swarmauri_crypto_jwe 0.2.0.dev3__tar.gz → 0.2.0.dev31__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,10 +1,12 @@
1
- Metadata-Version: 2.3
1
+ Metadata-Version: 2.4
2
2
  Name: swarmauri_crypto_jwe
3
- Version: 0.2.0.dev3
3
+ Version: 0.2.0.dev31
4
4
  Summary: RFC 7516/7518 compliant JWE crypto provider for Swarmauri
5
- License: Apache-2.0
6
- Author: Swarmauri
7
- Author-email: opensource@swarmauri.com
5
+ License-Expression: Apache-2.0
6
+ License-File: LICENSE
7
+ Keywords: swarmauri,sdk,standards,crypto,jwe,cryptography
8
+ Author: Jacob Stewart
9
+ Author-email: jacob@swarmauri.com
8
10
  Requires-Python: >=3.10,<3.13
9
11
  Classifier: License :: OSI Approved :: Apache Software License
10
12
  Classifier: Natural Language :: English
@@ -15,6 +17,9 @@ Classifier: Programming Language :: Python :: 3.13
15
17
  Classifier: Development Status :: 3 - Alpha
16
18
  Classifier: Topic :: Security :: Cryptography
17
19
  Classifier: Intended Audience :: Developers
20
+ Classifier: Programming Language :: Python
21
+ Classifier: Programming Language :: Python :: 3
22
+ Classifier: Programming Language :: Python :: 3 :: Only
18
23
  Provides-Extra: cbor
19
24
  Provides-Extra: json
20
25
  Requires-Dist: cbor2 ; extra == "cbor"
@@ -23,7 +28,7 @@ Requires-Dist: swarmauri_base
23
28
  Requires-Dist: swarmauri_core
24
29
  Description-Content-Type: text/markdown
25
30
 
26
- ![Swamauri Logo](https://res.cloudinary.com/dbjmpekvl/image/upload/v1730099724/Swarmauri-logo-lockup-2048x757_hww01w.png)
31
+ ![Swarmauri Logo](https://github.com/swarmauri/swarmauri-sdk/blob/3d4d1cfa949399d7019ae9d8f296afba773dfb7f/assets/swarmauri.brand.theme.svg)
27
32
 
28
33
  <p align="center">
29
34
  <a href="https://pypi.org/project/swarmauri_crypto_jwe/"><img src="https://img.shields.io/pypi/dm/swarmauri_crypto_jwe" alt="PyPI - Downloads"/></a>
@@ -39,16 +44,29 @@ Description-Content-Type: text/markdown
39
44
 
40
45
  JSON Web Encryption (JWE) provider implementing RFC 7516 and RFC 7518 compliant encryption and decryption helpers.
41
46
 
42
- - Supports `dir`, `RSA-OAEP`, `RSA-OAEP-256`, and `ECDH-ES`
43
- - Supports `A128GCM`, `A192GCM`, and `A256GCM`
44
- - Optional compression (`zip` = `DEF`) and Additional Authenticated Data (AAD)
47
+ ### Features
48
+
49
+ - Asynchronous API for compact JWE serialization returning strings.
50
+ - Accepts `JWAAlg` enums from [`swarmauri_core.crypto.types`](https://github.com/swarmauri/swarmauri-sdk/tree/master/pkgs/core/swarmauri_core/crypto/types.py) for algorithms.
51
+ - Supports `dir`, `RSA-OAEP`, `RSA-OAEP-256`, and `ECDH-ES` key management algorithms.
52
+ - Supports `A128GCM`, `A192GCM`, and `A256GCM` content encryption.
53
+ - Optional compression (`zip` = `DEF`) and Additional Authenticated Data (AAD).
54
+ - Returns structured decrypt results that include both the protected header and plaintext.
55
+ - Registers with the Swarmauri PluginManager via the `swarmauri.cryptos` entry point.
45
56
 
46
57
  ### Installation
47
58
 
48
59
  ```bash
49
60
  pip install swarmauri_crypto_jwe
61
+ # or
62
+ poetry add swarmauri_crypto_jwe
63
+ # or, with uv
64
+ uv add swarmauri_crypto_jwe
50
65
  ```
51
66
 
67
+ > [!TIP]
68
+ > `uv` can be installed with `pip install uv` or by following the instructions at [astral.sh/uv](https://docs.astral.sh/uv/). Once installed, run `uv add swarmauri_crypto_jwe` from your project directory to add the dependency.
69
+
52
70
  ### Usage
53
71
 
54
72
  The helpers are asynchronous and return compact JWE strings that can be
@@ -64,6 +82,7 @@ decrypted back into their original plaintext. A typical flow is:
64
82
  import asyncio
65
83
  from cryptography.hazmat.primitives import serialization
66
84
  from cryptography.hazmat.primitives.asymmetric import rsa
85
+ from swarmauri_core.crypto.types import JWAAlg
67
86
  from swarmauri_crypto_jwe import JweCrypto
68
87
 
69
88
 
@@ -78,8 +97,8 @@ async def main() -> None:
78
97
 
79
98
  jwe = await crypto.encrypt_compact(
80
99
  payload=b"secret",
81
- alg="RSA-OAEP-256",
82
- enc="A256GCM",
100
+ alg=JWAAlg.RSA_OAEP_256,
101
+ enc=JWAAlg.A256GCM,
83
102
  key={"pub": pk_pem},
84
103
  )
85
104
 
@@ -97,16 +116,33 @@ async def main() -> None:
97
116
  asyncio.run(main())
98
117
  ```
99
118
 
119
+ ### Loading via PluginManager
120
+
121
+ ```python
122
+ from swarmauri.plugin import PluginManager
123
+
124
+ pm = PluginManager()
125
+ crypto = pm.load("swarmauri.cryptos", "JweCrypto")
126
+ ```
127
+
100
128
  **Parameters**
101
129
 
102
- - `alg` – key management algorithm such as `RSA-OAEP-256` or `dir`.
103
- - `enc` – content encryption algorithm like `A256GCM`.
104
- - `key` – mapping containing the public key or direct symmetric key
105
- material.
106
- - Decryption requires the matching private key via `rsa_private_pem`,
107
- `dir_key`, or `ecdh_private_key`.
130
+ - `alg` – `JWAAlg` member describing the key management algorithm (`JWAAlg.RSA_OAEP_256`, `JWAAlg.DIR`, etc.).
131
+ - `enc` – `JWAAlg` member describing the content encryption algorithm (`JWAAlg.A256GCM`, `JWAAlg.A128GCM`, etc.).
132
+ - `key` – mapping containing the key material used for encryption:
133
+ - `{"k": bytes}` for direct symmetric keys (`dir`).
134
+ - `{"pub": rsa_public_key}` for RSA OAEP, where the public key may be PEM bytes or an `RSAPublicKey` instance.
135
+ - `{"pub": ec_public_key}` for ECDH-ES with PEM, JWK, or key objects.
136
+ - Optional `header_extra` values are merged into the protected header (use `zip="DEF"` to enable compression).
137
+ - Decryption requires the matching private key via `dir_key`, `rsa_private_pem`/`rsa_private_password`, or `ecdh_private_key`.
138
+ - `expected_algs` and `expected_encs` constrain acceptable algorithms during decryption, and `aad` must match the authenticated data provided at encryption time.
108
139
 
109
140
  ## Entry point
110
141
 
111
142
  The provider is registered under the `swarmauri.cryptos` entry point as `JweCrypto`.
112
143
 
144
+ ## Want to help?
145
+
146
+ If you want to contribute to swarmauri-sdk, read up on our
147
+ [guidelines for contributing](https://github.com/swarmauri/swarmauri-sdk/blob/master/CONTRIBUTING.md)
148
+ that will help you get started.
@@ -1,4 +1,4 @@
1
- ![Swamauri Logo](https://res.cloudinary.com/dbjmpekvl/image/upload/v1730099724/Swarmauri-logo-lockup-2048x757_hww01w.png)
1
+ ![Swarmauri Logo](https://github.com/swarmauri/swarmauri-sdk/blob/3d4d1cfa949399d7019ae9d8f296afba773dfb7f/assets/swarmauri.brand.theme.svg)
2
2
 
3
3
  <p align="center">
4
4
  <a href="https://pypi.org/project/swarmauri_crypto_jwe/"><img src="https://img.shields.io/pypi/dm/swarmauri_crypto_jwe" alt="PyPI - Downloads"/></a>
@@ -14,16 +14,29 @@
14
14
 
15
15
  JSON Web Encryption (JWE) provider implementing RFC 7516 and RFC 7518 compliant encryption and decryption helpers.
16
16
 
17
- - Supports `dir`, `RSA-OAEP`, `RSA-OAEP-256`, and `ECDH-ES`
18
- - Supports `A128GCM`, `A192GCM`, and `A256GCM`
19
- - Optional compression (`zip` = `DEF`) and Additional Authenticated Data (AAD)
17
+ ### Features
18
+
19
+ - Asynchronous API for compact JWE serialization returning strings.
20
+ - Accepts `JWAAlg` enums from [`swarmauri_core.crypto.types`](https://github.com/swarmauri/swarmauri-sdk/tree/master/pkgs/core/swarmauri_core/crypto/types.py) for algorithms.
21
+ - Supports `dir`, `RSA-OAEP`, `RSA-OAEP-256`, and `ECDH-ES` key management algorithms.
22
+ - Supports `A128GCM`, `A192GCM`, and `A256GCM` content encryption.
23
+ - Optional compression (`zip` = `DEF`) and Additional Authenticated Data (AAD).
24
+ - Returns structured decrypt results that include both the protected header and plaintext.
25
+ - Registers with the Swarmauri PluginManager via the `swarmauri.cryptos` entry point.
20
26
 
21
27
  ### Installation
22
28
 
23
29
  ```bash
24
30
  pip install swarmauri_crypto_jwe
31
+ # or
32
+ poetry add swarmauri_crypto_jwe
33
+ # or, with uv
34
+ uv add swarmauri_crypto_jwe
25
35
  ```
26
36
 
37
+ > [!TIP]
38
+ > `uv` can be installed with `pip install uv` or by following the instructions at [astral.sh/uv](https://docs.astral.sh/uv/). Once installed, run `uv add swarmauri_crypto_jwe` from your project directory to add the dependency.
39
+
27
40
  ### Usage
28
41
 
29
42
  The helpers are asynchronous and return compact JWE strings that can be
@@ -39,6 +52,7 @@ decrypted back into their original plaintext. A typical flow is:
39
52
  import asyncio
40
53
  from cryptography.hazmat.primitives import serialization
41
54
  from cryptography.hazmat.primitives.asymmetric import rsa
55
+ from swarmauri_core.crypto.types import JWAAlg
42
56
  from swarmauri_crypto_jwe import JweCrypto
43
57
 
44
58
 
@@ -53,8 +67,8 @@ async def main() -> None:
53
67
 
54
68
  jwe = await crypto.encrypt_compact(
55
69
  payload=b"secret",
56
- alg="RSA-OAEP-256",
57
- enc="A256GCM",
70
+ alg=JWAAlg.RSA_OAEP_256,
71
+ enc=JWAAlg.A256GCM,
58
72
  key={"pub": pk_pem},
59
73
  )
60
74
 
@@ -72,15 +86,33 @@ async def main() -> None:
72
86
  asyncio.run(main())
73
87
  ```
74
88
 
89
+ ### Loading via PluginManager
90
+
91
+ ```python
92
+ from swarmauri.plugin import PluginManager
93
+
94
+ pm = PluginManager()
95
+ crypto = pm.load("swarmauri.cryptos", "JweCrypto")
96
+ ```
97
+
75
98
  **Parameters**
76
99
 
77
- - `alg` – key management algorithm such as `RSA-OAEP-256` or `dir`.
78
- - `enc` – content encryption algorithm like `A256GCM`.
79
- - `key` – mapping containing the public key or direct symmetric key
80
- material.
81
- - Decryption requires the matching private key via `rsa_private_pem`,
82
- `dir_key`, or `ecdh_private_key`.
100
+ - `alg` – `JWAAlg` member describing the key management algorithm (`JWAAlg.RSA_OAEP_256`, `JWAAlg.DIR`, etc.).
101
+ - `enc` – `JWAAlg` member describing the content encryption algorithm (`JWAAlg.A256GCM`, `JWAAlg.A128GCM`, etc.).
102
+ - `key` – mapping containing the key material used for encryption:
103
+ - `{"k": bytes}` for direct symmetric keys (`dir`).
104
+ - `{"pub": rsa_public_key}` for RSA OAEP, where the public key may be PEM bytes or an `RSAPublicKey` instance.
105
+ - `{"pub": ec_public_key}` for ECDH-ES with PEM, JWK, or key objects.
106
+ - Optional `header_extra` values are merged into the protected header (use `zip="DEF"` to enable compression).
107
+ - Decryption requires the matching private key via `dir_key`, `rsa_private_pem`/`rsa_private_password`, or `ecdh_private_key`.
108
+ - `expected_algs` and `expected_encs` constrain acceptable algorithms during decryption, and `aad` must match the authenticated data provided at encryption time.
83
109
 
84
110
  ## Entry point
85
111
 
86
112
  The provider is registered under the `swarmauri.cryptos` entry point as `JweCrypto`.
113
+
114
+ ## Want to help?
115
+
116
+ If you want to contribute to swarmauri-sdk, read up on our
117
+ [guidelines for contributing](https://github.com/swarmauri/swarmauri-sdk/blob/master/CONTRIBUTING.md)
118
+ that will help you get started.
@@ -1,11 +1,11 @@
1
1
  [project]
2
2
  name = "swarmauri_crypto_jwe"
3
- version = "0.2.0.dev3"
3
+ version = "0.2.0.dev31"
4
4
  description = "RFC 7516/7518 compliant JWE crypto provider for Swarmauri"
5
5
  license = "Apache-2.0"
6
6
  readme = "README.md"
7
7
  requires-python = ">=3.10,<3.13"
8
- authors = [{ name = "Swarmauri", email = "opensource@swarmauri.com" }]
8
+ authors = [{ name = "Jacob Stewart", email = "jacob@swarmauri.com" }]
9
9
  classifiers = [
10
10
  "License :: OSI Approved :: Apache Software License",
11
11
  "Natural Language :: English",
@@ -16,12 +16,23 @@ classifiers = [
16
16
  "Development Status :: 3 - Alpha",
17
17
  "Topic :: Security :: Cryptography",
18
18
  "Intended Audience :: Developers",
19
+ "Programming Language :: Python",
20
+ "Programming Language :: Python :: 3",
21
+ "Programming Language :: Python :: 3 :: Only",
19
22
  ]
20
23
  dependencies = [
21
24
  "swarmauri_core",
22
25
  "swarmauri_base",
23
26
  "cryptography>=41",
24
27
  ]
28
+ keywords = [
29
+ 'swarmauri',
30
+ 'sdk',
31
+ 'standards',
32
+ 'crypto',
33
+ 'jwe',
34
+ 'cryptography',
35
+ ]
25
36
 
26
37
  [project.optional-dependencies]
27
38
  json = []
@@ -1,3 +1,9 @@
1
+ """High level helpers for JSON Web Encryption.
2
+
3
+ This module provides compact serialization routines for JWE messages as
4
+ specified by RFC 7516 and RFC 7518.
5
+ """
6
+
1
7
  from __future__ import annotations
2
8
 
3
9
  import base64
@@ -189,12 +195,22 @@ JWECompact = str
189
195
 
190
196
  @dataclass
191
197
  class JweDecryptResult:
198
+ """Return value for :meth:`JweCrypto.decrypt_compact`.
199
+
200
+ header (Dict[str, Any]): Parsed JWE header.
201
+ plaintext (bytes): Decrypted payload bytes.
202
+ """
203
+
192
204
  header: Dict[str, Any]
193
205
  plaintext: bytes
194
206
 
195
207
 
196
208
  class JweCrypto:
197
- """Utility class for JSON Web Encryption (RFC 7516, RFC 7518)."""
209
+ """Utility class for working with JSON Web Encryption.
210
+
211
+ The helpers create and parse compact JWE strings. All operations are
212
+ asynchronous to integrate with async workflows.
213
+ """
198
214
 
199
215
  async def encrypt_compact(
200
216
  self,
@@ -207,6 +223,19 @@ class JweCrypto:
207
223
  header_extra: Optional[Mapping[str, Any]] = None,
208
224
  aad: Optional[Union[bytes, str]] = None,
209
225
  ) -> JWECompact:
226
+ """Encrypt a payload into a compact JWE string.
227
+
228
+ payload (Union[bytes, str, Mapping[str, Any]]): Data to encrypt. Strings and
229
+ mappings are encoded as UTF-8 JSON.
230
+ alg (JWAAlg): Key management algorithm.
231
+ enc (JWAAlg): Content encryption algorithm.
232
+ key (Mapping[str, Any]): Key material used for encryption.
233
+ kid (str): Optional key identifier placed in the protected header.
234
+ header_extra (Mapping[str, Any]): Additional protected header fields.
235
+ aad (Union[bytes, str]): Additional authenticated data.
236
+ RETURNS (JWECompact): Compact JWE representation.
237
+ """
238
+
210
239
  if isinstance(payload, str):
211
240
  pt = payload.encode("utf-8")
212
241
  elif isinstance(payload, (bytes, bytearray)):
@@ -318,6 +347,20 @@ class JweCrypto:
318
347
  expected_encs: Optional[Iterable[JWAAlg]] = None,
319
348
  aad: Optional[Union[bytes, str]] = None,
320
349
  ) -> JweDecryptResult:
350
+ """Decrypt a compact JWE string.
351
+
352
+ jwe (JWECompact): Serialized JWE to decode.
353
+ dir_key (Union[bytes, str]): Symmetric key when ``alg='dir'`` is used.
354
+ rsa_private_pem (Union[str, bytes]): RSA private key in PEM encoding for
355
+ RSA-OAEP algorithms.
356
+ rsa_private_password (Union[str, bytes]): Password for the RSA key.
357
+ ecdh_private_key (Any): Private key for ECDH-ES.
358
+ expected_algs (Iterable[JWAAlg]): Allowed algorithm values.
359
+ expected_encs (Iterable[JWAAlg]): Allowed encryption values.
360
+ aad (Union[bytes, str]): Additional authenticated data.
361
+ RETURNS (JweDecryptResult): Header and plaintext of the decrypted token.
362
+ """
363
+
321
364
  parts = jwe.split(".")
322
365
  if len(parts) != 5:
323
366
  raise ValueError("Invalid JWE compact: expected 5 dot-separated parts.")