Mirror
/
python-keycloak
mirror of https://github.com/marcospereirampj/python-keycloak.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
951 Commits
13 Branches
120 Tags
21 MiB
Tree: e54dc5169b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e54dc5169b'
${ noResults }
python-keycloak/keycloak-dev/share/doc/jwcrypto/README.md

48 lines
2.3 KiB
Raw Normal View History

adds organisation interface for kc26
1 month ago
  1. [![PyPI](https://img.shields.io/pypi/v/jwcrypto.svg)](https://pypi.org/project/jwcrypto/)
  2. [![Changelog](https://img.shields.io/github/v/release/latchset/jwcrypto?label=changelog)](https://github.com/latchset/jwcrypto/releases)
  3. [![Build Status](https://github.com/latchset/jwcrypto/actions/workflows/build.yml/badge.svg)](https://github.com/latchset/jwcrypto/actions/workflows/build.yml)
  4. [![ppc64le Build](https://github.com/latchset/jwcrypto/actions/workflows/ppc64le.yml/badge.svg)](https://github.com/latchset/jwcrypto/actions/workflows/ppc64le.yml)
  5. [![Code Scan](https://github.com/latchset/jwcrypto/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/latchset/jwcrypto/actions/workflows/codeql-analysis.yml)
  6. [![Documentation Status](https://readthedocs.org/projects/jwcrypto/badge/?version=latest)](https://jwcrypto.readthedocs.io/en/latest/?badge=latest)
  8. JWCrypto
  9. ========
  11. An implementation of the JOSE Working Group documents:
  12. - RFC 7515 - JSON Web Signature (JWS)
  13. - RFC 7516 - JSON Web Encryption (JWE)
  14. - RFC 7517 - JSON Web Key (JWK)
  15. - RFC 7518 - JSON Web Algorithms (JWA)
  16. - RFC 7519 - JSON Web Token (JWT)
  17. - RFC 7520 - Examples of Protecting Content Using JSON Object Signing and
  18. Encryption (JOSE)
  20. Installation
  21. ============
  23. pip install jwcrypto
  25. Documentation
  26. =============
  28. http://jwcrypto.readthedocs.org
  30. Deprecation Notices
  31. ===================
  33. 2020.12.11: The RSA1_5 algorithm is now considered deprecated due to numerous
  34. implementation issues that make it a very problematic tool to use safely.
  35. The algorithm can still be used but requires explicitly allowing it on object
  36. instantiation. If your application depends on it there are examples of how to
  37. re-enable RSA1_5 usage in the tests files.
  39. Note: if you enable support for `RSA1_5` and the attacker can send you chosen
  40. ciphertext and is able to measure the processing times of your application,
  41. then your application will be vulnerable to a Bleichenbacher RSA padding
  42. oracle, allowing the so-called "Million messages attack". That attack allows
  43. to decrypt intercepted messages (even if they were encrypted with RSA-OAEP) or
  44. forge signatures (both RSA-PKCS#1 v1.5 and RSASSA-PSS).
  46. Given JWT is generally used in tokens to sign authorization assertions or to
  47. encrypt private key material, this is a particularly severe issue, and must
  48. not be underestimated.