Skip to content

Class swarmauri_cipher_suite_jwa.JwaCipherSuite.JwaCipherSuite

swarmauri_cipher_suite_jwa.JwaCipherSuite.JwaCipherSuite

Bases: CipherSuiteBase

JSON Web Algorithm policy surface (RFC 7518).

suite_id

suite_id()
Source code in swarmauri_cipher_suite_jwa/JwaCipherSuite.py
34
35
def suite_id(self) -> str:
    return "jwa"

supports

supports()
Source code in swarmauri_cipher_suite_jwa/JwaCipherSuite.py
37
38
39
40
41
42
43
44
45
def supports(self) -> Mapping[CipherOp, Iterable[Alg]]:
    return {
        "sign": ("EdDSA", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512"),
        "verify": ("EdDSA", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512"),
        "encrypt": ("A128GCM", "A192GCM", "A256GCM"),
        "decrypt": ("A128GCM", "A192GCM", "A256GCM"),
        "wrap": ("RSA-OAEP", "RSA-OAEP-256", "A256KW"),
        "unwrap": ("RSA-OAEP", "RSA-OAEP-256", "A256KW"),
    }

default_alg

default_alg(op, *, for_key=None)
Source code in swarmauri_cipher_suite_jwa/JwaCipherSuite.py
47
48
49
50
51
52
53
def default_alg(self, op: CipherOp, *, for_key: Optional[KeyRef] = None) -> Alg:
    defaults = {
        "sign": "EdDSA",
        "encrypt": "A256GCM",
        "wrap": "RSA-OAEP-256",
    }
    return defaults.get(op, "A256GCM")

features

features()
Source code in swarmauri_cipher_suite_jwa/JwaCipherSuite.py
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
def features(self) -> Features:
    allowed = self.supports()
    flat = sorted({alg for values in allowed.values() for alg in values})
    return {
        "suite": "jwa",
        "version": 1,
        "dialects": {
            "jwa": flat,
            "cose": [
                value
                for value in {_JWA_TO_COSE.get(alg) for alg in flat}
                if value is not None
            ],
        },
        "ops": {
            op: {"default": self.default_alg(op), "allowed": list(values)}
            for op, values in allowed.items()
            if values
        },
        "constraints": {"aead": {"tagBits": 128, "nonceLen": 12}},
        "compliance": {"fips": False},
    }

normalize

normalize(
    *, op, alg=None, key=None, params=None, dialect=None
)
Source code in swarmauri_cipher_suite_jwa/JwaCipherSuite.py
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
def normalize(
    self,
    *,
    op: CipherOp,
    alg: Optional[Alg] = None,
    key: Optional[KeyRef] = None,
    params: Optional[ParamMapping] = None,
    dialect: Optional[str] = None,
) -> NormalizedDescriptor:
    allowed = set(self.supports().get(op, ()))
    chosen = alg or self.default_alg(op, for_key=key)
    if chosen not in allowed:
        raise ValueError(f"{chosen=} not supported for {op=}")

    resolved = dict(params or {})
    if chosen.endswith("GCM"):
        resolved.setdefault("tagBits", 128)
        resolved.setdefault("nonceLen", 12)
    if chosen.startswith("PS"):
        resolved.setdefault("saltBits", int(chosen[-3:]))
    mapped = {
        "jwa": chosen,
        "cose": _JWA_TO_COSE.get(chosen),
        "provider": chosen,
    }
    return {
        "op": op,
        "alg": chosen,
        "dialect": "jwa" if dialect is None else dialect,  # allow caller override
        "mapped": mapped,
        "params": resolved,
        "constraints": {"minKeyBits": 0},
        "policy": self.policy(),
    }