diff --git a/src/cryptojwt/jwk/__init__.py b/src/cryptojwt/jwk/__init__.py index cfde0316..ea2aea32 100644 --- a/src/cryptojwt/jwk/__init__.py +++ b/src/cryptojwt/jwk/__init__.py @@ -178,7 +178,7 @@ def serialize(self, private=False): def get_key(self, private=False, **kwargs): """ - Get a keys useful for signing and/or encrypting information. + Get a key useful for signing and/or encrypting information. :param private: Private key requested. If false return a public key. :return: A key instance. This can be an RSA, EC or other @@ -290,6 +290,9 @@ def appropriate_for(self, usage, **kwargs): def update(self): pass + def key_len(self): + raise NotImplemented + def pems_to_x5c(cert_chain): """ diff --git a/src/cryptojwt/jwk/ec.py b/src/cryptojwt/jwk/ec.py index d27f5c8e..88134308 100644 --- a/src/cryptojwt/jwk/ec.py +++ b/src/cryptojwt/jwk/ec.py @@ -1,6 +1,8 @@ from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives.asymmetric import ec +from cryptojwt.exception import KeyNotFound + from ..exception import DeSerializationNotPossible from ..exception import JWKESTException from ..exception import UnsupportedECurve @@ -254,6 +256,14 @@ def __eq__(self, other): return False + def key_len(self): + if self.priv_key: + return self.priv_key.key_size + elif self.pub_key: + return self.pub_key.key_size + else: + raise KeyNotFound + def cmp_keys(a, b, key_type): if isinstance(a, key_type): diff --git a/src/cryptojwt/jwk/hmac.py b/src/cryptojwt/jwk/hmac.py index 70da83f2..f86c366d 100644 --- a/src/cryptojwt/jwk/hmac.py +++ b/src/cryptojwt/jwk/hmac.py @@ -1,6 +1,8 @@ import logging import os +from cryptojwt.exception import KeyNotFound + from ..exception import JWKException from ..exception import UnsupportedAlgorithm from ..exception import WrongUsage @@ -149,6 +151,12 @@ def __eq__(self, other): return True + def key_len(self): + if self.key: + return len(self.key) + else: + raise KeyNotFound + def new_sym_key(use="", bytes=24, kid=""): _key = SYMKey(use=use, kid=kid, key=as_unicode(os.urandom(bytes))) diff --git a/src/cryptojwt/jwk/rsa.py b/src/cryptojwt/jwk/rsa.py index e98cb236..ab24a2bb 100644 --- a/src/cryptojwt/jwk/rsa.py +++ b/src/cryptojwt/jwk/rsa.py @@ -5,6 +5,8 @@ from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import rsa +from cryptojwt.exception import KeyNotFound + from ..exception import DeSerializationNotPossible from ..exception import JWKESTException from ..exception import SerializationNotPossible @@ -470,6 +472,14 @@ def __eq__(self, other): else: return cmp_private_numbers(pn1, pn2) + def key_len(self): + if self.priv_key: + return self.priv_key.key_size + elif self.pub_key: + return self.pub_key.key_size + else: + raise KeyNotFound + def new_rsa_key(key_size=2048, kid="", public_exponent=65537, **kwargs): """ diff --git a/tests/test_02_jwk.py b/tests/test_02_jwk.py index a9307b8b..0e1b161a 100644 --- a/tests/test_02_jwk.py +++ b/tests/test_02_jwk.py @@ -115,6 +115,12 @@ def test_dumps(): assert _eq(list(jwk.keys()), ["kty", "e", "n", "kid"]) +def test_key_size(): + _ckey = import_rsa_key_from_cert_file(CERT) + jwk = jwk_wrap(_ckey) + assert jwk.key_len() == 1024 + + def test_import_rsa_key(): _ckey = import_private_rsa_key_from_file(full_path(KEY)) assert isinstance(_ckey, rsa.RSAPrivateKey) @@ -163,6 +169,7 @@ def test_verify_2(): _key = RSAKey() _key.load_key(import_rsa_key_from_cert_file(CERT)) assert _key.verify() + assert _key.key_len() == 1024 # default def test_cmp_rsa(): @@ -188,11 +195,13 @@ def test_import_export_eckey(): _key = ECKey(**ECKEY) _key.deserialize() assert _eq(list(_key.keys()), ["y", "x", "d", "crv", "kty"]) + assert _key.key_len() == 521 def test_new_ec_key(): ec_key = new_ec_key("P-256") assert isinstance(ec_key, ECKey) + assert ec_key.key_len() == 256 def test_create_eckey(): @@ -622,6 +631,7 @@ def test_mint_new_sym_key(): assert key.use == "sig" assert key.kid == "one" assert len(key.key) == 24 + assert key.key_len() == 24 def test_dump_load():