private)
+    k2 = keyconv.pem2jwk(filename=filename_pem, kid=k1.kid, kty='RSA', private=private, passphrase='')
+    if k1 != k2:
+        raise Exception("Keys differ")
+
+def convert_ec_pem2jwt(filename_jwk: str, filename_pem: str, private: bool):
+    k1 = jwk_from_file(filename=filename_jwk, private=private)
+    k2 = keyconv.pem2jwk(filename=filename_pem, kid=k1.kid, kty='EC', private=private, passphrase='')
+    if k1 != k2:
+        raise Exception("Keys differ")
+
+def test_pem2rsa_public():
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1024.json', BASEDIR+'/test_keys/rsa-1024-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1280.json', BASEDIR+'/test_keys/rsa-1280-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-2048.json', BASEDIR+'/test_keys/rsa-2048-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-3072.json', BASEDIR+'/test_keys/rsa-3072-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-4096.json', BASEDIR+'/test_keys/rsa-4096-public.pem', private=False)
+
+def test_pem2rsa_private():
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1024.json', BASEDIR+'/test_keys/rsa-1024-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1280.json', BASEDIR+'/test_keys/rsa-1280-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-2048.json', BASEDIR+'/test_keys/rsa-2048-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-3072.json', BASEDIR+'/test_keys/rsa-3072-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-4096.json', BASEDIR+'/test_keys/rsa-4096-private.pem', private=True)
+
+def test_pem2ec_public():
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p256.json', BASEDIR+'/test_keys/ec-p256-public.pem', private=False)
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p384.json', BASEDIR+'/test_keys/ec-p384-public.pem', private=False)
+
+def test_pem2ec_private():
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p256.json', BASEDIR+'/test_keys/ec-p256-private.pem', private=True)
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p384.json', BASEDIR+'/test_keys/ec-p384-private.pem', private=True)

tests/test_keys/ec-p256-private.pem

@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgrp4E4eaFhHonpP/U
+8QRaFDTvCGy8mQrSfQod+QxmViehRANCAAQE1WQ7bdvJIkUESD9hc3GUv1+QGt+A
+cKvuzxfjPRqqzLtvlU5nUKOM2rgLCMVP0hiu4wtgREKUYLybH1UPwEuv
+-----END PRIVATE KEY-----
+

tests/test_keys/ec-p256-public.pem

@@ -0,0 +1,5 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBNVkO23bySJFBEg/YXNxlL9fkBrf
+gHCr7s8X4z0aqsy7b5VOZ1CjjNq4CwjFT9IYruMLYERClGC8mx9VD8BLrw==
+-----END PUBLIC KEY-----
+

tests/test_keys/ec-p256.json

@@ -0,0 +1,8 @@
+{
+    "crv": "P-256",
+    "d": "rp4E4eaFhHonpP_U8QRaFDTvCGy8mQrSfQod-QxmVic",
+    "kid": "dHNuMWxLYnlrSjgxMk8wdVEwWVd3Z1o1UUNsbnNTVkZxcDdDUzFUaXhWTQ",
+    "kty": "EC",
+    "x": "BNVkO23bySJFBEg_YXNxlL9fkBrfgHCr7s8X4z0aqsw",
+    "y": "u2-VTmdQo4zauAsIxU_SGK7jC2BEQpRgvJsfVQ_AS68"
+}

tests/test_keys/ec-p384-private.pem

@@ -0,0 +1,7 @@
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCUwKlpiMoGAPaoSfl5
+iVTFrhF1hVzR57YiMld16H7HcMzv6HNF/nHkiaITetKxCaKhZANiAATpTb3pcZ+C
+E9WYGiBho6391NUd5wx15qhGTWT0/2hl2DEvfxHEN/rXJUbG+mzCpvDSvz5IfDDF
+ryLtXb3fgSYxGA8VLPC24wT0PImF5L7u3Z4vjSmO38qkrIwBMkUKyTU=
+-----END PRIVATE KEY-----
+

tests/test_keys/ec-p384-public.pem

@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE6U296XGfghPVmBogYaOt/dTVHecMdeao
+Rk1k9P9oZdgxL38RxDf61yVGxvpswqbw0r8+SHwwxa8i7V2934EmMRgPFSzwtuME
+9DyJheS+7t2eL40pjt/KpKyMATJFCsk1
+-----END PUBLIC KEY-----
+

tests/test_keys/ec-p384.json

@@ -0,0 +1,8 @@
+{
+    "crv": "P-384",
+    "d": "lMCpaYjKBgD2qEn5eYlUxa4RdYVc0ee2IjJXdeh-x3DM7-hzRf5x5ImiE3rSsQmi",
+    "kid": "UDdTWUdvVFZhR0RNVXFUV1pDWEJqT1pwN1BGSnpQSC1LNUMtNE5CUjBhaw",
+    "kty": "EC",
+    "x": "6U296XGfghPVmBogYaOt_dTVHecMdeaoRk1k9P9oZdgxL38RxDf61yVGxvpswqbw",
+    "y": "0r8-SHwwxa8i7V2934EmMRgPFSzwtuME9DyJheS-7t2eL40pjt_KpKyMATJFCsk1"
+}

tests/test_keys/rsa-1024-private.pem

@@ -0,0 +1,17 @@
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAN8MXPfNgdWPVofE
+OvRbhumygi+ttUEZ/Y+Ts/CIoB6neeSjQJZ2zgxQhGWKgKKKATopKPZ4TFK00AUN
+/eNyM59ikRWRpSzIabByUpfEA81EyvoYAl4qVsmpOzl5h3m2kGN15bauOQP9bpHv
+vOn4S25TiNj/NHZhZ6oHoZ1Od24rAgMBAAECgYEA0wOOPH12lETL9xuFLsIcS6Eu
+ms66yIE/KgLxW+DVosqMfeqYYwC4hFv0NWAnvB3VdWGVOD+s7R3UIsQO6ouTGzTT
+Jgye2gg9YbZbB2+STV9cbeUwTCI4ILzsTp8LVHpZTmAXWvp+ui4S+mL78rT3O+pV
+T1BQBwPMqvGOyoBuOTECQQD7xr1Lieex4a0Wi3WeW3ck1GCtIEU0MgIeZLTwc1Y+
+rhem0IQsx4axnV7His+iGikQm20i2EX9AOg2dFRRbJpjAkEA4spAGHgvd+cqUxus
+wQX7SfwNdrMSRko5qJIJXOL0zuUBgJ33APSLTWw2MSRND7cj7yh1b/o8eWkvnRZD
+AkADmQJBAMz29ZNRKPV+qtH3pkDMZSnuWuWVp8DeFSt5AHPe8Q8F2utKRM/Pfq+J
+VWdMccudUGDcpvP+7LsSyffKq/m9V9ECQE6xBtR2v2HHYDQ+Ig9H2A2v26wYLnsd
+Pixzn7QPPAqeA4txREeckslmhtc+VU7iqSFO1JDqLxmhmdfT5aReOeECQGKfe9gJ
+oiTy02VzeMQ/2FSdkHG7ZjZYl1+rwA1Y+2eKstg88xpk456ePp4PBJ5MQLEQKvyq
+wXuCdEjuK8ipOaQ=
+-----END PRIVATE KEY-----
+

tests/test_keys/rsa-1024-public.pem

@@ -0,0 +1,7 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfDFz3zYHVj1aHxDr0W4bpsoIv
+rbVBGf2Pk7PwiKAep3nko0CWds4MUIRlioCiigE6KSj2eExStNAFDf3jcjOfYpEV
+kaUsyGmwclKXxAPNRMr6GAJeKlbJqTs5eYd5tpBjdeW2rjkD/W6R77zp+EtuU4jY
+/zR2YWeqB6GdTnduKwIDAQAB
+-----END PUBLIC KEY-----
+