Library to offload some JWT crypto operations to KMS

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jmtapio from gravatar.com jmtapio

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Juha-Matti Tapio
  • Requires: Python >=3.9, <4.0
Classifiers

Project description

Python jwt_kms library

This library is work in progress.

Isolating private asymmetric keys to AWS KMS helps improve security by making it next to impossible to make copies of them. This library aims to provide a simple interface to use KMS keys to sign payloads into JWS tokens and/or to encrypt payloads into JWE tokens.

Signing with RSA and EC keys is currently supported.

Keys

import boto3
from jwt_kms import jwk

client = boto3.client('kms')
key = jwk.JWK(client, 'some-key-id')

public_key_pem = key.public_key_pem

Signing

from jwt_kms import jws

payload = {
   'something': 'yes',
   'more_something': 'abc'
}

token = jws.JWS(payload).add_signature(key, 'RS256').serialize(compact=True)  # or compact=False

Encrypting

TODO.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jmtapio from gravatar.com jmtapio

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Juha-Matti Tapio
  • Requires: Python >=3.9, <4.0
Classifiers

Release history Release notifications | RSS feed

0.1.3

This version

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

jwt-kms-0.1.2.tar.gz (4.3 kB view details)

Uploaded Source

Built Distribution

jwt_kms-0.1.2-py3-none-any.whl (5.2 kB view details)

Uploaded Python 3

File details

Details for the file jwt-kms-0.1.2.tar.gz.

File metadata

  • Download URL: jwt-kms-0.1.2.tar.gz
  • Upload date:
  • Size: 4.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.12 CPython/3.9.2 Linux/4.19.0-4-amd64

File hashes

Hashes for jwt-kms-0.1.2.tar.gz
Algorithm Hash digest
SHA256 a7fefbcd055c9e36bcb47f01cc3a0f73029cd4b2d8763c515fa01124e16226f3
MD5 a970e2391afbf44667f5a40be52ba40a
BLAKE2b-256 04e50e68b9380d1eac1bfbe050e90694781254ea6e25f3e6a171a7204b317a9b

See more details on using hashes here.

File details

Details for the file jwt_kms-0.1.2-py3-none-any.whl.

File metadata

  • Download URL: jwt_kms-0.1.2-py3-none-any.whl
  • Upload date:
  • Size: 5.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.12 CPython/3.9.2 Linux/4.19.0-4-amd64

File hashes

Hashes for jwt_kms-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 4650c5b12d3f02d58335aea3552e5569ea5285e277fa7cb2415fa95efc15d83b
MD5 f3f5cbea106b1dc0ed5f127f48fd4c0f
BLAKE2b-256 dcdf81b15de084af54057ee620300fa0f302653b55f0e0bdd44a304d25594eec

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page