Created
June 2, 2024 18:07
-
-
Save ptoffy/bf9bd191f529b485219ca2c136619802 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
import base64 | |
from pyspx import sha2_128s | |
import os | |
# 48 bytes seed | |
seed = "0123456789abcdef0123456789abcdef0123456789abcdef".encode('utf-8') | |
public_key, secret_key = sha2_128s.generate_keypair(seed) | |
header = { | |
"alg": "SPHINCS+128s", | |
"typ": "JWT" | |
} | |
payload = { | |
"sub": "vapor", | |
"name": "Foo", | |
"admin": False, | |
"exp": 2000000000 | |
} | |
def base64url_encode(data): | |
return base64.urlsafe_b64encode(data).rstrip(b'=') | |
# Encode header and payload to Base64URL | |
encoded_header = base64url_encode(json.dumps(header).encode('utf-8')) | |
encoded_payload = base64url_encode(json.dumps(payload).encode('utf-8')) | |
# Create the message to sign | |
message = b'.'.join([encoded_header, encoded_payload]) | |
# Sign the message | |
signature = sha2_128s.sign(message, secret_key) | |
# Encode the signature to Base64URL | |
encoded_signature = base64url_encode(signature) | |
jwt_token = b'.'.join([encoded_header, encoded_payload, encoded_signature]).decode('utf-8') | |
print(jwt_token) | |
def base64url_decode(data): | |
padding = '=' * (4 - len(data) % 4) | |
return base64.urlsafe_b64decode(data + padding) | |
# Split the JWT | |
encoded_header, encoded_payload, encoded_signature = jwt_token.split('.') | |
# Decode the signature | |
decoded_signature = base64url_decode(encoded_signature) | |
# Verify the signature | |
message = b'.'.join([encoded_header.encode('utf-8'), encoded_payload.encode('utf-8')]) | |
is_valid = sha2_128s.verify(message, decoded_signature, public_key) | |
print(f"Signature valid: {is_valid}") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment