Merge pull request #22 from jschlyter/keyconv2

rohe · web-flow · commit b9d35cff0d50 · 2019-10-15T14:37:21.000+02:00
Improve key conversion tool
diff --git a/src/cryptojwt/tools/keyconv.py b/src/cryptojwt/tools/keyconv.py
@@ -25,7 +25,7 @@ def jwk_from_file(filename: str, private: bool = True) -> JWK:
     return key_from_jwk_dict(jwk_dict, private=private)
 
 
-def pem2rsa(filename: str, kid: str = None, private: bool = False, passphrase: str = None) -> JWK:
+def pem2rsa(filename: str, kid: Optional[str] = None, private: bool = False, passphrase: Optional[str] = None) -> JWK:
     """Convert RSA key from PEM to JWK"""
     if private:
         key = import_private_rsa_key_from_file(filename, passphrase)
@@ -36,7 +36,7 @@ def pem2rsa(filename: str, kid: str = None, private: bool = False, passphrase: s
     return jwk
 
 
-def pem2ec(filename: str, kid: str = None, private: bool = False, passphrase: str = None) -> JWK:
+def pem2ec(filename: str, kid: Optional[str] = None, private: bool = False, passphrase: Optional[str] = None) -> JWK:
     """Convert EC key from PEM to JWK"""
     if private:
         key = import_private_key_from_file(filename, passphrase)
@@ -54,20 +54,35 @@ def bin2jwk(filename: str, kid: str) -> bytes:
     return SYMKey(kid=kid, key=content)
 
 
-def pem2jwk(filename: str, kid: str, private: bool = False) -> JWK:
+def pem2jwk(filename: str, kid: Optional[str] = None, kty: Optional[str] = None, private: bool = False, passphrase: Optional[str] = None) -> JWK:
     """Read PEM from filename and return JWK"""
     with open(filename, 'rt') as file:
         content = file.readlines()
     header = content[0]
 
     if private:
-        passphrase = getpass('Private key passphrase: ')
+        if passphrase is None:
+            passphrase = getpass('Private key passphrase: ')
         if len(passphrase) == 0:
             passphrase = None
     else:
         passphrase = None
 
-    if 'BEGIN EC PRIVATE KEY' in header:
+    if 'BEGIN PUBLIC KEY' in header:
+        if kty is not None and kty == 'EC':
+            jwk = pem2ec(filename, kid, private=False)
+        elif kty is not None and kty == 'RSA':
+            jwk = pem2rsa(filename, kid, private=False)
+        else:
+            raise ValueError("Unknown key type")
+    elif 'BEGIN PRIVATE KEY' in header:
+        if kty is not None and kty == 'EC':
+            jwk = pem2ec(filename, kid, private=True, passphrase=passphrase)
+        elif kty is not None and kty == 'RSA':
+            jwk = pem2rsa(filename, kid, private=True, passphrase=passphrase)
+        else:
+            raise ValueError("Unknown key type")
+    elif 'BEGIN EC PRIVATE KEY' in header:
         jwk = pem2ec(filename, kid, private=True, passphrase=passphrase)
     elif 'BEGIN EC PUBLIC KEY' in header:
         jwk = pem2ec(filename, kid, private=False)
@@ -81,18 +96,22 @@ def pem2jwk(filename: str, kid: str, private: bool = False) -> JWK:
     return jwk
 
 
-def export_jwk(jwk: JWK, private: bool = False) -> bytes:
+def export_jwk(jwk: JWK, private: bool = False, encrypt: bool = False, passphrase: Optional[str] = None) -> bytes:
     """Export JWK as PEM/bin"""
 
     if jwk.kty == 'oct':
         return jwk.key
 
     if private:
-        passphrase = getpass('Private key passphrase: ')
+        if encrypt:
+            if passphrase is None:
+                passphrase = getpass('Private key passphrase: ')
+        else:
+            passphrase = None
         if passphrase:
             enc = serialization.BestAvailableEncryption(passphrase.encode())
         else:
-            enc = serialization.NoEncryption
+            enc = serialization.NoEncryption()
         serialized = jwk.priv_key.private_bytes(
             encoding=serialization.Encoding.PEM,
             format=serialization.PrivateFormat.PKCS8,
@@ -134,10 +153,18 @@ def main():
                         dest='kid',
                         metavar='key_id',
                         help='Key ID')
+    parser.add_argument('--kty',
+                        dest='kty',
+                        metavar='type',
+                        help='Key type')
     parser.add_argument('--private',
                         dest='private',
                         action='store_true',
                         help="Output private key")
+    parser.add_argument('--encrypt',
+                        dest='encrypt',
+                        action='store_true',
+                        help="Encrypt private key")
     parser.add_argument('--output',
                         dest='output',
                         metavar='filename',
@@ -149,13 +176,13 @@ def main():
 
     if f.endswith('.json'):
         jwk = jwk_from_file(f, args.private)
-        serialized = export_jwk(jwk, args.private)
+        serialized = export_jwk(jwk, private=args.private, encrypt=args.encrypt)
         output_bytes(data=serialized, binary=(jwk.kty == 'oct'), filename=args.output)
     elif f.endswith('.bin'):
-        jwk = bin2jwk(f, args.kid)
+        jwk = bin2jwk(filename=f, kid=args.kid)
         output_jwk(jwk=jwk, private=True, filename=args.output)
     elif f.endswith('.pem'):
-        jwk = pem2jwk(f, args.kid, args.private)
+        jwk = pem2jwk(filename=f, kid=args.kid, private=args.private, kty=args.kty)
         output_jwk(jwk=jwk, private=args.private, filename=args.output)
     else:
         exit(-1)
diff --git a/tests/test_30_tools.py b/tests/test_30_tools.py
@@ -0,0 +1,58 @@
+import uuid
+import os
+import pytest
+import json
+
+from cryptojwt.jwk import JWK
+from cryptojwt.jwk.rsa import import_private_rsa_key_from_file, import_public_rsa_key_from_file
+from cryptojwt.jwk.ec import import_private_key_from_file, import_public_key_from_file
+import cryptojwt.tools.keyconv as keyconv
+from cryptojwt.jwx import key_from_jwk_dict
+
+
+BASEDIR = os.path.abspath(os.path.dirname(__file__))
+
+import test_vector
+
+
+
+def jwk_from_file(filename: str, private: bool = True) -> JWK:
+    """Read JWK from file"""
+    with open(filename, mode='rt') as input_file:
+        jwk_dict = json.loads(input_file.read())
+    return key_from_jwk_dict(jwk_dict, private=private)
+
+
+def convert_rsa_pem2jwt(filename_jwk: str, filename_pem: str, private: bool):
+    k1 = jwk_from_file(filename=filename_jwk, private=private)
+    k2 = keyconv.pem2jwk(filename=filename_pem, kid=k1.kid, kty='RSA', private=private, passphrase='')
+    if k1 != k2:
+        raise Exception("Keys differ")
+
+def convert_ec_pem2jwt(filename_jwk: str, filename_pem: str, private: bool):
+    k1 = jwk_from_file(filename=filename_jwk, private=private)
+    k2 = keyconv.pem2jwk(filename=filename_pem, kid=k1.kid, kty='EC', private=private, passphrase='')
+    if k1 != k2:
+        raise Exception("Keys differ")
+
+def test_pem2rsa_public():
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1024.json', BASEDIR+'/test_keys/rsa-1024-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1280.json', BASEDIR+'/test_keys/rsa-1280-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-2048.json', BASEDIR+'/test_keys/rsa-2048-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-3072.json', BASEDIR+'/test_keys/rsa-3072-public.pem', private=False)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-4096.json', BASEDIR+'/test_keys/rsa-4096-public.pem', private=False)
+
+def test_pem2rsa_private():
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1024.json', BASEDIR+'/test_keys/rsa-1024-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-1280.json', BASEDIR+'/test_keys/rsa-1280-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-2048.json', BASEDIR+'/test_keys/rsa-2048-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-3072.json', BASEDIR+'/test_keys/rsa-3072-private.pem', private=True)
+    convert_rsa_pem2jwt(BASEDIR+'/test_keys/rsa-4096.json', BASEDIR+'/test_keys/rsa-4096-private.pem', private=True)
+
+def test_pem2ec_public():
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p256.json', BASEDIR+'/test_keys/ec-p256-public.pem', private=False)
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p384.json', BASEDIR+'/test_keys/ec-p384-public.pem', private=False)
+
+def test_pem2ec_private():
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p256.json', BASEDIR+'/test_keys/ec-p256-private.pem', private=True)
+    convert_ec_pem2jwt(BASEDIR+'/test_keys/ec-p384.json', BASEDIR+'/test_keys/ec-p384-private.pem', private=True)
diff --git a/tests/test_keys/ec-p256-private.pem b/tests/test_keys/ec-p256-private.pem
@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgrp4E4eaFhHonpP/U
+8QRaFDTvCGy8mQrSfQod+QxmViehRANCAAQE1WQ7bdvJIkUESD9hc3GUv1+QGt+A
+cKvuzxfjPRqqzLtvlU5nUKOM2rgLCMVP0hiu4wtgREKUYLybH1UPwEuv
+-----END PRIVATE KEY-----
+
diff --git a/tests/test_keys/ec-p256-public.pem b/tests/test_keys/ec-p256-public.pem
@@ -0,0 +1,5 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBNVkO23bySJFBEg/YXNxlL9fkBrf
+gHCr7s8X4z0aqsy7b5VOZ1CjjNq4CwjFT9IYruMLYERClGC8mx9VD8BLrw==
+-----END PUBLIC KEY-----
+
diff --git a/tests/test_keys/ec-p256.json b/tests/test_keys/ec-p256.json
@@ -0,0 +1,8 @@
+{
+    "crv": "P-256",
+    "d": "rp4E4eaFhHonpP_U8QRaFDTvCGy8mQrSfQod-QxmVic",
+    "kid": "dHNuMWxLYnlrSjgxMk8wdVEwWVd3Z1o1UUNsbnNTVkZxcDdDUzFUaXhWTQ",
+    "kty": "EC",
+    "x": "BNVkO23bySJFBEg_YXNxlL9fkBrfgHCr7s8X4z0aqsw",
+    "y": "u2-VTmdQo4zauAsIxU_SGK7jC2BEQpRgvJsfVQ_AS68"
+}
diff --git a/tests/test_keys/ec-p384-private.pem b/tests/test_keys/ec-p384-private.pem
@@ -0,0 +1,7 @@
+-----BEGIN PRIVATE KEY-----
+MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCUwKlpiMoGAPaoSfl5
+iVTFrhF1hVzR57YiMld16H7HcMzv6HNF/nHkiaITetKxCaKhZANiAATpTb3pcZ+C
+E9WYGiBho6391NUd5wx15qhGTWT0/2hl2DEvfxHEN/rXJUbG+mzCpvDSvz5IfDDF
+ryLtXb3fgSYxGA8VLPC24wT0PImF5L7u3Z4vjSmO38qkrIwBMkUKyTU=
+-----END PRIVATE KEY-----
+
diff --git a/tests/test_keys/ec-p384-public.pem b/tests/test_keys/ec-p384-public.pem
@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE6U296XGfghPVmBogYaOt/dTVHecMdeao
+Rk1k9P9oZdgxL38RxDf61yVGxvpswqbw0r8+SHwwxa8i7V2934EmMRgPFSzwtuME
+9DyJheS+7t2eL40pjt/KpKyMATJFCsk1
+-----END PUBLIC KEY-----
+
diff --git a/tests/test_keys/ec-p384.json b/tests/test_keys/ec-p384.json
@@ -0,0 +1,8 @@
+{
+    "crv": "P-384",
+    "d": "lMCpaYjKBgD2qEn5eYlUxa4RdYVc0ee2IjJXdeh-x3DM7-hzRf5x5ImiE3rSsQmi",
+    "kid": "UDdTWUdvVFZhR0RNVXFUV1pDWEJqT1pwN1BGSnpQSC1LNUMtNE5CUjBhaw",
+    "kty": "EC",
+    "x": "6U296XGfghPVmBogYaOt_dTVHecMdeaoRk1k9P9oZdgxL38RxDf61yVGxvpswqbw",
+    "y": "0r8-SHwwxa8i7V2934EmMRgPFSzwtuME9DyJheS-7t2eL40pjt_KpKyMATJFCsk1"
+}
diff --git a/tests/test_keys/rsa-1024-private.pem b/tests/test_keys/rsa-1024-private.pem
@@ -0,0 +1,17 @@
+-----BEGIN PRIVATE KEY-----
+MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAN8MXPfNgdWPVofE
+OvRbhumygi+ttUEZ/Y+Ts/CIoB6neeSjQJZ2zgxQhGWKgKKKATopKPZ4TFK00AUN
+/eNyM59ikRWRpSzIabByUpfEA81EyvoYAl4qVsmpOzl5h3m2kGN15bauOQP9bpHv
+vOn4S25TiNj/NHZhZ6oHoZ1Od24rAgMBAAECgYEA0wOOPH12lETL9xuFLsIcS6Eu
+ms66yIE/KgLxW+DVosqMfeqYYwC4hFv0NWAnvB3VdWGVOD+s7R3UIsQO6ouTGzTT
+Jgye2gg9YbZbB2+STV9cbeUwTCI4ILzsTp8LVHpZTmAXWvp+ui4S+mL78rT3O+pV
+T1BQBwPMqvGOyoBuOTECQQD7xr1Lieex4a0Wi3WeW3ck1GCtIEU0MgIeZLTwc1Y+
+rhem0IQsx4axnV7His+iGikQm20i2EX9AOg2dFRRbJpjAkEA4spAGHgvd+cqUxus
+wQX7SfwNdrMSRko5qJIJXOL0zuUBgJ33APSLTWw2MSRND7cj7yh1b/o8eWkvnRZD
+AkADmQJBAMz29ZNRKPV+qtH3pkDMZSnuWuWVp8DeFSt5AHPe8Q8F2utKRM/Pfq+J
+VWdMccudUGDcpvP+7LsSyffKq/m9V9ECQE6xBtR2v2HHYDQ+Ig9H2A2v26wYLnsd
+Pixzn7QPPAqeA4txREeckslmhtc+VU7iqSFO1JDqLxmhmdfT5aReOeECQGKfe9gJ
+oiTy02VzeMQ/2FSdkHG7ZjZYl1+rwA1Y+2eKstg88xpk456ePp4PBJ5MQLEQKvyq
+wXuCdEjuK8ipOaQ=
+-----END PRIVATE KEY-----
+
diff --git a/tests/test_keys/rsa-1024-public.pem b/tests/test_keys/rsa-1024-public.pem
@@ -0,0 +1,7 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfDFz3zYHVj1aHxDr0W4bpsoIv
+rbVBGf2Pk7PwiKAep3nko0CWds4MUIRlioCiigE6KSj2eExStNAFDf3jcjOfYpEV
+kaUsyGmwclKXxAPNRMr6GAJeKlbJqTs5eYd5tpBjdeW2rjkD/W6R77zp+EtuU4jY
+/zR2YWeqB6GdTnduKwIDAQAB
+-----END PUBLIC KEY-----
+
diff --git a/tests/test_keys/rsa-1024.json b/tests/test_keys/rsa-1024.json
@@ -0,0 +1,9 @@
+{
+    "d": "0wOOPH12lETL9xuFLsIcS6Eums66yIE_KgLxW-DVosqMfeqYYwC4hFv0NWAnvB3VdWGVOD-s7R3UIsQO6ouTGzTTJgye2gg9YbZbB2-STV9cbeUwTCI4ILzsTp8LVHpZTmAXWvp-ui4S-mL78rT3O-pVT1BQBwPMqvGOyoBuOTE",
+    "e": "AQAB",
+    "kid": "TEM0dms2Q0dTeDYzSkUzaVludkZQVEdLb0M1UXhHSkpaRWlvWUhHRFlZUQ",
+    "kty": "RSA",
+    "n": "3wxc982B1Y9Wh8Q69FuG6bKCL621QRn9j5Oz8IigHqd55KNAlnbODFCEZYqAoooBOiko9nhMUrTQBQ3943Izn2KRFZGlLMhpsHJSl8QDzUTK-hgCXipWyak7OXmHebaQY3Xltq45A_1uke-86fhLblOI2P80dmFnqgehnU53bis",
+    "p": "-8a9S4nnseGtFot1nlt3JNRgrSBFNDICHmS08HNWPq4XptCELMeGsZ1ex4rPohopEJttIthF_QDoNnRUUWyaYw",
+    "q": "4spAGHgvd-cqUxuswQX7SfwNdrMSRko5qJIJXOL0zuUBgJ33APSLTWw2MSRND7cj7yh1b_o8eWkvnRZDAkADmQ"
+}
diff --git a/tests/test_keys/rsa-1280-private.pem b/tests/test_keys/rsa-1280-private.pem
@@ -0,0 +1,20 @@
+-----BEGIN PRIVATE KEY-----
+MIIDBgIBADANBgkqhkiG9w0BAQEFAASCAvAwggLsAgEAAoGhANYLX9BYqOdar4wj
+xVV0Ym01FJUxNDxUPz+RPk4XW5/z+Ds9fzsV9JInCEgKAP+NnnDmPBj1Q2eAw8so
+QTzXDkpGv3bzkPy5l5+M527x6vb1M6P96PnyLrMZc84A1gQ19zIfPPcn4T4G2KUg
+wSQFnl141/3z3lBTuyxILJJnwtUUrlZ3nAo5KzKot9nVZqHNpCbyVGJJuB/R1yov
+PQfvLn0CAwEAAQKBoD9QmgUNVNkq0CbKJgNDLCJVw0LmjScTXKo3EpETA71q85DC
+fjJCKlhZR2/X1bfCco2+7SQM2OVzB3e+7p1KmCWMi/Jp1geL9rfxfDwrP2/RSeKc
+BoY/+XaE34DJHBZ1PuE0KDQ6e3z8L2W8BjhHjzNtLmG3H4M6qruSTJMahqfXFGab
+nT5JGI295Vs51f8d5OuQgYzIoAdrN84OVLYvztkCUQDy1nnZTv4DpGj3LlHipEmS
+cj8V5ThnvMuIlHHYwy3SJvmuxth8reNc+1yWWn94+bEA5hjLbBwfr5LcDG9pOdNL
+JoB1QJkzwS6rHrE3xepOdwJRAOGlX2NVZw8btJtKjaKW+OvINS1FgbcMjZPPWbvE
+NA66i7VrHcuCxR7oWyuonTtujcyv419sFj8ODZqbCyxg3/Z4W4NqjfzGpzJd3aTa
+AaOrAlBvHMnmL+m0eu74Yv5eyLNNSe8pspdriAxNMzcgarY1mVXXre5yphIJgo4r
+0b7P+NgPxDkGIzJ/IRP+kcYMjMPsd/KBNAyljLgw3jtSfMGoIwJQTZQRy5EdMbCQ
+06M6NuA5DLd0sO/ovQpv0pXDgC7gxv+T8Pe28rUvGIVCcywxgrFrxyfhwHjk3SDz
+xGfx23wjBBY1QGVuE64o5cQn4/mf/qkCUQDpjF2GH+EqEinqTGAHlcEpKomp8cXH
+ZxVZ7l9KB3sk17aN58GUnuPaIda4D9dbqQjAzqRx6OcQf80oxEE4XUP6nbXkHHZO
+0lakd66lHnHikQ==
+-----END PRIVATE KEY-----
+
diff --git a/tests/test_keys/rsa-1280-public.pem b/tests/test_keys/rsa-1280-public.pem
@@ -0,0 +1,8 @@
+-----BEGIN PUBLIC KEY-----
+MIG/MA0GCSqGSIb3DQEBAQUAA4GtADCBqQKBoQDWC1/QWKjnWq+MI8VVdGJtNRSV
+MTQ8VD8/kT5OF1uf8/g7PX87FfSSJwhICgD/jZ5w5jwY9UNngMPLKEE81w5KRr92
+85D8uZefjOdu8er29TOj/ej58i6zGXPOANYENfcyHzz3J+E+BtilIMEkBZ5deNf9
+895QU7ssSCySZ8LVFK5Wd5wKOSsyqLfZ1WahzaQm8lRiSbgf0dcqLz0H7y59AgMB
+AAE=
+-----END PUBLIC KEY-----
+
diff --git a/tests/test_keys/rsa-1280.json b/tests/test_keys/rsa-1280.json
@@ -0,0 +1,9 @@
+{
+    "d": "P1CaBQ1U2SrQJsomA0MsIlXDQuaNJxNcqjcSkRMDvWrzkMJ-MkIqWFlHb9fVt8Jyjb7tJAzY5XMHd77unUqYJYyL8mnWB4v2t_F8PCs_b9FJ4pwGhj_5doTfgMkcFnU-4TQoNDp7fPwvZbwGOEePM20uYbcfgzqqu5JMkxqGp9cUZpudPkkYjb3lWznV_x3k65CBjMigB2s3zg5Uti_O2Q",
+    "e": "AQAB",
+    "kid": "RU0wODlEMU9QRTZrSG4yTzl1ZzJKLWg4d3M4cW9yMlVCRlRLcVpiQk1fRQ",
+    "kty": "RSA",
+    "n": "1gtf0Fio51qvjCPFVXRibTUUlTE0PFQ_P5E-Thdbn_P4Oz1_OxX0kicISAoA_42ecOY8GPVDZ4DDyyhBPNcOSka_dvOQ_LmXn4znbvHq9vUzo_3o-fIusxlzzgDWBDX3Mh889yfhPgbYpSDBJAWeXXjX_fPeUFO7LEgskmfC1RSuVnecCjkrMqi32dVmoc2kJvJUYkm4H9HXKi89B-8ufQ",
+    "p": "8tZ52U7-A6Ro9y5R4qRJknI_FeU4Z7zLiJRx2MMt0ib5rsbYfK3jXPtcllp_ePmxAOYYy2wcH6-S3AxvaTnTSyaAdUCZM8Euqx6xN8XqTnc",
+    "q": "4aVfY1VnDxu0m0qNopb468g1LUWBtwyNk89Zu8Q0DrqLtWsdy4LFHuhbK6idO26NzK_jX2wWPw4NmpsLLGDf9nhbg2qN_ManMl3dpNoBo6s"
+}
diff --git a/tests/test_keys/rsa-2048-private.pem b/tests/test_keys/rsa-2048-private.pem
@@ -0,0 +1,29 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCidoXtTB20jRA4
+QRhmDdAY4ZzWhxdy/zIrH4OXIG6ugYwf9zi6RkkEd9o5BvCbKESWQ1FYxLeNkRO3
+sRBNbsP0C3nC/IBoNi48y+5ZrHD7wgxFiO+5nyGHBIeKtta27LRsjr7JoHajdM8u
+EyJF+IFsrr26/5rJfLNW7mqOH+LSfPRmEaZZ9xfnpC1i4q5tytgFfeJs1LK2zaRo
+AoxBds4mdRF6x0zZN+yd5MeOHVcjpNm7xRiCEdKvlBE3BICvg2A3NhVTdc+Cb2fh
+CgB4kXLGRw23CmzN4pHiFh55iZ1XqO3eQdk39UL5b9eqoH2wmn2rbSYEUpp13Gv8
+WFoTLgl9AgMBAAECggEASc7q/WnNPQ+xRL1eJk80MXmeVWA+aQJDeo/wqqITZrh4
+PrWEUixIU/1XaP0cJoFe151xwZBti6VTfeq1a1hdMexcvxcUB0RGMVy8xoSvN9Fq
+3dRehMgk5UBLi9uRJL3ZIlCfoN6Dx7LzxQzwTzWdJxEkJWamnc9HcsESK8uUsudU
+fpb8pKoQmDkAepG6Se6qfySOUgWtrz9XwdEtPH/GgRWGc6N0X9ifCQoM+8uEOi/8
+ND9TBxSTgtGHPMXcN9I1rHOPP9oVxXQa3RgQ+zvB/UC7WV+DROAb20fKljGVJXPG
+6OMF6FdWFeqDaMBlEyUE0rpv3w7I0oms0k/5LpGLwQKBgQDTMg/7AmbbYTZ5eCYF
+v8C0ERE92DKijPO1+NClBG0tBkzeUzZ5oSjRsnqK0XZ6Q4n794Srl8RCmHTVEw07
+gKYbMlizhQcsqPc/OJ6ogULHzXw6oEHprN9l7C7ATIGj/h5pAAx0AdyqMRXN2qdz
+Oa5aADuK8WM4tgoqKnNwKVVg9QKBgQDE7dDoTjyrUV1PDDLxu3YuOPoEfwAPZh18
+leDdnICVi5B25cqART1sllpqoostPGDD+GUGdOzP14WAFIOmzwazGnysUpc9WB7b
+LbvJbsNVaXkNKOIp18dxZ3QRg+wR+6i2YyuWMQwBaSpgUM76/e3Xj3rW2jL7LgKn
+Gw6nPTURaQKBgEx6MHdA42ZFyagq7fne+jU6iPfQNmXOjOI0e7mF5NMNGQDZOTzK
+MzHcY6upNjIICwuHEi/hAVzsQEJ4Z65IY94tWRmI7pQpi38FTc7PIBOiQX4pUjUA
+ONV7tWJFUhzEhNaZAelwUyv+Ilss9r4vAQfuVaF2z+tVYFDslmjjTtuRAoGBALzX
+ySNcEzW9+pqY+ilxOO0uWiMBno8lv1T/bPlW4L+HbGt4BG5o93Qv4lirsocYhTqn
+8kj0yzqsVCr0gSLvGF+cIL4nHT0ISd6oxpFtlAdN83U5JVg2wdzv9g/tz+2WxLzR
+8LRAKGEZ9jcShsmNxAyYXJW3/Hd+MbEJc03QlhkxAoGAcjE1yQuFWEeXcWyH0C0F
+d2oejX6A2HSlnsCf1QHOzxpp1j05ZC6JrSFqxZEmNNeqYcahjdBjYXQYd0MaGqIu
+42Bj0JRO2Z3K1Udlb0shIt3fCEuTCoOQLPwmHm0cqP97A21ISLfg7BPiI25nbE7V
+Ip9YGido3N9hQycoqkETeYI=
+-----END PRIVATE KEY-----
+
diff --git a/tests/test_keys/rsa-2048-public.pem b/tests/test_keys/rsa-2048-public.pem
@@ -0,0 +1,10 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonaF7UwdtI0QOEEYZg3Q
+GOGc1ocXcv8yKx+DlyBuroGMH/c4ukZJBHfaOQbwmyhElkNRWMS3jZETt7EQTW7D
+9At5wvyAaDYuPMvuWaxw+8IMRYjvuZ8hhwSHirbWtuy0bI6+yaB2o3TPLhMiRfiB
+bK69uv+ayXyzVu5qjh/i0nz0ZhGmWfcX56QtYuKubcrYBX3ibNSyts2kaAKMQXbO
+JnUResdM2TfsneTHjh1XI6TZu8UYghHSr5QRNwSAr4NgNzYVU3XPgm9n4QoAeJFy
+xkcNtwpszeKR4hYeeYmdV6jt3kHZN/VC+W/XqqB9sJp9q20mBFKaddxr/FhaEy4J
+fQIDAQAB
+-----END PUBLIC KEY-----
+
diff --git a/tests/test_keys/rsa-2048.json b/tests/test_keys/rsa-2048.json
@@ -0,0 +1,9 @@
+{
+    "d": "Sc7q_WnNPQ-xRL1eJk80MXmeVWA-aQJDeo_wqqITZrh4PrWEUixIU_1XaP0cJoFe151xwZBti6VTfeq1a1hdMexcvxcUB0RGMVy8xoSvN9Fq3dRehMgk5UBLi9uRJL3ZIlCfoN6Dx7LzxQzwTzWdJxEkJWamnc9HcsESK8uUsudUfpb8pKoQmDkAepG6Se6qfySOUgWtrz9XwdEtPH_GgRWGc6N0X9ifCQoM-8uEOi_8ND9TBxSTgtGHPMXcN9I1rHOPP9oVxXQa3RgQ-zvB_UC7WV-DROAb20fKljGVJXPG6OMF6FdWFeqDaMBlEyUE0rpv3w7I0oms0k_5LpGLwQ",
+    "e": "AQAB",
+    "kid": "cHZ5d3dhZ1NOSXpsZDNBa1AxZmRaS0VxbVE3cTBzVDlUZFB1WkpKdWV5NA",
+    "kty": "RSA",
+    "n": "onaF7UwdtI0QOEEYZg3QGOGc1ocXcv8yKx-DlyBuroGMH_c4ukZJBHfaOQbwmyhElkNRWMS3jZETt7EQTW7D9At5wvyAaDYuPMvuWaxw-8IMRYjvuZ8hhwSHirbWtuy0bI6-yaB2o3TPLhMiRfiBbK69uv-ayXyzVu5qjh_i0nz0ZhGmWfcX56QtYuKubcrYBX3ibNSyts2kaAKMQXbOJnUResdM2TfsneTHjh1XI6TZu8UYghHSr5QRNwSAr4NgNzYVU3XPgm9n4QoAeJFyxkcNtwpszeKR4hYeeYmdV6jt3kHZN_VC-W_XqqB9sJp9q20mBFKaddxr_FhaEy4JfQ",
+    "p": "0zIP-wJm22E2eXgmBb_AtBERPdgyoozztfjQpQRtLQZM3lM2eaEo0bJ6itF2ekOJ-_eEq5fEQph01RMNO4CmGzJYs4UHLKj3PzieqIFCx818OqBB6azfZewuwEyBo_4eaQAMdAHcqjEVzdqnczmuWgA7ivFjOLYKKipzcClVYPU",
+    "q": "xO3Q6E48q1FdTwwy8bt2Ljj6BH8AD2YdfJXg3ZyAlYuQduXKgEU9bJZaaqKLLTxgw_hlBnTsz9eFgBSDps8Gsxp8rFKXPVge2y27yW7DVWl5DSjiKdfHcWd0EYPsEfuotmMrljEMAWkqYFDO-v3t14961toy-y4CpxsOpz01EWk"
+}
diff --git a/tests/test_keys/rsa-3072-private.pem b/tests/test_keys/rsa-3072-private.pem
@@ -0,0 +1,41 @@
+-----BEGIN PRIVATE KEY-----
+MIIG/gIBADANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQDFSZh8X1C+hqee
+A2deYBacQ9swp0ac6P0WOgp9mtTqd80nRSnn1kDfxzy9l6/czU37GYaLqm7K5Jje
+GJIPbYpkzt3Pi6aKvV+6sHz+yLNBFVs3AjLGAUCDEaOzfvkgHNjzVG1IZYRaAOfQ
+Nxw8LXLtO+GaPMSCl2bGrYS2dsEyg9ZfWJNIMUtqqEbHL3Fk1gg/1HFnMdXxxC7l
+FwezRtx25ldFdBGRVNjUMCJOD37WN6DOMZB2EoGupR3yxQ2xKnbk8NnMXhrCDCAX
+5UJtTkITtO9zN1xYet7TZ4Ym8O2dUElMiVAJf8RiPjgMzdp+DOLSIX6fGNS8k6ax
+FwFcc8q0PznJUL1JJYT+S70jAJ9Dhqe9RpgXUKAMDZa4nHgjereIq2FqbX72rmzl
+e31I7wdVnhpHbqPp4/ad3Mgt+Pn6TDdA6QI+MhYhIC0cGvzc+c2W+qjF0SU3e18U
+t/HFJ/z/Goa1uyJxX9k6GftueLu+rzgml0oIP0fF4K+csjBDK/kCAwEAAQKCAYAD
+mOrx4Z8MSlJGHFPHMcNXyBj4EyTDebAbtqU4UxlsyRBxld5EvvBh5DUkU96+DPRO
+DtIYO9xXUMHE0vfe1iV+3xLGVQqNXxSex9cPokM6fZQzNZQNbjpp6WltvXP3dO8z
+yKdReaBnL7sKXebi5gVBdCUR9eezZeVW3BUeap3tOOAwzuGooFV6tWTM/v13VDvE
+RjBnLE51YRllzfyy9SjR9jNDLfGgD8cAX3xQphGvAEarW9YBgSbiM1qPca5lO5v1
+Lg9xXgMnKeOhpQoI2BlSPdl2uDEFm7mbDeVccIJMiflULm4uJJXz4LdvtBLXovUx
+sYu97/Hu9uII4FErlvT2hPpTKfh4v0ORhH8VAbP8Eg3I7DUhnQzVyTTm5pebVE/g
+b9XGoXuvBrBIyHArGh6qNSkdz8wJFRz4UYh0cKYXkvJ0NDq20PONQUFYaO28knpW
+X9S5uczx61L6tCprSLfKVoWlMKHySjKgWjGXaB3mgLBz5eL7YyIO3k/YL/fkO30C
+gcEA7B8QtdrdMXQ2qoDj+DLnNoVjsORjjkoKG3+KkG/o2Uxl0mPbeF0+WQRApiPx
+2DNuOzwbnc6qkzvbBAOx9idNpLwsuKMtWv4jdl7VyJ9RTfV9LJdNiFJ7P3USUV0B
+jelv/tRtktvwBwWdhxMETNytTYhtUCORJY8VpR7yuUmihumAClmBZjmzOPFhkLJ9
+F/9M2wi0Z2MF0JOR0yhMmTpsZhxOmcxmm+QqpexD3viCrN6MXEpdUEcdisaKq6F+
+ONHPAoHBANXlkznDLr7bb9jKMexm8PakXLjB/wuVeKYEmZ1jFUA1MFnZirk+x+sX
+aKL3V3b6DdXvJdjeOPZlgZsBTiJcpruMS82P3OXbDIeygXzqoA5otWN8FGXSj036
+sxThGFd1maQJdtk6FjfGF60WphITQi6uxxuEFxPHDMuldeqzgxrm4xjZ23OR6FNW
+TF24KOaQ6KpXsMS3rDVck5+TQr7bjcz7puz1IZucefnCnbmNOZRd2wIkCIJjZZI2
+e894ytj/twKBwBnK/vFOmjEHx9zyPXTkYptzEMPG/xURA2+jjAhhISdzj//ehp/s
+V54zt7guXwHGBHmWBFJFvB5fQHp8yNjhzDp9j8kPkinJbyhEDchflusUMPtI/+Av
+WmVBLaITrdLJuEE3BU0wl1S9CUszCZo31PqON5q0d+uJaMzjx5Hz+DwSj7kRs+/t
+x6UlwQmkZcPUUJnwpnxQtdbl990AHvXyCttQpkloqaDH2NzNJVDbBrNJkD2Ypf7Z
+9eEt9QHwnzAnwwKBwQCEgiyq5BfZdOfdTaWP5lXw9fHbI5N1Aaw0bTUdI3zOwiSq
+BPLDv/jp0x6nlsNAmbhoiDbSGxj+y/N2q2BUOUGxfkCXoEAgxYsFpbhCQrfVNVjp
+wLyCN+c/T8gRb0E9LUV5McPG3w1UkAuq1xUarYOal/wRN8t0HSP4JRDfzUWzLMYT
+ZyNkfUeIGTZF+QidjbgVjy2bMI4moKtzeC8pPaqjCmNm+JVRaabG66H6iVraZyp+
+MQR0gk8yPT6GUTaZKBECgcEAl3/CMQlhqsfZkDEIiq0At4/RWFjCYKRptkvc7NIy
+kgW+6uqke4yB603Gj3m1eqxS2bV3BcR7+ZaR5hcu46dTv/p2MZ+LnS3MMhc+43YK
+/w8aEPAtSSyEv/7RQrlILcL1d1SWKedZTr0vAWvCbrSD1Qawa3o32bI+FAoBa3Sg
+1H60+frQ79QUAiKJm73U6o9al7NZBaTJZrAwfJGygOucprd0RmreCg4LtbSL3nt0
+wWHrbeVLAmn0Dlw2zyBc47B9
+-----END PRIVATE KEY-----
+
diff --git a/tests/test_keys/rsa-3072-public.pem b/tests/test_keys/rsa-3072-public.pem
diff --git a/tests/test_keys/rsa-3072.json b/tests/test_keys/rsa-3072.json
diff --git a/tests/test_keys/rsa-4096-private.pem b/tests/test_keys/rsa-4096-private.pem
diff --git a/tests/test_keys/rsa-4096-public.pem b/tests/test_keys/rsa-4096-public.pem
diff --git a/tests/test_keys/rsa-4096.json b/tests/test_keys/rsa-4096.json
