Skip to content

Use DANE for public key discovery, for JWE encryption and JWS message authentication.

License

Notifications You must be signed in to change notification settings

ValiMail/dane-jwe-jws

Repository files navigation

dane_jwe_jws

A library for using JWE and JWS with DANE for identity-secured messaging.

This library enables the easy generation of signed and encrypted messages, using TLSA records in DNS for public key discovery. This library places the DNS URI in the x5u protected header field. The receiving party uses this field for discovering the public key which is used for verifying message payload.

Note: Currently, only RSA public keys are supported (RSA-OAEP-256 for encryption and RS256 for signing)

Documentation Status https://circleci.com/gh/ValiMail/dane-jwe-jws.svg?style=shield Maintainability Test Coverage

Quick Start

Installation

pip install dane-jwe-jws

Encrypt a message using a DANE-represented identity

from dane_jwe_jws.encryption import Encryption
test_message = "hello world!!"
identity_name = "dns.name.where.cert.lives.in.a.tlsa.record"
encrypted = Encryption.encrypt(test_message, identity_name)
print(encrypted)

More examples

About

Use DANE for public key discovery, for JWE encryption and JWS message authentication.

Resources

License

Stars

Watchers

Forks

Packages

No packages published