Authentication¶
- class dane_jwe_jws.authentication.Authentication¶
This class wraps functions for message authentication.
- classmethod sign(message, private_key, dane_id, header_field='x5u')¶
Return a signed JWS message.
The signature algorithm is RS256.
- Parameters
message (str) – Message to be encapsulated and signed.
private_key (str) – Path to private key in PEM format.
dane_id (str) – DANE identity where the signature verification public key can be located.
header_field (str) – Name of the header field used for storing DANE URI. Defaults to
x5u
.
- Returns
Signed and serialized JWS.
- Return type
(str)
- classmethod verify(message, strict=True, header_field='x5u')¶
Return original message if signature checks out, or raise and error.
- Parameters
message (str) – Serialized JWS message.
strict (bool) – Fail if unable to authenticate
PKIX-CD
certificate via DNSSEC pr PKI.header_field (str) – Header field where DANE URI can be found. Defaults to
x5u
.
- Returns
Payload extracted from signed message.
- Return type
str
- Raises
jwcrypto.jws.InvalidJWSSignature if signature fails –