stackoom
  简体   繁体   中英

Working with the Python Cryptographic Library

 原文  2019-10-29 14:23:13       python/ cryptography/ python-3.7/ django-rest-framework-jwt

Question

I'm attempting to add the JWT_PUBLIC and JWT_PRIVATE key functionality to djangorestframework-jwt . This is the section in the documentation which gives details as to how to use it:

Django REST 框架 JWT 公钥和私钥

To start, I have the following:

from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey, RSAPrivateKey

JWT_SECRET_KEY = 'supercrazysecretjwtstringwowamazing'

JWT_PUBLIC_KEY = RSAPublicKey().encrypt(JWT_SECRET_KEY)

JWT_PRIVAT_KEY = RSAPrivateKey().encrypt(JWT_SECRET_KEY)

However, I am receiving the following error:

TypeError: Can't instantiate abstract class RSAPublicKey with abstract methods encrypt, key_size, public_bytes, public_numbers, verifier, verify

Having looked through the documentation, I am none the wiser as to what the is specifically asking me to do/change.

So, my question/(s) is/are:

1.) How do we use the JWT_PUBLIC_KEY and JWT_PRIVATE_KEY functionality of this package?

2.) What does the " Can't instantiate abstract class X with abstract methods " actually mean in a Python context?

1 answers

solution1
 0  2019-10-29 15:14:39

asymmetric crypto (ie having public and private keys) is different from symmetric crypto (ie just having a single secret key). you can't (generally) derive an asymmetric (public/private) key pair from a passphrase, you have to generate them with something like openssl

those docs also look incorrect, the code just passes the private and public keys to PyJWT which in turn expects strings

to solve your problem:

  1. start by generating the keypair , and extracting the public part into a separate file
  2. change your config to something like:
JWT_ALGORITHM = 'RS256'
JWT_PUBLIC_KEY = open('public.pem').read()
JWT_PRIVATE_KEY = open('private.pem').read()

and things will hopefully work!

looks like I misread the code, you can load keys with something like:

def load_rsa_private_key(path):
    from cryptography.hazmat.backends import default_backend
    from cryptography.hazmat.primitives import serialization

    with open(path, 'rb') as priv:
        private_key = serialization.load_pem_private_key(
            priv.read(), password=None, backend=default_backend())

    return private_key

JWT_PRIVATE_KEY = load_rsa_private_key('keypair.pem')
JWT_PUBLIC_KEY = JWT_PRIVATE_KEY.public_key()

I'm doing it in a function so that it doesn't pollute your config namespace too much

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Cryptographic hash functions in Python Recommended Python cryptographic module? XOR cryptographic algorithm not working for > 54 chars Is there a working OAuth library for Python 3? Python imaging library in working Python Turtle library methods not working Working with Python Module/Library (Scipy) Additional python library not working on macos keyboard library not working in python 3.9.1 working with a library in a different folder python
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM